The Vulnerability History Project

Merge r1657261 from trunk:

      *) SECURITY: CVE-2015-0228 (cve.mitre.org)
     mod_lua: A maliciously crafted websockets PING after a script
     calls r:wsupgrade() can cause a child process crash.
     [Edward Lu <Chaosed0 gmail.com>]

Discovered by Guido Vranken <guidovranken gmail.com>

Submitted by: Edward Lu
Committed by: covener




git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1664118 13f79535-47bb-0310-9956-ffa450edef68

by Ernestine the Ladybird 2015-03-04 19:18:27 UTC

commit 52dd3e5e00672ba7e3c41296e53d4f53b0fada6a

HTTPD Fix CVE-2015-0228

CHANGES

-5

STATUS

modules/lua/lua_request.c

+1 -5

expand_less