https://bugzilla.redhat.com/show_bug.cgi?id=245278
https://bugzilla.redhat.com/attachment.cgi?id=478422&action=diff
https://bugzilla.redhat.com/attachment.cgi?id=478422&action=edit
Thanks to Rich for his comments. Instead of doing the in-place escape, changed
to duplicate the given password and work on the copy.
Description: When the Admin User password is changed on the Admin
Console, the console escapes the password then sends it to the
Admin Server. This patch adds the apache API ap_unescape_url to
mod_admserv to unescape the password before handling it. Since
ap_unescape_url does the unescape in place, it duplicates the
given password and escapes on the duplicated memory.