You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by tr...@apache.org on 2012/04/23 13:21:13 UTC
svn commit: r1329187 - in /httpd/site/trunk/xdocs: download.xml
mod_fcgid/index.en.xml
Author: trawick
Date: Mon Apr 23 11:21:13 2012
New Revision: 1329187
URL: http://svn.apache.org/viewvc?rev=1329187&view=rev
Log:
Announcing mod_fcgid 2.3.7...
Modified:
httpd/site/trunk/xdocs/download.xml
httpd/site/trunk/xdocs/mod_fcgid/index.en.xml
Modified: httpd/site/trunk/xdocs/download.xml
URL: http://svn.apache.org/viewvc/httpd/site/trunk/xdocs/download.xml?rev=1329187&r1=1329186&r2=1329187&view=diff
==============================================================================
--- httpd/site/trunk/xdocs/download.xml [utf-8] (original)
+++ httpd/site/trunk/xdocs/download.xml [utf-8] Mon Apr 23 11:21:13 2012
@@ -1,4 +1,4 @@
-<?xml version="1.0"?>
+<?xml version="1.0"?>
<document>
<properties>
<author email="docs@httpd.apache.org">Documentation Group</author>
@@ -254,66 +254,43 @@ fixes a few potential security vulnerabi
</section>
<section id="mod_fcgid" date="2010-11-06"><title>Apache mod_fcgid FastCGI module
-for Apache HTTP Server released as 2.3.6</title>
+for Apache HTTP Server released as 2.3.7</title>
<p>
The Apache Software Foundation and the Apache HTTP Server Project are
- pleased to announce the release of version 2.3.6 of mod_fcgid, a
+ pleased to announce the release of version 2.3.7 of mod_fcgid, a
FastCGI implementation for Apache HTTP Server versions 2.0, 2.2, and
future 2.4. This version of mod_fcgid is a bug fix release.
</p>
-<p>
- A fix is included for CVE-2010-3872, a potential vulnerability which
- can affect sites with untrusted FastCGI applications.
-</p>
-
-<p>
- Additionally, default configuration settings for request body handling
- have been changed to prevent large system resource use. Administrators
- of all versions of mod_fcgid are strongly cautioned to ensure that
- FcgidMaxRequestLen is configured appropriately.
-</p>
-
<p>For information about this module subproject, see the <a
href="http://httpd.apache.org/mod_fcgid/">mod_fcgid module project page</a>.</p>
<ul>
<li>Unix Source as gzip with LF line endings:
-<a href="[preferred]/httpd/mod_fcgid/mod_fcgid-2.3.6.tar.gz">mod_fcgid-2.3.6.tar.gz</a>
-[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.6.tar.gz.asc">PGP</a>]
-[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.6.tar.gz.md5">MD5</a>]
-[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.6.tar.gz.sha1">SHA1</a>]
+<a href="[preferred]/httpd/mod_fcgid/mod_fcgid-2.3.7.tar.gz">mod_fcgid-2.3.7.tar.gz</a>
+[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.7.tar.gz.asc">PGP</a>]
+[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.7.tar.gz.md5">MD5</a>]
+[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.7.tar.gz.sha1">SHA1</a>]
</li>
<li>Unix Source as bz2 with LF line endings:
-<a href="[preferred]/httpd/mod_fcgid/mod_fcgid-2.3.6.tar.bz2">mod_fcgid-2.3.6.tar.bz2</a>
-[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.6.tar.bz2.asc">PGP</a>]
-[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.6.tar.bz2.md5">MD5</a>]
-[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.6.tar.bz2.sha1">SHA1</a>]
+<a href="[preferred]/httpd/mod_fcgid/mod_fcgid-2.3.7.tar.bz2">mod_fcgid-2.3.7.tar.bz2</a>
+[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.7.tar.bz2.asc">PGP</a>]
