applied the official patch patch.2013.space.txt for the Nginx core to fix the security issue CVE-2013-4547.

2024-10-13 00:29:41 +00:00 · 2013-11-20 21:05:25 -08:00
parent 97622943d2
commit 8b86c72ea2
3 changed files with 26 additions and 1 deletions
--- a/patches/patch.2013.space.txt
+++ b/patches/patch.2013.space.txt
@ -0,0 +1,18 @@
+--- src/http/ngx_http_parse.c
+++ src/http/ngx_http_parse.c
+@@ -617,6 +617,7 @@ ngx_http_parse_request_line(ngx_http_req
+             default:
+                 r->space_in_uri = 1;
+                 state = sw_check_uri;
+                p--;
+                 break;
+             }
+             break;
+@@ -670,6 +671,7 @@ ngx_http_parse_request_line(ngx_http_req
+             default:
+                 r->space_in_uri = 1;
+                 state = sw_uri;
+                p--;
+                 break;
+             }
+             break;