[Bug 1226217] Regression of security fix: Apache ignores headers sent by CGI scripts
https://bugzilla.suse.com/show_bug.cgi?id=1226217 https://bugzilla.suse.com/show_bug.cgi?id=1226217#c4 --- Comment #4 from Dirk Stoecker <opensuse@dstoecker.de> --- @Petr: Is far as I can see that's not related. The issue here is that apache in the buggy patched version ignores the lines which the CGI script outputs (i.e. sends to apache via stdout) and instead does what it wants on the output side. Contrary to what my initial report says after looking at the patch which seems to be the cause probably only headers content-length and transfer-encoding are affected. As said a downgrade to the previous version 14.1 fixes the issue, so the reason can only be in the applied SUSE security patches. -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@suse.com