| Description: | This collective update for Apache provides the followingfixes: * Make sure that input that has already arrived on thesocket is not discarded during a non-blocking read (read(2)returns 0 and errno is set to -EAGAIN). (bnc#815621) * Close the connection just before an attemptedre-negotiation if data has been read with pipelining. Thisis done by resetting the keepalive status. (bnc#815621) * Reset the renegotiation status of a client<->serverconnection to RENEG_INIT to prevent falsely assumed status.(bnc#791794) * "OPTIONS *" internal requests are intercepted by adummy filter that kicks in for the OPTIONS method. AppleiPrint uses "OPTIONS *" to upgrade the connection toTLS/1.0 following RFC 2817. For compatibility, check if anUpgrade request header is present and skip the filter ifyes. (bnc#791794) * Sending a MERGE request against a URI handled bymod_dav_svn with the source href (sent as part of therequest body as XML) pointing to a URI that is notconfigured for DAV will trigger a segfault. (bnc#829056,CVE-2013-1896) * Client data written to the RewriteLog must haveterminal escape sequences escaped. (bnc#829057,CVE-2013-1862) |