+[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.7.tar.bz2.md5">MD5</a>]
+[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.7.tar.bz2.sha1">SHA1</a>]
</li>
<li>Win32, Netware or OS/2 Source with CR/LF line endings:
-<a href="[preferred]/httpd/mod_fcgid/mod_fcgid-2.3.6-crlf.zip"
- >mod_fcgid-2.3.6-crlf.zip</a>
-[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.6-crlf.zip.asc">PGP</a>]
-[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.6-crlf.zip.md5">MD5</a>]
-[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.6-crlf.zip.sha1">SHA1</a>]
-</li>
-
-<li>Win32 binary build (unzip over the installed Apache 2.2 directory):
-<a href="[preferred]/httpd/binaries/win32/mod_fcgid-2.3.6-win32-x86.zip"
- >mod_fcgid-2.3.6-win32-x86.zip</a>
-[<a href="http://www.apache.org/dist/httpd/binaries/win32/mod_fcgid-2.3.6-win32-x86.zip.asc">PGP</a>]
-[<a href="http://www.apache.org/dist/httpd/binaries/win32/mod_fcgid-2.3.6-win32-x86.zip.md5">MD5</a>]
-[<a href="http://www.apache.org/dist/httpd/binaries/win32/mod_fcgid-2.3.6-win32-x86.zip.sha1">SHA1</a>]
+<a href="[preferred]/httpd/mod_fcgid/mod_fcgid-2.3.7-crlf.zip"
+ >mod_fcgid-2.3.7-crlf.zip</a>
+[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.7-crlf.zip.asc">PGP</a>]
+[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.7-crlf.zip.md5">MD5</a>]
+[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.7-crlf.zip.sha1">SHA1</a>]
</li>
</ul>
-<p>A patch is available <a href="[preferred]/httpd/mod_fcgid/patches/apply_to_2.3.6/">here</a>
-for a regression in this release. The patch has not been applied to the Windows binaries.</p>
-
</section>
<section id="mod_ftp" date="2008-10-08"><title>Apache FTP module for Apache
@@ -396,8 +373,7 @@ using</p>
<li>httpd-2.0.64.tar.* are signed by William A Rowe Jr <code>B55D9977(7F7214A7)</code></li>
<li>httpd-2.2.22-win32-src.zip, .msi, and -netware/-sdk files signed by William A Rowe Jr <code>B55D9977(60C5442D)</code></li>
<li>httpd-2.0.64-win32-src.zip and .msi signed by William A Rowe Jr <code>B55D9977(7F7214A7)</code></li>
-<li>mod_fcgid-2.3.6.tar.* and mod_fcgid-2.3.6-crlf.zip are signed by Jeff Trawick <code>39FF092C</code></li>
-<li>mod_fcgid-2.3.6-win32-x86.zip is signed by William A Rowe Jr <code>B55D9977(7F7214A7)</code></li>
+<li>mod_fcgid-2.3.7.tar.* and mod_fcgid-2.3.7-crlf.zip are signed by Jeff Trawick <code>39FF092C</code></li>
<li>mod_ftp-0.9.6-beta* are signed by William A Rowe Jr <code>B55D9977(7F7214A7)</code></li>
</ul>
Modified: httpd/site/trunk/xdocs/mod_fcgid/index.en.xml
URL: http://svn.apache.org/viewvc/httpd/site/trunk/xdocs/mod_fcgid/index.en.xml?rev=1329187&r1=1329186&r2=1329187&view=diff
==============================================================================
--- httpd/site/trunk/xdocs/mod_fcgid/index.en.xml [utf-8] (original)
+++ httpd/site/trunk/xdocs/mod_fcgid/index.en.xml [utf-8] Mon Apr 23 11:21:13 2012
@@ -18,30 +18,18 @@
</p>
</section>
-<section date="2010-11-06">
- <title>mod_fcgid 2.3.6 released</title>
+<section date="2012-04-23">
+ <title>mod_fcgid 2.3.7 released</title>
<p>
The Apache Software Foundation and the Apache HTTP Server Project are
- pleased to announce the release of version 2.3.6 of mod_fcgid, a
+ pleased to announce the release of version 2.3.7 of mod_fcgid, a
FastCGI implementation for Apache HTTP Server versions 2.0, 2.2, and
- future 2.4. This version of mod_fcgid is a bug fix release.
