You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by bu...@apache.org on 2013/04/29 14:58:59 UTC

svn commit: r860295 - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_20.html security/vulnerabilities_22.html

Author: buildbot
Date: Mon Apr 29 12:58:58 2013
New Revision: 860295

Log:
Staging update by buildbot for httpd

Modified:
    websites/staging/httpd/trunk/content/   (props changed)
    websites/staging/httpd/trunk/content/security/vulnerabilities-httpd.xml
    websites/staging/httpd/trunk/content/security/vulnerabilities_20.html
    websites/staging/httpd/trunk/content/security/vulnerabilities_22.html

Propchange: websites/staging/httpd/trunk/content/
------------------------------------------------------------------------------
--- cms:source-revision (original)
+++ cms:source-revision Mon Apr 29 12:58:58 2013
@@ -1 +1 @@
-1460315
+1477026

Modified: websites/staging/httpd/trunk/content/security/vulnerabilities-httpd.xml
==============================================================================
--- websites/staging/httpd/trunk/content/security/vulnerabilities-httpd.xml (original)
+++ websites/staging/httpd/trunk/content/security/vulnerabilities-httpd.xml Mon Apr 29 12:58:58 2013
@@ -775,7 +775,7 @@ be a denial of service if using the work
 <affects prod="httpd" version="2.0.35"/>
 </issue>
 
-<issue fixed="2.2.17" public="20091202" released="20101019">
+<issue fixed="2.2.17" reported="20091218" public="20091202" released="20101019">
 <cve name="CVE-2009-3560"/>
 <severity level="4">low</severity>
 <title>expat DoS</title>
@@ -804,7 +804,7 @@ be a denial of service if using the work
 <affects prod="httpd" version="2.2.0"/>
 </issue>
 
-<issue fixed="2.0.64" public="20091202" released="20101019">
+<issue fixed="2.0.64" reported="20091218" public="20091202" released="20101019">
 <cve name="CVE-2009-3560"/>
 <severity level="4">low</severity>
 <title>expat DoS</title>
@@ -1143,7 +1143,7 @@ event MPMs, resulting in a denial of ser
 <affects prod="httpd" version="2.2.0"/>
 </issue>
 
-<issue fixed="2.2.14" reported="20090904" public="20090802" released="20091005">
+<issue fixed="2.2.14" reported="20090904" public="20090902" released="20091005">
 <cve name="CVE-2009-3094"/>
 <severity level="4">low</severity>
 <title>mod_proxy_ftp DoS</title>
@@ -1168,7 +1168,7 @@ service.
 <affects prod="httpd" version="2.2.0"/>
 </issue>
 
-<issue fixed="2.2.14" reported="20090903" public="20090803" released="20091005">
+<issue fixed="2.2.14" reported="20090903" public="20090903" released="20091005">
 <cve name="CVE-2009-3095"/>
 <severity level="4">low</severity>
 <title>mod_proxy_ftp FTP command injection</title>
@@ -1255,7 +1255,7 @@ in a vulnerable way.
 <affects prod="httpd" version="2.0.35"/>
 </issue>
 
-<issue fixed="2.2.12" public="20090424" released="20090727">
+<issue fixed="2.2.12" reported="20090424" public="20090424" released="20090727">
 <cve name="CVE-2009-1956"/>
 <severity level="3">moderate</severity>
 <title>APR-util off-by-one overflow</title>
@@ -1279,7 +1279,7 @@ or a denial of service.
 <affects prod="httpd" version="2.2.0"/>
 </issue>
 
-<issue fixed="2.2.12" public="20090601" released="20090727">
+<issue fixed="2.2.12" reported="20090606" public="20090601" released="20090727">
 <cve name="CVE-2009-1955"/>
 <severity level="3">moderate</severity>
 <title>APR-util XML DoS</title>
@@ -1422,7 +1422,7 @@ could return a response intended for ano
 <affects prod="httpd" version="2.2.11"/>
 </issue>
 
