On 12/2/25 7:21 PM, Roy T. Fielding wrote:
> umm, what is this?
This looks like the fix for the rejected CVE-2025-58154 with a copy and paste
commit message
from a r1930012.
I guess Joe will fix the svn:log property accordingly.
Regards
Rüdiger
>
> ....Roy
>
>> On Dec 2, 2025, at 8:10 AM, [email protected] wrote:
>>
>> Author: jorton
>> Date: Tue Dec 2 16:10:37 2025
>> New Revision: 1930199
>>
>> Log:
>> feat: add HEIC, HEIF and related mime types
>>
>> See https://en.wikipedia.org/wiki/High_Efficiency_Image_File_Format
>>
>> Submitted by: Alexandru Mărășteanu <hello alexei.ro>
>> Github: closes #580
>>
>> Modified:
>> httpd/httpd/trunk/modules/ssl/ssl_ct_sct.c
>>
>> Modified: httpd/httpd/trunk/modules/ssl/ssl_ct_sct.c
>> ==============================================================================
>> --- httpd/httpd/trunk/modules/ssl/ssl_ct_sct.c Tue Dec 2 16:05:49
>> 2025 (r1930198)
>> +++ httpd/httpd/trunk/modules/ssl/ssl_ct_sct.c Tue Dec 2 16:10:37
>> 2025 (r1930199)
>> @@ -142,7 +142,7 @@ apr_status_t sct_parse(const char *sourc
>> ap_assert(rv == APR_SUCCESS);
>>
>> if (fields->extlen != 0) {
>> - if (fields->extlen < len) {
>> + if (len < fields->extlen) {
>> ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
>> APLOGNO(02770) "SCT size %" APR_SIZE_T_FMT " has no
>> "
>> "space for %hu bytes of extensions",
>> @@ -176,7 +176,7 @@ apr_status_t sct_parse(const char *sourc
>> rv = ctutil_deserialize_uint16(&cur, &len, &fields->siglen);
>> ap_assert(rv == APR_SUCCESS);
>>
>> - if (fields->siglen < len) {
>> + if (len < fields->siglen) {
>> ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
>> APLOGNO(02772) "SCT has no space for signature");
>> return APR_EINVAL;
>>
>
>
