You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by mj...@apache.org on 2012/06/15 10:22:28 UTC
svn commit: r1350521 -
/httpd/site/trunk/content/security/vulnerabilities_22.mdtext
Author: mjc
Date: Fri Jun 15 08:22:28 2012
New Revision: 1350521
URL: http://svn.apache.org/viewvc?rev=1350521&view=rev
Log:
Fidling
Modified:
httpd/site/trunk/content/security/vulnerabilities_22.mdtext
Modified: httpd/site/trunk/content/security/vulnerabilities_22.mdtext
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/vulnerabilities_22.mdtext?rev=1350521&r1=1350520&r2=1350521&view=diff
==============================================================================
--- httpd/site/trunk/content/security/vulnerabilities_22.mdtext (original)
+++ httpd/site/trunk/content/security/vulnerabilities_22.mdtext Fri Jun 15 08:22:28 2012
@@ -36,18 +36,19 @@ vulnerabilities to the [Security Team](/
# Fixed in Apache httpd 2.2.22 # {#2.2.22}
## low: mod_setenvif.htaccess privilege escalation [CVE-2011-3607](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607) {#CVE-2011-3607}
-: An integer overflow flaw was found which, when the mod_setenvif module is
- enabled, could allow local users to gain privileges via a.htaccess file.
- Acknowldegements: This issue was reported by halfdog
+An integer overflow flaw was found which, when the mod_setenvif module is
+enabled, could allow local users to gain privileges via a.htaccess file.
- Reported to security team: 4th October 2011
+Acknowledgements: This issue was reported by halfdog
- Issue public: 2nd November 2011
+Reported to security team: 4th October 2011
- Update Released: 31st January 2012
+Issue public: 2nd November 2011
- Affected: 2.2.21, 2.2.20, 2.2.19, 2.2.18, 2.2.17, 2.2.16, 2.2.15, 2.2.14, 2.2.13, 2.2.12, 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0
+Update Released: 31st January 2012
+
+Affected: 2.2.21, 2.2.20, 2.2.19, 2.2.18, 2.2.17, 2.2.16, 2.2.15, 2.2.14, 2.2.13, 2.2.12, 2.2.11, 2.2.10, 2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0
## low: <name name="CVE-2012-0021">mod_log_config crash</name>
[CVE-2012-0021](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0021)