summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSilvio Rhatto <rhatto@riseup.net>2011-09-01 10:13:10 -0300
committerSilvio Rhatto <rhatto@riseup.net>2011-09-01 10:13:10 -0300
commitc4858ebfa999ba902deac5f2d7b5c26ffe97f8b2 (patch)
tree45a77107f1182a305f05a1aa0d65fbde8c1f27c0
parentff8478731d6a93cd22d06a1c4769bdc095fedaf0 (diff)
downloadpuppet-apache-c4858ebfa999ba902deac5f2d7b5c26ffe97f8b2.tar.gz
puppet-apache-c4858ebfa999ba902deac5f2d7b5c26ffe97f8b2.tar.bz2
Remove CVE-2011-3192 workaround
-rw-r--r--templates/apache2.conf.erb7
1 files changed, 0 insertions, 7 deletions
diff --git a/templates/apache2.conf.erb b/templates/apache2.conf.erb
index e387ea8..ee28bdc 100644
--- a/templates/apache2.conf.erb
+++ b/templates/apache2.conf.erb
@@ -89,13 +89,6 @@ MaxKeepAliveRequests 100
#
KeepAliveTimeout 15
-# Drop the Range header when more than 5 ranges.
-# CVE-2011-3192
-# See http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/browser
-# TODO: remove this when a fix is released
-SetEnvIf Range (,.*?){5,} bad-range=1
-RequestHeader unset Range env=bad-range
-
##
## Server-Pool Size Regulation (MPM specific)
##