angler-fishThe Vulnerability History Project

backport r1234837 from trunk:

      CVE-2012-0053: Fix an issue in error responses that could expose 
    "httpOnly" cookies when no custom ErrorDocument is specified for 
    status code 400.

Reviewed By: covener, trawick, gregames



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1235454 13f79535-47bb-0310-9956-ffa450edef68
by Ernestine the Ladybird 2012-01-24 20:02:19 UTC
commit b465990b860c310ca85ce661623b5fb47fab11d2
HTTPD Fix CVE-2012-0053
CHANGES
-5
STATUS
+9
server/protocol.c
+12 -34
expand_less