You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by bu...@apache.org on 2016/12/20 23:48:35 UTC
svn commit: r1003211 - in /websites/staging/httpd/trunk/content: ./
security/vulnerabilities-httpd.xml security/vulnerabilities_24.html
Author: buildbot
Date: Tue Dec 20 23:48:35 2016
New Revision: 1003211
Log:
Staging update by buildbot for httpd
Modified:
websites/staging/httpd/trunk/content/ (props changed)
websites/staging/httpd/trunk/content/security/vulnerabilities-httpd.xml
websites/staging/httpd/trunk/content/security/vulnerabilities_24.html
Propchange: websites/staging/httpd/trunk/content/
------------------------------------------------------------------------------
--- cms:source-revision (original)
+++ cms:source-revision Tue Dec 20 23:48:35 2016
@@ -1 +1 @@
-1775361
+1775362
Modified: websites/staging/httpd/trunk/content/security/vulnerabilities-httpd.xml
==============================================================================
--- websites/staging/httpd/trunk/content/security/vulnerabilities-httpd.xml (original)
+++ websites/staging/httpd/trunk/content/security/vulnerabilities-httpd.xml Tue Dec 20 23:48:35 2016
@@ -194,7 +194,7 @@ We would like to thank Maksim Malyutin f
modes of operation (AES256-CBC by default), hence no selectable or builtin
authenticated encryption.
This made it vulnerable to padding oracle attacks, particularly with CBC.
- An authententication tag (SipHash MAC) is now added to prevent such attacks.
+ An authentication tag (SipHash MAC) is now added to prevent such attacks.
</p></description>
<acknowledgements>
We would like to thank Alexander Neumann of RedTeam Pentesting for reporting
Modified: websites/staging/httpd/trunk/content/security/vulnerabilities_24.html
==============================================================================
--- websites/staging/httpd/trunk/content/security/vulnerabilities_24.html (original)
+++ websites/staging/httpd/trunk/content/security/vulnerabilities_24.html Tue Dec 20 23:48:35 2016
@@ -207,7 +207,7 @@ We would like to thank Maksim Malyutin f
modes of operation (AES256-CBC by default), hence no selectable or builtin
authenticated encryption.
This made it vulnerable to padding oracle attacks, particularly with CBC.
- An authententication tag (SipHash MAC) is now added to prevent such attacks.
+ An authentication tag (SipHash MAC) is now added to prevent such attacks.
</p>
</dd>
<dd>