Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 749071 - httpd: RHSA-2011:1329 and RHSA-2011:1330 range 0- handling regression
httpd: RHSA-2011:1329 and RHSA-2011:1330 range 0- handling regression
Status: CLOSED ERRATA
Product: JBoss Enterprise Web Server 1
Classification: JBoss
Component: httpd22 (Show other bugs)
1.0.2
All All
urgent Severity urgent
: ---
: ---
Assigned To: Permaine Cheung
: Regression
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2011-10-25 23:43 EDT by David Jorm
Modified: 2014-10-20 20:01 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-05-07 15:04:48 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2012:0542 normal SHIPPED_LIVE Moderate: httpd security and bug fix update 2012-05-07 18:22:44 EDT

  None (edit)
Description David Jorm 2011-10-25 23:43:54 EDT 
Description of problem:
RHSA-2011:1329 and RHSA-2011:1330 provided a fix for CVE-2011-3192, which significantly changed ranges handling code and resulted in a following regression:

Range specification of 0- was returning response 200 rather than 206, which may be expected by some clients:

https://issues.apache.org/bugzilla/show_bug.cgi?id=51878

Fixed upstream in:

http://svn.apache.org/viewvc?view=revision&revision=1175980
http://svn.apache.org/viewvc?view=revision&revision=1175992

Return code 200 was an optimization to make httpd return complete file is sum of sizes of all ranges was equal to or higher than file size.  The above patches ensure the optimization is only used when sum of all ranges exceeds file size.
Comment 3 errata-xmlrpc 2012-05-07 15:04:48 EDT 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2012-0542.html
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.