You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by el...@apache.org on 2016/12/03 11:00:05 UTC
svn commit: r1772455 - /httpd/site/trunk/content/dev/guidelines.mdtext
Author: elukey
Date: Sat Dec 3 11:00:05 2016
New Revision: 1772455
URL: http://svn.apache.org/viewvc?rev=1772455&view=rev
Log:
Updated Markdown code to the dev guidelines page - part 3
Modified:
httpd/site/trunk/content/dev/guidelines.mdtext
Modified: httpd/site/trunk/content/dev/guidelines.mdtext
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/dev/guidelines.mdtext?rev=1772455&r1=1772454&r2=1772455&view=diff
==============================================================================
--- httpd/site/trunk/content/dev/guidelines.mdtext (original)
+++ httpd/site/trunk/content/dev/guidelines.mdtext Sat Dec 3 11:00:05 2016
@@ -353,11 +353,12 @@ needed).
If the change is related to a bugzilla issue, include the PR number in the
log in the format:
-> PR 1234
+ PR 1234
Security-related changes should start like this:
-> *) SECURITY: CVE-YYYY-NNNN (cve.mitre.org) xxxxx
+ *) SECURITY: CVE-YYYY-NNNN (cve.mitre.org)
+ xxxxx
Most changes are inserted at the top of the CHANGES file. However,
security-related changes should always be at the top of the list of changes
@@ -366,14 +367,12 @@ the top of the file, insert other change
Example CHANGES entries:
-> *) SECURITY: CVE-2009-3095 (cve.mitre.org) mod_proxy_ftp: sanity check authn credentials.
-> [Stefan Fritsch <sf fritsch.de>, Joe Orton]
+ *) SECURITY: CVE-2009-3095 (cve.mitre.org)
+ mod_proxy_ftp: sanity check authn credentials.
+ [Stefan Fritsch <sf fritsch.de>, Joe Orton]
-> *) Replace AcceptMutex, LockFile, RewriteLock, SSLMutex, SSLStaplingMutex,
-> and WatchdogMutexPath with a single Mutex directive. Add APIs to
-> simplify setup and user customization of APR proc and global mutexes.
-> (See util_mutex.h.) Build-time setting DEFAULT_LOCKFILE is no longer
-> respected; set DEFAULT_REL_RUNTIMEDIR instead. [Jeff Trawick]
+ *) SECURITY: CVE-2016-1546 (cve.mitre.org)
+ mod_http2: restricting number of concurrent stream workers per connection if client is slow.
# Committing Security Fixes
@@ -418,8 +417,8 @@ that message.
The patch should be created by using the `diff -u` command from
the original software file(s) to the modified software file(s). E.g. one of the following:
-> ` diff -u http_main.c.orig http_main.c >> patchfile.txt`
-> `svn diff http_main.c >> patchfile.txt`
+* `diff -u http_main.c.orig http_main.c >> patchfile.txt`
+* `svn diff http_main.c >> patchfile.txt`
All patches necessary to address an action item should be concatenated
within a single patch message. If later modification of the patch proves
@@ -428,9 +427,7 @@ difference between two patches. The STAT
updated to point to the new patch message.
The completed patchfile should produce no errors or prompts when the
-following command is issued in the target repository:
-
-> `patch -s < patchfile`
+following command is issued in the target repository: `patch -s < patchfile`
# Addendum #