You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by jo...@apache.org on 2012/05/07 03:25:16 UTC
svn commit: r1334853 - in /httpd/site/trunk/content: info/ mod_mbox/
mod_smtpd/ security/
Author: joes
Date: Mon May 7 01:25:16 2012
New Revision: 1334853
URL: http://svn.apache.org/viewvc?rev=1334853&view=rev
Log:
xforms
Added:
httpd/site/trunk/content/info/index.mdtext
- copied, changed from r1334852, httpd/site/trunk/content/info/index.xml
httpd/site/trunk/content/mod_mbox/ref.mdtext
- copied, changed from r1334852, httpd/site/trunk/content/mod_mbox/ref.xml
httpd/site/trunk/content/mod_smtpd/index.mdtext
- copied, changed from r1334852, httpd/site/trunk/content/mod_smtpd/index.xml
httpd/site/trunk/content/mod_smtpd/install.mdtext
- copied, changed from r1334852, httpd/site/trunk/content/mod_smtpd/install.xml
httpd/site/trunk/content/security/impact_levels.mdtext
- copied, changed from r1334852, httpd/site/trunk/content/security/impact_levels.xml
Removed:
httpd/site/trunk/content/info/index.xml
httpd/site/trunk/content/mod_mbox/ref.xml
httpd/site/trunk/content/mod_smtpd/index.xml
httpd/site/trunk/content/mod_smtpd/install.xml
httpd/site/trunk/content/security/impact_levels.xml
Copied: httpd/site/trunk/content/info/index.mdtext (from r1334852, httpd/site/trunk/content/info/index.xml)
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/info/index.mdtext?p2=httpd/site/trunk/content/info/index.mdtext&p1=httpd/site/trunk/content/info/index.xml&r1=1334852&r2=1334853&rev=1334853&view=diff
==============================================================================
--- httpd/site/trunk/content/info/index.xml (original)
+++ httpd/site/trunk/content/info/index.mdtext Mon May 7 01:25:16 2012
@@ -1,45 +1,44 @@
-<document>
- <properties>
- <author email="docs@httpd.apache.org">Documentation Group</author>
- <title>Apache HTTP Server Miscellaneous Information</title>
- </properties>
-<body>
-
-<section>
-<title>Other Information</title>
-
-<section id="library">
-<title>Project Library</title>
-<p>The <a href="../library/">Project Library</a> contains links to
-various documents and resources relevant to the Apache Web server.</p>
-</section>
-
-<section id="css-security">
-<title>Cross Site Scripting security problem</title>
-<p><a href="css-security/">Information</a> on a security vulnerability resulting from the interaction
-between client-side scripting and server-side dynamic content.</p>
-</section>
-
-<section id="dev">
-<title>Apache HTTP Server Development Site</title>
-<p>The <a href="../dev/">Apache development section</a> includes
-information for Apache developers and folks interested in testing
-development releases of Apache software.</p>
-</section>
-
-<section id="books">
-<title>Apache HTTP Server Books</title>
-<p>list of books written about the Apache HTTP Server can be found on
-<a href="http://www.apachebookstore.com/">www.apachebookstore.com</a></p>
-</section>
-
-<section id="mirror">
-<title>How to mirror</title>
-<p>A <a href="http://www.apache.org/info/how-to-mirror.html">description</a>
-of how to setup your site as an Apache mirror.</p>
-</section>
+Title: Apache HTTP Server Miscellaneous Information
+Notice: Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+ .
+ http://www.apache.org/licenses/LICENSE-2.0
+ .
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+
+# Project Library # {#library}
+
+The [Project Library](../library/) contains links to various documents and
+resources relevant to the Apache Web server.
+
+# Cross Site Scripting security problem # {#css-security}
+
+[Information](css-security/) on a security vulnerability resulting from the
+interaction between client-side scripting and server-side dynamic content.
+
+# Apache HTTP Server Development Site # {#dev}
+
+The [Apache development section](../dev/) includes information for Apache
+developers and folks interested in testing development releases of Apache
+software.
+
+# Apache HTTP Server Books # {#books}
-</section>
+list of books written about the Apache HTTP Server can be found on
+[www.apachebookstore.com](http://www.apachebookstore.com/)
+
+# How to mirror # {#mirror}
+
+A [description](http://www.apache.org/info/how-to-mirror.html) of how to
+setup your site as an Apache mirror.
-</body>
-</document>
Copied: httpd/site/trunk/content/mod_mbox/ref.mdtext (from r1334852, httpd/site/trunk/content/mod_mbox/ref.xml)
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/mod_mbox/ref.mdtext?p2=httpd/site/trunk/content/mod_mbox/ref.mdtext&p1=httpd/site/trunk/content/mod_mbox/ref.xml&r1=1334852&r2=1334853&rev=1334853&view=diff
==============================================================================
--- httpd/site/trunk/content/mod_mbox/ref.xml (original)
+++ httpd/site/trunk/content/mod_mbox/ref.mdtext Mon May 7 01:25:16 2012
@@ -1,132 +1,95 @@
-<?xml version="1.0" encoding="iso-8859-1"?>
-<document>
- <properties>
- <author email="dev@httpd.apache.org">HTTPd developers</author>
- <title>mod_mbox - Mailing list archives browser</title>
- </properties>
-<body>
-
-<section>
- <title>Reference documentation</title>
- <p>
- In order to run properly, <tt>mod_mbox</tt> needs some
- configuration. Here follows a list and description of all
- configuration directives understood by <tt>mod_mbox</tt>.
- </p>
-</section>
+Title: mod_mbox - Mailing list archives browser
+Notice: Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+ .