-</p>
-
-<p>
- A fix is included for CVE-2010-3872, a potential vulnerability which
- can affect sites with untrusted FastCGI applications.
-</p>
-
-<p>
- Additionally, default configuration settings for request body handling
- have been changed to prevent large system resource use. Administrators
- of all versions of mod_fcgid are strongly cautioned to ensure that
- FcgidMaxRequestLen is configured appropriately.
+ 2.4. This version of mod_fcgid is a bug fix release.
</p>
<p>
- You can get the source and Windows binaries from
+ You can get the source from
<a href="http://httpd.apache.org/download.cgi#mod_fcgid"
>your local mirror</a>
</p>
Re: svn commit: r1329187 - in /httpd/site/trunk/xdocs: download.xml
mod_fcgid/index.en.xml
Posted by "William A. Rowe Jr." <wr...@rowe-clan.net>.
On 4/23/2012 7:29 AM, Jeff Trawick wrote:
> On Mon, Apr 23, 2012 at 7:21 AM, <tr...@apache.org> wrote:
>> Author: trawick
>> Date: Mon Apr 23 11:21:13 2012
>> New Revision: 1329187
>>
>> URL: http://svn.apache.org/viewvc?rev=1329187&view=rev
>> Log:
>> Announcing mod_fcgid 2.3.7...
>
> BTW Bill, any plans to create Windows binaries (2.2? 2.4?)? We would
> then restore+edit some text removed with this commit.
I only just finished restoring my VC6 environment over the weekend, so yes,
I can be doing that in the coming day or two. In the future, just whack
the applicable (stale) sections with <!-- comments --> so I can get them
back more trivially.
2.4, still involves wix and setting up packages that cleanly upgrade. It's
been over a decade, so it's long past time. Plus the bug resolution. Looks
like 2.4 will be right in step with 2.2, which I don't consider a bad thing,
in terms of full and proper windows behaviors.
Re: svn commit: r1329187 - in /httpd/site/trunk/xdocs: download.xml mod_fcgid/index.en.xml
Posted by Jeff Trawick <tr...@gmail.com>.
On Mon, Apr 23, 2012 at 7:21 AM, <tr...@apache.org> wrote:
> Author: trawick
> Date: Mon Apr 23 11:21:13 2012
> New Revision: 1329187
>
> URL: http://svn.apache.org/viewvc?rev=1329187&view=rev
> Log:
> Announcing mod_fcgid 2.3.7...
BTW Bill, any plans to create Windows binaries (2.2? 2.4?)? We would
then restore+edit some text removed with this commit.
>
> Modified:
> httpd/site/trunk/xdocs/download.xml
> httpd/site/trunk/xdocs/mod_fcgid/index.en.xml
>
> Modified: httpd/site/trunk/xdocs/download.xml
> URL: http://svn.apache.org/viewvc/httpd/site/trunk/xdocs/download.xml?rev=1329187&r1=1329186&r2=1329187&view=diff
> ==============================================================================
> --- httpd/site/trunk/xdocs/download.xml [utf-8] (original)
> +++ httpd/site/trunk/xdocs/download.xml [utf-8] Mon Apr 23 11:21:13 2012
> @@ -1,4 +1,4 @@
> -<?xml version="1.0"?>
> +<?xml version="1.0"?>
> <document>
> <properties>
> <author email="docs@httpd.apache.org">Documentation Group</author>
> @@ -254,66 +254,43 @@ fixes a few potential security vulnerabi
> </section>
>
> <section id="mod_fcgid" date="2010-11-06"><title>Apache mod_fcgid FastCGI module
> -for Apache HTTP Server released as 2.3.6</title>
> +for Apache HTTP Server released as 2.3.7</title>
>
> <p>
> The Apache Software Foundation and the Apache HTTP Server Project are
> - pleased to announce the release of version 2.3.6 of mod_fcgid, a
> + pleased to announce the release of version 2.3.7 of mod_fcgid, a
> FastCGI implementation for Apache HTTP Server versions 2.0, 2.2, and
> future 2.4. This version of mod_fcgid is a bug fix release.
