Welcome to WebmasterWorld Guest from 54.221.9.209

Forum Moderators: Ocean10000 & incrediBILL & phranque

Message Too Old, No Replies

Code different in protocol.c (Revision 1188745 for CVE-2011-3639)

     
10:22 am on Mar 11, 2013 (gmt 0)

New User

5+ Year Member

joined:Nov 19, 2009
posts: 2
votes: 0


Recently I need to check the fix for CVE-2011-3639 of Apache,

[cve.mitre.org...]

It's about the vulnerability of mod_proxy, and it said there is a fix for it in Revision 1188745,
[svn.apache.org...]

But the question is when I browsed the "textchanged" in this revision,I found it can not match with the souce code I use. Even the file size is different.

[svn.apache.org...]

I downloaded 2.2.22 source from Apache website, built and used successfully.

./Apache/httpd-2.2.22/server}: ls -lrt protocol.c
-rw-r--r--. 1 leima leima 58277 Jan 24 2012 protocol.c

>> In textchanged of this revision ,
--- httpd/httpd/trunk/server/protocol.c2011/10/25 15:55:091188744
+++ httpd/httpd/trunk/server/protocol.c2011/10/25 15:56:081188745

Who knows why this happened? Did I understand in a wrong way?

Thanks.