summaryrefslogtreecommitdiffstats
path: root/debian/patches/CVE-2006-20001.patch
diff options
context:
space:
mode:
Diffstat (limited to 'debian/patches/CVE-2006-20001.patch')
-rw-r--r--debian/patches/CVE-2006-20001.patch37
1 files changed, 37 insertions, 0 deletions
diff --git a/debian/patches/CVE-2006-20001.patch b/debian/patches/CVE-2006-20001.patch
new file mode 100644
index 0000000..0ba150b
--- /dev/null
+++ b/debian/patches/CVE-2006-20001.patch
@@ -0,0 +1,37 @@
+From 7469547c3f617717ca545d0f7c56d01134703813 Mon Sep 17 00:00:00 2001
+From: Eric Covener <covener@apache.org>
+Date: Tue, 10 Jan 2023 13:21:48 +0000
+Subject: [PATCH] Merge r1906487 from trunk:
+
+* modules/dav/main/util.c (dav_process_if_header): Fix error
+ path for "Not" prefix parsing.
+
+
+Submitted By: jorton
+Reviewed By: jorton, covener, rpluem
+
+
+git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1906543 13f79535-47bb-0310-9956-ffa450edef68
+---
+ STATUS | 8 --------
+ modules/dav/main/util.c | 8 +++++++-
+ 2 files changed, 7 insertions(+), 9 deletions(-)
+
+--- a/modules/dav/main/util.c
++++ b/modules/dav/main/util.c
+@@ -746,8 +746,14 @@
+ "for the same state.");
+ }
+ condition = DAV_IF_COND_NOT;
++ list += 2;
++ }
++ else {
++ return dav_new_error(r->pool, HTTP_BAD_REQUEST,
++ DAV_ERR_IF_UNK_CHAR, 0,
++ "Invalid \"If:\" header: "
++ "Unexpected character in List");
+ }
+- list += 2;
+ break;
+
+ case ' ':