> </p>
>
> -<p>
> - A fix is included for CVE-2010-3872, a potential vulnerability which
> - can affect sites with untrusted FastCGI applications.
> -</p>
> -
> -<p>
> - Additionally, default configuration settings for request body handling
> - have been changed to prevent large system resource use. Administrators
> - of all versions of mod_fcgid are strongly cautioned to ensure that
> - FcgidMaxRequestLen is configured appropriately.
> -</p>
> -
> <p>For information about this module subproject, see the <a
> href="http://httpd.apache.org/mod_fcgid/">mod_fcgid module project page</a>.</p>
>
> <ul>
> <li>Unix Source as gzip with LF line endings:
> -<a href="[preferred]/httpd/mod_fcgid/mod_fcgid-2.3.6.tar.gz">mod_fcgid-2.3.6.tar.gz</a>
> -[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.6.tar.gz.asc">PGP</a>]
> -[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.6.tar.gz.md5">MD5</a>]
> -[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.6.tar.gz.sha1">SHA1</a>]
> +<a href="[preferred]/httpd/mod_fcgid/mod_fcgid-2.3.7.tar.gz">mod_fcgid-2.3.7.tar.gz</a>
> +[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.7.tar.gz.asc">PGP</a>]
> +[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.7.tar.gz.md5">MD5</a>]
> +[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.7.tar.gz.sha1">SHA1</a>]
> </li>
>
> <li>Unix Source as bz2 with LF line endings:
> -<a href="[preferred]/httpd/mod_fcgid/mod_fcgid-2.3.6.tar.bz2">mod_fcgid-2.3.6.tar.bz2</a>
> -[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.6.tar.bz2.asc">PGP</a>]
> -[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.6.tar.bz2.md5">MD5</a>]
> -[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.6.tar.bz2.sha1">SHA1</a>]
> +<a href="[preferred]/httpd/mod_fcgid/mod_fcgid-2.3.7.tar.bz2">mod_fcgid-2.3.7.tar.bz2</a>
> +[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.7.tar.bz2.asc">PGP</a>]
> +[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.7.tar.bz2.md5">MD5</a>]
> +[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.7.tar.bz2.sha1">SHA1</a>]
> </li>
>
> <li>Win32, Netware or OS/2 Source with CR/LF line endings:
> -<a href="[preferred]/httpd/mod_fcgid/mod_fcgid-2.3.6-crlf.zip"
> - >mod_fcgid-2.3.6-crlf.zip</a>
> -[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.6-crlf.zip.asc">PGP</a>]
> -[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.6-crlf.zip.md5">MD5</a>]
> -[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.6-crlf.zip.sha1">SHA1</a>]
> -</li>
> -
> -<li>Win32 binary build (unzip over the installed Apache 2.2 directory):
> -<a href="[preferred]/httpd/binaries/win32/mod_fcgid-2.3.6-win32-x86.zip"
> - >mod_fcgid-2.3.6-win32-x86.zip</a>
> -[<a href="http://www.apache.org/dist/httpd/binaries/win32/mod_fcgid-2.3.6-win32-x86.zip.asc">PGP</a>]
> -[<a href="http://www.apache.org/dist/httpd/binaries/win32/mod_fcgid-2.3.6-win32-x86.zip.md5">MD5</a>]
> -[<a href="http://www.apache.org/dist/httpd/binaries/win32/mod_fcgid-2.3.6-win32-x86.zip.sha1">SHA1</a>]
> +<a href="[preferred]/httpd/mod_fcgid/mod_fcgid-2.3.7-crlf.zip"
> + >mod_fcgid-2.3.7-crlf.zip</a>
