You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by yl...@apache.org on 2016/12/20 23:48:27 UTC
svn commit: r1775362 -
/httpd/site/trunk/content/security/vulnerabilities-httpd.xml
Author: ylavic
Date: Tue Dec 20 23:48:27 2016
New Revision: 1775362
URL: http://svn.apache.org/viewvc?rev=1775362&view=rev
Log:
Fix typo.
Modified:
httpd/site/trunk/content/security/vulnerabilities-httpd.xml
Modified: httpd/site/trunk/content/security/vulnerabilities-httpd.xml
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/vulnerabilities-httpd.xml?rev=1775362&r1=1775361&r2=1775362&view=diff
==============================================================================
--- httpd/site/trunk/content/security/vulnerabilities-httpd.xml (original)
+++ httpd/site/trunk/content/security/vulnerabilities-httpd.xml Tue Dec 20 23:48:27 2016
@@ -194,7 +194,7 @@ We would like to thank Maksim Malyutin f
modes of operation (AES256-CBC by default), hence no selectable or builtin
authenticated encryption.
This made it vulnerable to padding oracle attacks, particularly with CBC.
- An authententication tag (SipHash MAC) is now added to prevent such attacks.
+ An authentication tag (SipHash MAC) is now added to prevent such attacks.
</p></description>
<acknowledgements>
We would like to thank Alexander Neumann of RedTeam Pentesting for reporting