Original-Nachricht
Betreff: svn commit: r1204087 - in /httpd/httpd/trunk: include/ap_expr.h include/ap_mmn.h server/util_expr_eval.c
server/util_expr_parse.c server/util_expr_parse.y
Datum: Sat, 19 Nov 2011 21:58:49 GMT
Von:s...@apache.org
Author: sf
Date: Sat Nov
My test build of mod_subersion 1.7.1 against 2.3.15 works also well.
Sound like progress, which is all we ask for version revs :)
-Original Message-
From: Stefan Fritsch [mailto:s...@sfritsch.de]
Sent: Samstag, 19. November 2011 03:37
To: dev@httpd.apache.org
Subject: Re: [Vote] .htaccess logic abuse
On Friday 18 November 2011, William A. Rowe Jr. wrote:
Resource abuse of an .htaccess config in the form
Observing that the error.log is filling with [http:error] lines, never seen
with 2.2:
[http:error] [pid 3244:tid 2656] (70007)The timeout specified has expired:
[client 114.79.60.32:11091] Timeout while writing data for URI
/download/binaries/httpd-2.2.21-win32-x86-ssl.zip to the client.
-Original Message-
From: Steffen [mailto:i...@apachelounge.com]
Sent: Montag, 21. November 2011 11:50
To: dev@httpd.apache.org
Subject: Win 2.3.15 :: The timeout specified has expired
Observing that the error.log is filling with [http:error]
lines, never seen
with 2.2:
Should be the normal Timeout parameter.
Ah was not aware of that one.
Is logging now, good.
-Original Message-
From: Steffen [mailto:i...@apachelounge.com]
Sent: Montag, 21. November 2011 11:50
To: dev@httpd.apache.org
Subject: Win 2.3.15 :: The timeout specified has expired
On 11/21/2011 4:49 AM, Steffen wrote:
Observing that the error.log is filling with [http:error] lines, never seen
with 2.2:
[http:error] [pid 3244:tid 2656] (70007)The timeout specified has expired:
[client
114.79.60.32:11091] Timeout while writing data for URI
On Fri, Nov 18, 2011 at 04:38:14PM -0600, William Rowe wrote:
After several prods, it seems the security@ and hackathon participants
can't be drawn out of their shells on to dev@. So I'll simply call for
a majority vote on the following statement...
Thanks for the prod!
Resource abuse of an
On 21/11/2011 18:19, Joe Orton wrote:
On Fri, Nov 18, 2011 at 04:38:14PM -0600, William Rowe wrote:
After several prods, it seems the security@ and hackathon participants
can't be drawn out of their shells on to dev@. So I'll simply call for
a majority vote on the following statement...
On Monday 21 November 2011, Rüdiger Plüm wrote:
Original-Nachricht
Betreff: svn commit: r1204087 - in /httpd/httpd/trunk:
include/ap_expr.h include/ap_mmn.h server/util_expr_eval.c
server/util_expr_parse.c server/util_expr_parse.y
Datum:Sat, 19 Nov 2011 21:58:49
On 11/21/2011 10:19 AM, Joe Orton wrote:
I agree for resource consumption attacks. I think there's still a good
case for treating bugs which allow escalation of privileges as security
issues (i.e. something which gets you from an .htaccess file to
arbitrary code execution in the httpd child).
On Sunday 20 November 2011, Jeff Trawick wrote:
On Sun, Nov 20, 2011 at 3:41 AM, Stefan Fritsch s...@sfritsch.de
wrote:
Would it make sense to pass the ap_errorlog_info struct instead?
It has contains most of the args and is extensible with only a
minor MMN bump.
(shrug)
it might be
On Sunday 20 November 2011, Graham Leggett wrote:
On 20 Nov 2011, at 1:37 AM, Jeff Trawick wrote:
On Sat, Nov 19, 2011 at 2:46 PM, Stefan Fritsch s...@sfritsch.de
wrote:
On Saturday 19 November 2011, Graham Leggett wrote:
The correction is simple; promote the remote_ip up to the
On Monday 21 November 2011, William A. Rowe Jr. wrote:
On 11/21/2011 4:49 AM, Steffen wrote:
Observing that the error.log is filling with [http:error] lines,
never seen with 2.2:
[http:error] [pid 3244:tid 2656] (70007)The timeout specified has
expired: [client 114.79.60.32:11091]
Am 21.11.2011 19:17, schrieb Stefan Fritsch:
On Monday 21 November 2011, William A. Rowe Jr. wrote:
On 11/21/2011 4:49 AM, Steffen wrote:
Observing that the error.log is filling with [http:error] lines,
never seen with 2.2:
[http:error] [pid 3244:tid 2656] (70007)The timeout specified has
On Monday 21 November 2011, Reindl Harald wrote:
Steffen, the default for Timeout has been reduced from 300 to 60.
If you get complaints from users, the new value may be too low
and we should maybe reconsider the new value.
hi
we are using Timout 60 since a long time with 2.2.x an
On 11/21/2011 4:24 PM, s...@apache.org wrote:
Author: sf
Date: Mon Nov 21 22:24:12 2011
New Revision: 1204730
URL: http://svn.apache.org/viewvc?rev=1204730view=rev
Log:
Merge r1204087, 1204090:
Limit recursion in ap_expr evaluation to avoid unbounded stack usage
* evaluate chains of ||,, and
I have been a Java developer and have used Java-based Application Servers, such
as Tomcat, JBoss, and Weblogic. It looks to me that the Apache2 Modules system
with its filter chain is architected in a similar fashion to Java based
Application Servers.
Can the Modules system be used as a
I have been a Java developer and have used Java-based Application
Servers, such as Tomcat, JBoss, and Weblogic. It looks to me that
the Apache2 Modules system with its filter chain is architected in a
similar fashion to Java based Application Servers.
Can the Modules system be used as a
Hi, all
I submitted my module to apache module registry on 10 days ago, but
response is nothing yet.The site is woking now?
Submitted module name is mod_process_security.
https://github.com/matsumoto-r/release-code/tree/master/APACHE-MODULE/mod_process_security
Modules needing the approval of
20 matches
Mail list logo