> +[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.7-crlf.zip.asc">PGP</a>]
> +[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.7-crlf.zip.md5">MD5</a>]
> +[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.7-crlf.zip.sha1">SHA1</a>]
> </li>
>
> </ul>
>
> -<p>A patch is available <a href="[preferred]/httpd/mod_fcgid/patches/apply_to_2.3.6/">here</a>
> -for a regression in this release. The patch has not been applied to the Windows binaries.</p>
> -
> </section>
>
> <section id="mod_ftp" date="2008-10-08"><title>Apache FTP module for Apache
> @@ -396,8 +373,7 @@ using</p>
> <li>httpd-2.0.64.tar.* are signed by William A Rowe Jr <code>B55D9977(7F7214A7)</code></li>
> <li>httpd-2.2.22-win32-src.zip, .msi, and -netware/-sdk files signed by William A Rowe Jr <code>B55D9977(60C5442D)</code></li>
> <li>httpd-2.0.64-win32-src.zip and .msi signed by William A Rowe Jr <code>B55D9977(7F7214A7)</code></li>
> -<li>mod_fcgid-2.3.6.tar.* and mod_fcgid-2.3.6-crlf.zip are signed by Jeff Trawick <code>39FF092C</code></li>
> -<li>mod_fcgid-2.3.6-win32-x86.zip is signed by William A Rowe Jr <code>B55D9977(7F7214A7)</code></li>
> +<li>mod_fcgid-2.3.7.tar.* and mod_fcgid-2.3.7-crlf.zip are signed by Jeff Trawick <code>39FF092C</code></li>
> <li>mod_ftp-0.9.6-beta* are signed by William A Rowe Jr <code>B55D9977(7F7214A7)</code></li>
> </ul>
>
>
> Modified: httpd/site/trunk/xdocs/mod_fcgid/index.en.xml
> URL: http://svn.apache.org/viewvc/httpd/site/trunk/xdocs/mod_fcgid/index.en.xml?rev=1329187&r1=1329186&r2=1329187&view=diff
> ==============================================================================
> --- httpd/site/trunk/xdocs/mod_fcgid/index.en.xml [utf-8] (original)
> +++ httpd/site/trunk/xdocs/mod_fcgid/index.en.xml [utf-8] Mon Apr 23 11:21:13 2012
> @@ -18,30 +18,18 @@
> </p>
> </section>
>
> -<section date="2010-11-06">
> - <title>mod_fcgid 2.3.6 released</title>
> +<section date="2012-04-23">
> + <title>mod_fcgid 2.3.7 released</title>
>
> <p>
> The Apache Software Foundation and the Apache HTTP Server Project are
> - pleased to announce the release of version 2.3.6 of mod_fcgid, a
> + pleased to announce the release of version 2.3.7 of mod_fcgid, a
> FastCGI implementation for Apache HTTP Server versions 2.0, 2.2, and
> - future 2.4. This version of mod_fcgid is a bug fix release.
> -</p>
> -
> -<p>
> - A fix is included for CVE-2010-3872, a potential vulnerability which
> - can affect sites with untrusted FastCGI applications.
> -</p>
> -
> -<p>
> - Additionally, default configuration settings for request body handling
> - have been changed to prevent large system resource use. Administrators
> - of all versions of mod_fcgid are strongly cautioned to ensure that
> - FcgidMaxRequestLen is configured appropriately.
> + 2.4. This version of mod_fcgid is a bug fix release.
> </p>
>
> <p>
> - You can get the source and Windows binaries from
> + You can get the source from
> <a href="http://httpd.apache.org/download.cgi#mod_fcgid"
> >your local mirror</a>
> </p>
>
>
--
Born in Roswell... married an alien...
http://emptyhammock.com/