You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by mj...@apache.org on 2009/07/28 19:57:08 UTC
svn commit: r798621 - in /httpd/site/trunk:
docs/security/vulnerabilities-oval.xml docs/security/vulnerabilities_22.html
xdocs/security/vulnerabilities-httpd.xml
Author: mjc
Date: Tue Jul 28 17:57:07 2009
New Revision: 798621
URL: http://svn.apache.org/viewvc?rev=798621&view=rev
Log:
2.2.12 is out
Modified:
httpd/site/trunk/docs/security/vulnerabilities-oval.xml
httpd/site/trunk/docs/security/vulnerabilities_22.html
httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml
Modified: httpd/site/trunk/docs/security/vulnerabilities-oval.xml
URL: http://svn.apache.org/viewvc/httpd/site/trunk/docs/security/vulnerabilities-oval.xml?rev=798621&r1=798620&r2=798621&view=diff
==============================================================================
--- httpd/site/trunk/docs/security/vulnerabilities-oval.xml (original)
+++ httpd/site/trunk/docs/security/vulnerabilities-oval.xml Tue Jul 28 17:57:07 2009
@@ -20,7 +20,7 @@
<apache_httpd_repository>
<public>20090424</public>
<reported/>
-<released/>
+<released>200900727</released>
<severity level="3">moderate</severity>
</apache_httpd_repository>
</metadata>
@@ -52,7 +52,7 @@
<apache_httpd_repository>
<public>20090601</public>
<reported/>
-<released/>
+<released>20090727</released>
<severity level="3">moderate</severity>
</apache_httpd_repository>
</metadata>
@@ -84,7 +84,7 @@
<apache_httpd_repository>
<public>20090626</public>
<reported>20090626</reported>
-<released/>
+<released>20090727</released>
<severity level="4">low</severity>
</apache_httpd_repository>
</metadata>
@@ -114,7 +114,7 @@
<apache_httpd_repository>
<public>20090702</public>
<reported>20090630</reported>
-<released/>
+<released>20090727</released>
<severity level="2">important</severity>
</apache_httpd_repository>
</metadata>
@@ -145,7 +145,7 @@
<apache_httpd_repository>
<public>20090422</public>
<reported>20090309</reported>
-<released/>
+<released>20090727</released>
<severity level="4">low</severity>
</apache_httpd_repository>
</metadata>
@@ -176,7 +176,7 @@
<apache_httpd_repository>
<public>20090421</public>
<reported>20090305</reported>
-<released/>
+<released>20090727</released>
<severity level="2">important</severity>
</apache_httpd_repository>
</metadata>
@@ -200,7 +200,7 @@
<apache_httpd_repository>
<public>20090601</public>
<reported/>
-<released/>
+<released>20090727</released>
<severity level="3">moderate</severity>
</apache_httpd_repository>
</metadata>
Modified: httpd/site/trunk/docs/security/vulnerabilities_22.html
URL: http://svn.apache.org/viewvc/httpd/site/trunk/docs/security/vulnerabilities_22.html?rev=798621&r1=798620&r2=798621&view=diff
==============================================================================
--- httpd/site/trunk/docs/security/vulnerabilities_22.html [utf-8] (original)
+++ httpd/site/trunk/docs/security/vulnerabilities_22.html [utf-8] Tue Jul 28 17:57:07 2009
@@ -87,7 +87,7 @@
<tr>
<td bgcolor="#525D76">
<font color="#ffffff" face="arial,helvetica,sanserif">
- <a name="2.2.12-dev"><strong>Fixed in Apache httpd 2.2.12-dev</strong></a>
+ <a name="2.2.12"><strong>Fixed in Apache httpd 2.2.12</strong></a>
</font>
</td>
</tr>
@@ -106,7 +106,9 @@
force a proxy process to consume large amounts of CPU time.
</p>
</dd>
-<dd />
+<dd>
+ Update Released: 27th July 2009<br />
+</dd>
<dd>
Affects:
2.2.11, 2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0<p />
@@ -124,7 +126,9 @@
could return a response intended for another user.
