diff --git a/debian/changelog b/debian/changelog
index 87bac8198c2c4572530ddcf9aa281be797f1765a..c0254206d4b077af3d0dc18a54be78b28bef4832 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+apache2 (2.4.54-ok2) yangtze; urgency=medium
+
+  * mrmoney1 CVE-2006-20001 安全更新：Apache HTTP Sever一些版本的缓冲区错误漏洞.
+
+ -- qianjie <Qianjie1@bupt.edu.cn>  Sun, 05 Mar 2023 14:39:00 +0800
+
 apache2 (2.4.54-ok1) yangtze; urgency=medium
 
   * Build for openKylin.
diff --git a/modules/dav/main/util.c b/modules/dav/main/util.c
index 1ae5914027c19de3709416fc145d91400d01f68a..3f7822fc931283d28275c4abfd50392c66e280da 100644
--- a/modules/dav/main/util.c
+++ b/modules/dav/main/util.c
@@ -801,8 +801,14 @@ static dav_error * dav_process_if_header(request_rec *r, dav_if_header **p_ih)
                                                  "for the same state.");
                         }
                         condition = DAV_IF_COND_NOT;
+                        list += 2;
+                    }
+                    else {
+                        return dav_new_error(r->pool, HTTP_BAD_REQUEST,
+                                             DAV_ERR_IF_UNK_CHAR, 0,
+                                             "Invalid \"If:\" header: "
+                                             "Unexpected character in List");
                     }
-                    list += 2;
                     break;
 
                 case ' ':