You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by bu...@apache.org on 2013/10/09 07:35:22 UTC
svn commit: r881801 - in /websites/staging/sling/trunk/content: ./
project-information/security.html site/.htaccess site/security.html
Author: buildbot
Date: Wed Oct 9 05:35:22 2013
New Revision: 881801
Log:
Staging update by buildbot for sling
Removed:
websites/staging/sling/trunk/content/site/security.html
Modified:
websites/staging/sling/trunk/content/ (props changed)
websites/staging/sling/trunk/content/project-information/security.html
websites/staging/sling/trunk/content/site/.htaccess
Propchange: websites/staging/sling/trunk/content/
------------------------------------------------------------------------------
--- cms:source-revision (original)
+++ cms:source-revision Wed Oct 9 05:35:22 2013
@@ -1 +1 @@
-1530400
+1530496
Modified: websites/staging/sling/trunk/content/project-information/security.html
==============================================================================
--- websites/staging/sling/trunk/content/project-information/security.html (original)
+++ websites/staging/sling/trunk/content/project-information/security.html Wed Oct 9 05:35:22 2013
@@ -83,11 +83,6 @@
</div>
- <div class="tip">
- This page is a translated version of <a href="/site/security.html" target="sling_cwiki">/site/security.html</a>. In case of
- doubt you might want to refer to the old page.
- </div>
-
<h1>Security</h1>
<h1 id="reporting-new-security-problems-with-apache-sling">Reporting New Security Problems with Apache Sling</h1>
@@ -105,11 +100,16 @@
<p>should be addressed to our public users mailing list. Please see the <a href="/project-information.html">Project Information</a> page for details of how to subscribe.</p>
<p>The private security mailing address is: security(at)sling.apache.org.</p>
<p>Note that all networked servers are subject to denial of service attacks, and we cannot promise magic workarounds to generic problems (such as a client streaming lots of data to your server, or re-requesting the same URL repeatedly). In general our philosophy is to avoid any attacks which can cause the server to consume resources in a non-linear relationship to the size of inputs.</p>
-<p>For more information on handling security issues at the Apache Software Foundation please refer to the <a href="http://www.apache.org/security/">ASF Security Team</a> page.</p>
+<p>For more information on handling security issues at the Apache Software Foundation please refer to the <a href="http://www.apache.org/security/">ASF Security Team</a> page and to the <a href="http://www.apache.org/security/committers.html">security process description for committers</a>.</p>
<h1 id="errors-and-omissions">Errors and omissions</h1>
<p>Please report any errors or omissions to security(at)sling.apache.org.</p>
+<h1 id="previously-reported-security-issues">Previously reported security issues</h1>
+<ul>
+<li>CVE-2012-2138 - Apache Sling denial of service vulnerability (July 6th, 2012), see <a href="http://s.apache.org/CVE-2012-2138">http://s.apache.org/CVE-2012-2138</a></li>
+<li>CVE-2013-2254 - Apache Sling denial of service vulnerability (October 9th, 2013), see <a href="http://s.apache.org/CVE-2013-2254">http://s.apache.org/CVE-2013-2254</a></li>
+</ul>
<div class="timestamp" style="margin-top: 30px; font-size: 80%; text-align: right;">
- Rev. 1499238 by fmeschbe on Wed, 3 Jul 2013 07:39:54 +0000
+ Rev. 1530496 by cziegeler on Wed, 9 Oct 2013 05:34:46 +0000
</div>
<div class="trademarkFooter">
Apache Sling, Sling, Apache, the Apache feather logo, and the Apache Sling project
Modified: websites/staging/sling/trunk/content/site/.htaccess
==============================================================================
--- websites/staging/sling/trunk/content/site/.htaccess (original)
+++ websites/staging/sling/trunk/content/site/.htaccess Wed Oct 9 05:35:22 2013
@@ -62,4 +62,5 @@ Redirect Permanent /site/bundle-resource
Redirect Permanent /site/client-request-logging.html /documentation/development/client-request-logging.html
Redirect Permanent /site/assembly.html /old-stuff/assembly.html
Redirect Permanent /site/media.html /
-Redirect Permanent /site/plugins.html /
\ No newline at end of file
+Redirect Permanent /site/plugins.html /
+Redirect Permanent /site/security.html /project-information/security.html