You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@openoffice.apache.org by "tj@apache.org" <tj...@apache.org> on 2011/11/11 22:14:17 UTC
Problem showing on main ASF page
http://www.apache.org/
is showing a garbled announcement for the Tika project. The top version
is fine, but another, further down (just above the Tomcat CVE), is trashed.
In particular, the date line shows garbles where em-dashes should be.
(Not to mention the headline.) I have seen similar garbles on the web
pages of the AOOo podling. I have looked at the SVN content of one of
these, using the "view" link provided by the commit notice, and the
content itself looks okay, although the commit notice shows the garbles.
The problem is with UTF-8 translation somewhere. Using the UTF-8 rules
for multi-byte encoding, the garbles decode into the expected characters.
If I knew enough to file an issue, I would. --/tj/
====== scraped off the web page:
=?utf-8?B?VGhlIEFwYWNoZSBTb2Z0d2FyZSBGb3VuZGF0aW9uIEFubm91bmNlcyBBcGFj?=
=?utf-8?B?aGUgVGlrYeKEoiB2MS4wIA==?=
[this announcement is also available online at http://s.apache.org/N0I]
Standards-based, Content and Metadata Detection and Analysis Toolkit
Powers Large-scale, Multi-lingual,
Multi-format Repositories at Adobe, the Internet Archive, NASA Jet
Propulsion Laboratory,
and more.
9 November 2011 âFOREST HILL, MDâ The Apache Software Foundation
(ASF), the all-volunteer
developers, stewards, and incubators of...
[SECURITY] CVE-2011-3376 Apache Tomcat - Privilege Escalation via
Manager app
Re: Problem showing on main ASF page
Posted by Daniel Shahaf <d....@daniel.shahaf.name>.
On Sunday, November 13, 2011 5:11 PM, "tj@apache.org" <tj...@apache.org> wrote:
> Daniel,
>
> On 11/13/2011 15:32, Daniel Shahaf wrote:
> > Would have been useful if you noted the date/time you saw the site, the
> > revision of ^/infrastructure/trunk/site at the time, or took
> > a screenshot. The site regenerates hourly.
> >
> You may assume from the date line on my email that the problem was
> occurring then. Actually, the problem is still visible *now*. The
> security item has moved off the bottom of the list, but the pied item is
> still visible as the last item.
>
> I have no idea how to find the revision level; I have no SVN fu.
>
Go to https://svn.apache.org/repos/infra/websites/production/www and
note the revnum at the end of the page.
> Screenshots I can do. I will attach them (and a copy of the whole page)
> for the benefit of the mbox developers. (If anybody else has a use for
> them, just ask.) But they (and the subject line) are only part of the
> problem.
>
> > Anyway, the subject line contains a ™ character, which had gotten
> > encoded, was not decoded by mod_mbox (aka mail-archives.apache.org the
> > software behind), and the CMS stuff just took it literally.
> >
> Please note the garbled em-dashes in the announcement date line. I have
> seen very similar garbles where mbox is not at all involved. I suggest
> that there is another problem, elsewhere.
>
Can't reproduce. The ™ in the subject link and the em dashes in the
body display fine here.
> > I suggest you follow up with the mod_mbox developers
> > (http://httpd.apache.org/mod_mbox/) about the mod_mbox bug.
>
> Will do. (Well, will try.)
>
Good luck
> > I'll
> > follow up with press@ to advise them not to use UTF-8 in subjects until
> > the bug is fixed.
> >
> > Thanks for the report.
>
> Welcome. It's very frustrating to still have the system programmer's eye
> for things out of place, but not have the "hands" (tools and fu) to fix
> them myself. --/tj/
I'm sure mod_mbox devs would appreciate extra eyes/hands on the bugfix.
> >
> > tj@apache.org wrote on Fri, Nov 11, 2011 at 16:14:17 -0500:
> >> http://www.apache.org/
> >>
> >> is showing a garbled announcement for the Tika project. The top
> >> version is fine, but another, further down (just above the Tomcat
> >> CVE), is trashed.
> >>
> >> In particular, the date line shows garbles where em-dashes should
> >> be. (Not to mention the headline.) I have seen similar garbles on
> >> the web pages of the AOOo podling. I have looked at the SVN content
> >> of one of these, using the "view" link provided by the commit
> >> notice, and the content itself looks okay, although the commit
> >> notice shows the garbles.
> >>
> >> The problem is with UTF-8 translation somewhere. Using the UTF-8
> >> rules for multi-byte encoding, the garbles decode into the expected
> >> characters.
> >>
> >> If I knew enough to file an issue, I would. --/tj/
> >>
> >> ====== scraped off the web page:
> >> =?utf-8?B?VGhlIEFwYWNoZSBTb2Z0d2FyZSBGb3VuZGF0aW9uIEFubm91bmNlcyBBcGFj?=
> >> =?utf-8?B?aGUgVGlrYeKEoiB2MS4wIA==?=
> >>
> >> [this announcement is also available online at http://s.apache.org/N0I]
> >>
> >> Standards-based, Content and Metadata Detection and Analysis Toolkit
> >> Powers Large-scale, Multi-lingual,
> >> Multi-format Repositories at Adobe, the Internet Archive, NASA Jet
> >> Propulsion Laboratory,
> >> and more.
> >>
> >> 9 November 2011 âFOREST HILL, MDâ The Apache Software Foundation
> >> (ASF), the all-volunteer
> >> developers, stewards, and incubators of...
> >>
> >> [SECURITY] CVE-2011-3376 Apache Tomcat - Privilege Escalation via
> >> Manager app
> >>
> >
> >
>
>
>
Re: Problem showing on main ASF page
Posted by "tj@apache.org" <tj...@apache.org>.