-<issue fixed="2.2.12" public="20090601" released="20090727">
+<issue fixed="2.2.12" reported="20081225" public="20090601" released="20090727">
 <cve name="CVE-2009-0023"/>
 <severity level="3">moderate</severity>
 <title>APR-util heap underwrite</title>
@@ -1502,7 +1502,7 @@ globally configure:</p>
 <affects prod="httpd" version="2.2.9"/>
 </issue>
 
-<issue fixed="2.0.64" reported="20090903" public="20090803" released="20101019">
+<issue fixed="2.0.64" reported="20090903" public="20090903" released="20101019">
 <cve name="CVE-2009-3095"/>
 <severity level="4">low</severity>
 <title>mod_proxy_ftp FTP command injection</title>
@@ -1538,7 +1538,7 @@ to the FTP server.
 <affects prod="httpd" version="2.0.35"/>
 </issue>
 
-<issue fixed="2.0.64" reported="20090904" public="20090802" released="20101019">
+<issue fixed="2.0.64" reported="20090904" public="20090902" released="20101019">
 <cve name="CVE-2009-3094"/>
 <severity level="4">low</severity>
 <title>mod_proxy_ftp DoS</title>

Modified: websites/staging/httpd/trunk/content/security/vulnerabilities_20.html
==============================================================================
--- websites/staging/httpd/trunk/content/security/vulnerabilities_20.html (original)
+++ websites/staging/httpd/trunk/content/security/vulnerabilities_20.html Mon Apr 29 12:58:58 2013
@@ -238,6 +238,7 @@ be a denial of service if using the work
 </p>
   </dd>
   <dd>
+  Reported to security team: 18th December 2009<br/>
   Issue public: 2nd December 2009<br/></dd>
   <dd>
   Update Released: 19th October 2010<br/></dd>
@@ -352,8 +353,7 @@ to the FTP server.
 </p>
   </dd>
   <dd>
-  Reported to security team: 3rd September 2009<br/>
-  Issue public: 3rd August 2009<br/></dd>
+  Issue public: 3rd September 2009<br/></dd>
   <dd>
   Update Released: 19th October 2010<br/></dd>
   <dd>
@@ -375,7 +375,7 @@ service.
   </dd>
   <dd>
   Reported to security team: 4th September 2009<br/>
-  Issue public: 2nd August 2009<br/></dd>
+  Issue public: 2nd September 2009<br/></dd>
   <dd>
   Update Released: 19th October 2010<br/></dd>
   <dd>

Modified: websites/staging/httpd/trunk/content/security/vulnerabilities_22.html
==============================================================================
--- websites/staging/httpd/trunk/content/security/vulnerabilities_22.html (original)
+++ websites/staging/httpd/trunk/content/security/vulnerabilities_22.html Mon Apr 29 12:58:58 2013
@@ -472,6 +472,7 @@ be a denial of service if using the work
 </p>
   </dd>
   <dd>
+  Reported to security team: 18th December 2009<br/>
   Issue public: 2nd December 2009<br/></dd>
   <dd>
   Update Released: 19th October 2010<br/></dd>
@@ -678,7 +679,7 @@ service.
   </dd>
   <dd>
   Reported to security team: 4th September 2009<br/>
-  Issue public: 2nd August 2009<br/></dd>
+  Issue public: 2nd September 2009<br/></dd>
   <dd>
   Update Released: 5th October 2009<br/></dd>
   <dd>
@@ -699,8 +700,7 @@ to the FTP server.
 </p>
   </dd>
   <dd>
-  Reported to security team: 3rd September 2009<br/>
-  Issue public: 3rd August 2009<br/></dd>
+  Issue public: 3rd September 2009<br/></dd>
   <dd>
   Update Released: 5th October 2009<br/></dd>
   <dd>
@@ -893,6 +893,7 @@ engine.
 </p>
   </dd>
   <dd>
+  Reported to security team: 6th June 2009<br/>
   Issue public: 1st June 2009<br/></dd>
   <dd>
   Update Released: 27th July 2009<br/></dd>
@@ -914,6 +915,7 @@ processed by the pattern preparation eng
 </p>
   </dd>
   <dd>
+  Reported to security team: 25th December 2008<br/>
   Issue public: 1st June 2009<br/></dd>
   <dd>
   Update Released: 27th July 2009<br/></dd>