</p>
</dd>
-<dd />
+<dd>
+ Update Released: 27th July 2009<br />
+</dd>
<dd>
Affects:
2.2.11<p />
@@ -143,7 +147,9 @@
to consume large amounts of CPU if mod_deflate was enabled for a large
file.</p>
</dd>
-<dd />
+<dd>
+ Update Released: 27th July 2009<br />
+</dd>
<dd>
Affects:
2.2.11, 2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0<p />
@@ -161,7 +167,9 @@
from executing commands from a Server-Side-Include script as intended.
</p>
</dd>
-<dd />
+<dd>
+ Update Released: 27th July 2009<br />
+</dd>
<dd>
Affects:
2.2.11, 2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0<p />
@@ -181,7 +189,9 @@
or a denial of service.
</p>
</dd>
-<dd />
+<dd>
+ Update Released: 72th 2009<br />
+</dd>
<dd>
Affects:
2.2.11, 2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0<p />
@@ -200,7 +210,9 @@
engine.
</p>
</dd>
-<dd />
+<dd>
+ Update Released: 27th July 2009<br />
+</dd>
<dd>
Affects:
2.2.11, 2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0<p />
@@ -219,7 +231,9 @@
processed by the pattern preparation engine.
</p>
</dd>
-<dd />
+<dd>
+ Update Released: 27th July 2009<br />
+</dd>
<dd>
Affects:
2.2.11, 2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0<p />
Modified: httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml
URL: http://svn.apache.org/viewvc/httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml?rev=798621&r1=798620&r2=798621&view=diff
==============================================================================
--- httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml [utf-8] (original)
+++ httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml [utf-8] Tue Jul 28 17:57:07 2009
@@ -1,6 +1,6 @@
<security updated="20090709">
-<issue fixed="2.2.12-dev" public="20090424" released="">
+<issue fixed="2.2.12" public="20090424" released="200900727">
<cve name="CVE-2009-1956"/>
<severity level="3">moderate</severity>
<title>APR-util off-by-one overflow</title>
@@ -23,7 +23,7 @@
<affects prod="httpd" version="2.2.0"/>
</issue>
-<issue fixed="2.2.12-dev" public="20090601" released="">
+<issue fixed="2.2.12" public="20090601" released="20090727">
<cve name="CVE-2009-1955"/>
<severity level="3">moderate</severity>
<title>APR-util XML DoS</title>
@@ -45,7 +45,7 @@
<affects prod="httpd" version="2.2.0"/>
</issue>
-<issue fixed="2.2.12-dev" public="20090626" reported="20090626" released="">
+<issue fixed="2.2.12" public="20090626" reported="20090626" released="20090727">
<cve name="CVE-2009-1891"/>
<severity level="4">low</severity>
<cvss>2.6/AV:N/AC:H/Au:N/C:N/I:N/A:P</cvss>
@@ -68,7 +68,7 @@
<affects prod="httpd" version="2.2.0"/>
</issue>
-<issue fixed="2.2.12-dev" public="20090702" reported="20090630" released="">
+<issue fixed="2.2.12" public="20090702" reported="20090630" released="20090727">
<cve name="CVE-2009-1890"/>
<severity level="2">important</severity>
<cvss>7.8/AV:N/AC:L/Au:N/C:N/I:N/A:C</cvss>
@@ -89,7 +89,7 @@
<affects prod="httpd" version="2.2.0"/>
</issue>
-<issue fixed="2.2.12-dev" public="20090422" reported="20090309" released="">
+<issue fixed="2.2.12" public="20090422" reported="20090309" released="20090727">
<cve name="CVE-2009-1195"/>
<severity level="4">low</severity>
<cvss>4.4/AV:L/AC:M/Au:N/C:P/I:P/A:P</cvss>
@@ -111,7 +111,7 @@
<affects prod="httpd" version="2.2.0"/>
</issue>
-<issue fixed="2.2.12-dev" public="20090421" reported="20090305" released="">
+<issue fixed="2.2.12" public="20090421" reported="20090305" released="20090727">
<cve name="CVE-2009-1191"/>
<severity level="2">important</severity>
<cvss>5/AV:N/AC:L/Au:N/C:P/I:N/A:N</cvss>
@@ -125,7 +125,7 @@
<affects prod="httpd" version="2.2.11"/>
</issue>
-<issue fixed="2.2.12-dev" public="20090601" released="">
+<issue fixed="2.2.12" public="20090601" released="20090727">
<cve name="CVE-2009-0023"/>
<severity level="3">moderate</severity>
<title>APR-util heap underwrite</title>