22c31d8d94
The main security vulnerabilities addressed in 1.3.33 are:
* CAN-2004-0940 (cve.mitre.org)
Fix potential buffer overflow with escaped characters in SSI tag string.
* CAN-2004-0492 (cve.mitre.org)
Reject responses from a remote server if sent an invalid
(negative) Content-Length.
New features
* Win32: Improve error reporting after a failed attempt to
spawn a piped log process or rewrite map process.
* Added new compile-time flag: UCN_OFF_HONOR_PHYSICAL_PORT. It
controls how UseCanonicalName Off determines the port value if
the client doesn't provide one in the Host header. If defined
during compilation, UseCanonicalName Off will use the physical
port number to generate the canonical name. If not defined, it
tries the current Port value followed by the default port for
the current scheme.
The following bugs were found in Apache 1.3.31 (or earlier) and
have been fixed in Apache 1.3.33:
* mod_rewrite: Fix query string handling for proxied URLs. PR 14518.
* mod_rewrite: Fix 0 bytes write into random memory position. PR 31036.
* mod_digest: Fix nonce string calculation since 1.3.31 which
would force re-authentication for every connection if
AuthDigestRealmSeed was not configured. PR 30920.
* Fix trivial bug in mod_log_forensic that caused the child to
seg fault when certain invalid requests were fired at it with
forensic logging is enabled. PR 29313.
* No longer breaks mod_dav, frontpage and others. Repair a
patch in 1.3.31 which prevented discarding the request body
for requests that will be keptalive but are not currently
keptalive. PR 29237.
37 lines
1.4 KiB
Text
37 lines
1.4 KiB
Text
$NetBSD: patch-aj,v 1.8 2004/10/29 13:48:31 abs Exp $
|
|
|
|
--- htdocs/index.html.fr.orig 2001-06-27 09:38:39.000000000 +0100
|
|
+++ htdocs/index.html.fr
|
|
@@ -36,12 +36,28 @@ site et ne peut intervenir sur sa config
|
|
<hr width="50%" size="8">
|
|
|
|
<p>La <a href="manual/">documentation</a> Apache est incluse dans cette
|
|
-distribution.</p>
|
|
+distribution. Si l'extension SSL <STRONG>mod_ssl</STRONG> a \xe9t\xe9
|
|
+install\xe9e, lisez alors attentivement la
|
|
+<a href="manual/mod/mod_ssl/index.html">documentation SSL</a>.</p>
|
|
+
|
|
+<p>Des informations sur le syst\xe8me d'exploitation multi-plateforme NetBSD
|
|
+peuvent être trouv\xe9es sur
|
|
+<a href="http://www.netbsd.org/">la homepage du projet NetBSD</a>.</p>
|
|
+
|
|
+<p>Le webmaster de ce site peut librement utiliser les images ci-dessous sur u
|
|
|
|
-<p>Le webmaster de ce site peut librement utiliser l'image ci-dessous sur un
|
|
-site web utilisant le logiciel Apache. Merci d'avoir choisi Apache !</p>
|
|
+site web utilisant les logiciels Apache et NetBSD. Merci d'avoir choisi
|
|
+<a href="http://www.apache.org/">Apache</a> sur
|
|
+<a href="http://www.netbsd.org/">NetBSD</a> !</p>
|
|
|
|
-<div align="CENTER"><img src="apache_pb.gif" alt=""></div>
|
|
+<div align="CENTER">
|
|
+ <a href="http://www.apache.org/">
|
|
+ <img src="apache_pb.gif" BORDER="0" alt="Powered by Apache">
|
|
+ </a>
|
|
+ <a href="http://www.netbsd.org/">
|
|
+ <img src="sitedrivenby.gif" BORDER="0" alt="Site driven by NetBSD">
|
|
+ </a>
|
|
+</div>
|
|
|
|
</body>
|
|
</html>
|