gentoo resync : 03.12.2017

author: V3n3RiX <venerix@redcorelinux.org> 2017-12-03 16:17:22 +0000
committer: V3n3RiX <venerix@redcorelinux.org> 2017-12-03 16:17:22 +0000
commit: 4cd2370bed609c118b6edfde5d3f116e5c35b897 (patch)
tree: ec58f2c41f49754e41521d5ebc9dce4597ddd0a5 /www-servers/apache/files
parent: f443475c824b4b5c086e6d040961cb35ad81bc60 (diff)
1 files changed, 0 insertions, 20 deletions
diff --git a/www-servers/apache/files/apache-asf-httpoxy.patch b/www-servers/apache/files/apache-asf-httpoxy.patch
deleted file mode 100644
index 68e3d869a77e..000000000000
--- a/www-servers/apache/files/apache-asf-httpoxy.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-https://bugs.gentoo.org/589226
-https://www.apache.org/security/asf-httpoxy-response.txt
-
---- server/util_script.c	(revision 1752426)
-+++ server/util_script.c	(working copy)
-@@ -186,6 +186,14 @@ AP_DECLARE(void) ap_add_common_vars(request_rec *r
-         else if (!strcasecmp(hdrs[i].key, "Content-length")) {
-             apr_table_addn(e, "CONTENT_LENGTH", hdrs[i].val);
-         }
-+        /* HTTP_PROXY collides with a popular envvar used to configure
-+         * proxies, don't let clients set/override it.  But, if you must...
-+         */
-+#ifndef SECURITY_HOLE_PASS_PROXY
-+        else if (!strcasecmp(hdrs[i].key, "Proxy")) {
-+            ;
-+        }
-+#endif
-         /*
-          * You really don't want to disable this check, since it leaves you
-          * wide open to CGIs stealing passwords and people viewing them
author	V3n3RiX <venerix@redcorelinux.org>	2017-12-03 16:17:22 +0000
committer	V3n3RiX <venerix@redcorelinux.org>	2017-12-03 16:17:22 +0000
commit	4cd2370bed609c118b6edfde5d3f116e5c35b897 (patch)
tree	ec58f2c41f49754e41521d5ebc9dce4597ddd0a5 /www-servers/apache/files
parent	f443475c824b4b5c086e6d040961cb35ad81bc60 (diff)