Prevent HTTPoxy attack (CVE-2016-1000110) Ignore the HTTP_PROXY variable when REQUEST_METHOD environment is set, which indicates that the script is in CGI mode. Issue reported and patch contributed by Rémi Rampin.

commit: 75d7b615ba70fc5759d16dee95bbd8f0474d8a9c [log] [tgz]
author: Senthil Kumaran <senthil@uthcode.com> Sat Jul 30 05:49:53 2016 -0700
committer: Senthil Kumaran <senthil@uthcode.com> Sat Jul 30 05:49:53 2016 -0700
tree: 6fedc2530db2160bf68039a3bf28b4fefbb39743
parent: a850ef698e55d07173051747e96207496c6f1bdb [diff] [blame]
diff --git a/Misc/ACKS b/Misc/ACKS
index 7aa8fc8..0210a4c 100644
--- a/Misc/ACKS
+++ b/Misc/ACKS

@@ -1123,6 +1123,7 @@
 Jeff Ramnani
 Varpu Rantala
 Brodie Rao
+Rémi Rampin
 Senko Rasic
 Antti Rasinen
 Nikolaus Rath
commit	75d7b615ba70fc5759d16dee95bbd8f0474d8a9c	[log] [tgz]
author	Senthil Kumaran <senthil@uthcode.com>	Sat Jul 30 05:49:53 2016 -0700
committer	Senthil Kumaran <senthil@uthcode.com>	Sat Jul 30 05:49:53 2016 -0700
tree	6fedc2530db2160bf68039a3bf28b4fefbb39743
parent	a850ef698e55d07173051747e96207496c6f1bdb [diff] [blame]