+++ /dev/null
-diff --git a/server/util_script.c b/server/util_script.c
-index 5e071a2..443dfb6 100644
---- a/server/util_script.c
-+++ b/server/util_script.c
-@@ -186,6 +186,14 @@ AP_DECLARE(void) ap_add_common_vars(request_rec *r)
- else if (!ap_cstr_casecmp(hdrs[i].key, "Content-length")) {
- apr_table_addn(e, "CONTENT_LENGTH", hdrs[i].val);
- }
-+ /* HTTP_PROXY collides with a popular envvar used to configure
-+ * proxies, don't let clients set/override it. But, if you must...
-+ */
-+#ifndef SECURITY_HOLE_PASS_PROXY
-+ else if (!ap_cstr_casecmp(hdrs[i].key, "Proxy")) {
-+ ;
-+ }
-+#endif
- /*
- * You really don't want to disable this check, since it leaves you
- * wide open to CGIs stealing passwords and people viewing them
Summary(ru.UTF-8): Самый популярный веб-сервер
Summary(tr.UTF-8): Lider WWW tarayıcı
Name: apache
-Version: 2.4.23
-Release: 2
+Version: 2.4.25
+Release: 1
License: Apache v2.0
Group: Networking/Daemons/HTTP
Source0: http://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2
-# Source0-md5: 04f19c60e810c028f5240a062668a688
+# Source0-md5: 2826f49619112ad5813c0be5afcc7ddb
Source1: %{name}.init
Source2: %{name}.logrotate
Source3: %{name}.sysconfig
Patch2: %{name}-suexec.patch
Patch3: %{name}-branding.patch
Patch4: %{name}-apr.patch
-Patch5: %{name}-CVE-2016-5387.patch
Patch7: %{name}-syslibs.patch
%patch2 -p1
%patch3 -p1
%patch4 -p1
-%patch5 -p1
%patch7 -p1
projects / packages / apache.git / commitdiff