blob: c16cb88dedc2d480bdf1c145a5d0c094a7793388 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
$NetBSD: patch-bb,v 1.1.2.2 2009/06/04 20:41:20 spz Exp $
Patch for CVE-2009-1195 taken from:
http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_include.c?r1=758929&r2=772997&pathrev=772997
--- modules/filters/mod_include.c.orig 2008-03-17 14:32:47.000000000 +0000
+++ modules/filters/mod_include.c 2009-06-04 09:41:46.000000000 +0100
@@ -3573,7 +3573,7 @@
intern->seen_eos = 0;
intern->state = PARSE_PRE_HEAD;
ctx->flags = (SSI_FLAG_PRINTING | SSI_FLAG_COND_TRUE);
- if (ap_allow_options(r) & OPT_INCNOEXEC) {
+ if ((ap_allow_options(r) & OPT_INC_WITH_EXEC) == 0) {
ctx->flags |= SSI_FLAG_NO_EXEC;
}
intern->accessenable = conf->accessenable;
|