Группа :: Система/Серверы
Пакет: apache
навигация по пакетам
Главная Изменения Спек Патчи Загрузить Bugs and FR
Патч: apache-1.3.27-CVE-2006-5752.patch
--- apache_1.3.27/src/modules/standard/mod_status.c.cve5752
+++ apache_1.3.27/src/modules/standard/mod_status.c
@@ -263,7 +263,7 @@
if (r->method_number != M_GET)
return DECLINED;
- r->content_type = "text/html";
+ r->content_type = "text/html; charset=ISO-8859-1";
/*
* Simple table-driven form data set parser that lets you alter the header
@@ -289,7 +289,7 @@
no_table_report = 1;
break;
case STAT_OPT_AUTO:
- r->content_type = "text/plain";
+ r->content_type = "text/plain; charset=ISO-8859-1";
short_report = 1;
break;
}
@@ -602,7 +602,7 @@
ap_rputs(")\n", r); ap_rprintf(r, " <i>%s {%s}</i> <b>[%s]</b><br>\n\n",ap_escape_html(r->pool, score_record.client),
- ap_escape_html(r->pool, score_record.request),
+ ap_escape_html(r->pool, ap_escape_logitem(r->pool, score_record.request)),
vhost ? ap_escape_html(r->pool,
vhost->server_hostname) : "(unavailable)");
}
@@ -679,7 +679,7 @@
ap_escape_html(r->pool, score_record.client),
vhost ? ap_escape_html(r->pool,
vhost->server_hostname) : "(unavailable)",
- ap_escape_html(r->pool, score_record.request));
+ ap_escape_html(r->pool, ap_escape_logitem(r->pool, score_record.request)));
} /* no_table_report */
} /* !short_report */
} /* if (<active child>) */