mod_cache: Avoid a crash when Content-Type has an empty value.
PR 56924. [Mark Montague <mark catseye.org>, Jan Kaluza]
+ *) mod_ldap: In 2.4.10, some LDAP searches or comparisons might be done with
+ the wrong credentials when a backend connection is reused.
+ [Eric Covener]
+
*) mod_macro: Add missing APLOGNO for some Warning log messages.
[Christophe Jaillet]
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
- * mod_ldap: 2.4.10 regression: Some authorization searches won't use AuthLDAPBindDN
- which can lead to LDAP authz failurs if AuthLDAPBindDN had extra access.
- trunk patch: http://svn.apache.org/r1613682
- 2.4.x patch: trunk works + CHANGES referencing 2.4.10 regression
- +1: covener, jim, rjung
-
* mod_dav: set r->status_line in dav_error_response.
It's used as argument in next ap_rvputs call. PR 55426.
trunk patch: http://svn.apache.org/r1527509
* combination, which might be reused unintentionally next time this
* connection is used from the connection pool.
*/
- ldc->must_rebind = 0;
+ ldc->must_rebind = 1;
ap_log_rerror(APLOG_MARK, APLOG_TRACE5, 0, r, "LDC %pp used for authn, must be rebound", ldc);
}