]> git.pld-linux.org Git - packages/tomcat.git/blob - tomcat-CVE-2016-5388.patch
projects / packages / tomcat.git / blob
? search:


d856006bcbde8d552ecd1ffce870559165b195cd
[packages/tomcat.git] / tomcat-CVE-2016-5388.patch
1 --- apache-tomcat-7.0.70-src/java/org/apache/catalina/servlets/CGIServlet.java.orig     2016-06-15 18:45:50.000000000 +0200
2 +++ apache-tomcat-7.0.70-src/java/org/apache/catalina/servlets/CGIServlet.java  2016-07-19 15:35:56.656316104 +0200
3 @@ -1107,7 +1107,8 @@ public final class CGIServlet extends Ht
4                  //REMIND: change character set
5                  //REMIND: I forgot what the previous REMIND means
6                  if ("AUTHORIZATION".equalsIgnoreCase(header) ||
7 -                    "PROXY_AUTHORIZATION".equalsIgnoreCase(header)) {
8 +                    "PROXY_AUTHORIZATION".equalsIgnoreCase(header) ||
9 +                    "PROXY".equalsIgnoreCase(header)) {
10                      //NOOP per CGI specification section 11.2
11                  } else {
12                      envp.put("HTTP_" + header.replace('-', '_'),
Web server and Servlet/JSP Engine, RI for Servlet %{servletapiver}/JSP %{jspapiver} API
This page took 0.026076 seconds and 2 git commands to generate.