Daniel,
On 11/13/2011 15:32, Daniel Shahaf wrote:
> Would have been useful if you noted the date/time you saw the site, the
> revision of ^/infrastructure/trunk/site at the time, or took
> a screenshot. The site regenerates hourly.
>
You may assume from the date line on my email that the problem was
occurring then. Actually, the problem is still visible *now*. The
security item has moved off the bottom of the list, but the pied item is
still visible as the last item.
I have no idea how to find the revision level; I have no SVN fu.
Screenshots I can do. I will attach them (and a copy of the whole page)
for the benefit of the mbox developers. (If anybody else has a use for
them, just ask.) But they (and the subject line) are only part of the
problem.
> Anyway, the subject line contains a ™ character, which had gotten
> encoded, was not decoded by mod_mbox (aka mail-archives.apache.org the
> software behind), and the CMS stuff just took it literally.
>
Please note the garbled em-dashes in the announcement date line. I have
seen very similar garbles where mbox is not at all involved. I suggest
that there is another problem, elsewhere.
> I suggest you follow up with the mod_mbox developers
> (http://httpd.apache.org/mod_mbox/) about the mod_mbox bug.
Will do. (Well, will try.)
> I'll
> follow up with press@ to advise them not to use UTF-8 in subjects until
> the bug is fixed.
>
> Thanks for the report.
Welcome. It's very frustrating to still have the system programmer's eye
for things out of place, but not have the "hands" (tools and fu) to fix
them myself. --/tj/
>
> tj@apache.org wrote on Fri, Nov 11, 2011 at 16:14:17 -0500:
>> http://www.apache.org/
>>
>> is showing a garbled announcement for the Tika project. The top
>> version is fine, but another, further down (just above the Tomcat
>> CVE), is trashed.
>>
>> In particular, the date line shows garbles where em-dashes should
>> be. (Not to mention the headline.) I have seen similar garbles on
>> the web pages of the AOOo podling. I have looked at the SVN content
>> of one of these, using the "view" link provided by the commit
>> notice, and the content itself looks okay, although the commit
>> notice shows the garbles.
>>
>> The problem is with UTF-8 translation somewhere. Using the UTF-8
>> rules for multi-byte encoding, the garbles decode into the expected
>> characters.
>>
>> If I knew enough to file an issue, I would. --/tj/
>>
>> ====== scraped off the web page:
>> =?utf-8?B?VGhlIEFwYWNoZSBTb2Z0d2FyZSBGb3VuZGF0aW9uIEFubm91bmNlcyBBcGFj?=
>> =?utf-8?B?aGUgVGlrYeKEoiB2MS4wIA==?=
>>
>> [this announcement is also available online at http://s.apache.org/N0I]
>>
>> Standards-based, Content and Metadata Detection and Analysis Toolkit
>> Powers Large-scale, Multi-lingual,
>> Multi-format Repositories at Adobe, the Internet Archive, NASA Jet
>> Propulsion Laboratory,
>> and more.
>>
>> 9 November 2011 âFOREST HILL, MDâ The Apache Software Foundation
>> (ASF), the all-volunteer
>> developers, stewards, and incubators of...
>>
>> [SECURITY] CVE-2011-3376 Apache Tomcat - Privilege Escalation via
>> Manager app
>>
>
>
Re: Problem showing on main ASF page
Posted by Daniel Shahaf <d....@daniel.shahaf.name>.
Would have been useful if you noted the date/time you saw the site, the
revision of ^/infrastructure/trunk/site at the time, or took
a screenshot. The site regenerates hourly.
Anyway, the subject line contains a ™ character, which had gotten
encoded, was not decoded by mod_mbox (aka mail-archives.apache.org the
software behind), and the CMS stuff just took it literally.
I suggest you follow up with the mod_mbox developers
(http://httpd.apache.org/mod_mbox/) about the mod_mbox bug. I'll
follow up with press@ to advise them not to use UTF-8 in subjects until
the bug is fixed.
Thanks for the report.
tj@apache.org wrote on Fri, Nov 11, 2011 at 16:14:17 -0500:
> http://www.apache.org/
>
> is showing a garbled announcement for the Tika project. The top
> version is fine, but another, further down (just above the Tomcat
> CVE), is trashed.
>
> In particular, the date line shows garbles where em-dashes should
> be. (Not to mention the headline.) I have seen similar garbles on
> the web pages of the AOOo podling. I have looked at the SVN content
> of one of these, using the "view" link provided by the commit
> notice, and the content itself looks okay, although the commit
> notice shows the garbles.
>
> The problem is with UTF-8 translation somewhere. Using the UTF-8
> rules for multi-byte encoding, the garbles decode into the expected
> characters.
>
> If I knew enough to file an issue, I would. --/tj/
>
> ====== scraped off the web page:
> =?utf-8?B?VGhlIEFwYWNoZSBTb2Z0d2FyZSBGb3VuZGF0aW9uIEFubm91bmNlcyBBcGFj?=
> =?utf-8?B?aGUgVGlrYeKEoiB2MS4wIA==?=
>
> [this announcement is also available online at http://s.apache.org/N0I]
>
> Standards-based, Content and Metadata Detection and Analysis Toolkit
> Powers Large-scale, Multi-lingual,
> Multi-format Repositories at Adobe, the Internet Archive, NASA Jet
> Propulsion Laboratory,
> and more.
>
> 9 November 2011 âFOREST HILL, MDâ The Apache Software Foundation
> (ASF), the all-volunteer
> developers, stewards, and incubators of...
>
> [SECURITY] CVE-2011-3376 Apache Tomcat - Privilege Escalation via
> Manager app
>