+ http://www.apache.org/licenses/LICENSE-2.0
+ .
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+
+# Reference documentation #
+
+In order to run properly, `mod_mbox` needs some configuration. Here follows
+a list and description of all configuration directives understood by
+`mod_mbox`.
-<section>
- <title>MboxIndex Directive</title>
+# MboxIndex Directive #
- <p>Activate <tt>mod_mbox</tt> index.</p>
-
- <pre><code>
+Activate `mod_mbox` index.
+<pre>
MboxIndex On|Off
- </code></pre>
-
- <p>
- Setting this option to <i>On</i> will tell <tt>mod_mbox</tt> to
- handle directory listing. This will display a nice web page with
- mailing list information, links to each month and the message
- count for each mailbox.
- </p>
-
- <p>Default is <i>Off</i></p>
-</section>
+</pre>
+Setting this option to *On* will tell `mod_mbox` to handle directory
+listing. This will display a nice web page with mailing list information,
+links to each month and the message count for each mailbox.
-<section>
- <title>MboxRootPath Directive</title>
+Default is *Off*
- <p>Set archives root directory.</p>
+# MboxRootPath Directive #
- <pre><code>
+Set archives root directory.
+<pre>
MboxRootPath /archives/
- </code></pre>
+</pre>
+Specify the mail archives root directory, relative to webserver's
+`DocumentRoot`. When set, `mod_mbox` will add *Site Index* link on
+generated webpages, letting the user fall back to the list of mailing list
+archives hosted on the server.
- <p>
- Specify the mail archives root directory, relative to webserver's
- <tt>DocumentRoot</tt>. When set, <tt>mod_mbox</tt> will add
- <i>Site Index</i> link on generated webpages, letting the user
- fall back to the list of mailing list archives hosted on the
- server.
- </p>
-</section>
+# MboxStyle Directive #
-<section>
- <title>MboxStyle Directive</title>
-
- <p>Set archives stylesheet file.</p>
-
- <pre><code>
+Set archives stylesheet file.
+<pre>
MboxStyle /archives/style.css
- </code></pre>
-
- <p>
- When set, <tt>mod_mbox</tt> will use this stylesheet file. The
- path is relative to the webserver's <tt>DocumentRoot</tt>. This is
- highly recommended since the dynamic browser won't work as
- expected without a correct stylesheet.
- </p>
-
- <p>
- The ASF's default stylesheet is bundled with <tt>mod_mbox</tt>
- sources and releases. Using it is generally a good start.
- </p>
-</section>
+</pre>
+When set, `mod_mbox` will use this stylesheet file. The path is relative to
+the webserver's `DocumentRoot`. This is highly recommended since the
+dynamic browser won't work as expected without a correct stylesheet.
-<section>
- <title>MboxScript Directive</title>
+The ASF's default stylesheet is bundled with `mod_mbox` sources and
+releases. Using it is generally a good start.
- <p>Set <tt>mod_mbox</tt>'s javascript file.</p>
+# MboxScript Directive #
- <pre><code>
+Set `mod_mbox` 's javascript file.
+<pre>
MboxScript /archives/archives.js
- </code></pre>
+</pre>
+When set, you will be able to use `mod_mbox` 's dynamic browsing interface,
+an AJAX (Asynchronous Javascript and XML) application. A working javascript
+file is bundled with `mod_mbox` , don't forget to copy it if you want to
+use it !
- <p>
- When set, you will be able to use <tt>mod_mbox</tt>'s dynamic
- browsing interface, an AJAX (Asynchronous Javascript and XML)
- application. A working javascript file is bundled with
- <tt>mod_mbox</tt>, don't forget to copy it if you want to use it !
- </p>
-</section>
+# MboxHideEmpty Directive #
-<section>
- <title>MboxHideEmpty Directive</title>
-
- <p>Hide empty mailboxes from index listing.</p>
-
- <pre><code>
+Hide empty mailboxes from index listing.
+<pre>
MboxHideEmpty On|Off
- </code></pre>
-
- <p>
- This directive tells <tt>mod_mbox</tt> to hide empty (with zero
- message) mailboxes from his index listings.
- </p>
+</pre>
+This directive tells `mod_mbox` to hide empty (with zero message) mailboxes
+from his index listings.
- <p>Default is <i>On</i></p>
-</section>
+Default is *On*
-<section>
- <title>MboxAntispam Directive</title>
+# MboxAntispam Directive #
- <p>Enable email obfuscation.</p>
-
- <pre><code>
+Enable email obfuscation.
+<pre>
MboxAntispam On|Off
- </code></pre>
-
- <p>
- This directive tells <tt>mod_mbox</tt> to enable a
- content-destructive email obfuscation, thus avoiding spam to
- mailing list users. For exemple,
- <tt>localpart@localdomain.com</tt> will be converted to
- <tt>localp...@localdomain.com</tt>.
- </p>
+</pre>
+This directive tells `mod_mbox` to enable a content-destructive email
+obfuscation, thus avoiding spam to mailing list users. For exemple,
+`localpart@localdomain.com` will be converted to
+`localp...@localdomain.com`.
- <p>Default is <i>On</i></p>
-</section>
+Default is *On*
-</body>
-</document>
Copied: httpd/site/trunk/content/mod_smtpd/index.mdtext (from r1334852, httpd/site/trunk/content/mod_smtpd/index.xml)
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/mod_smtpd/index.mdtext?p2=httpd/site/trunk/content/mod_smtpd/index.mdtext&p1=httpd/site/trunk/content/mod_smtpd/index.xml&r1=1334852&r2=1334853&rev=1334853&view=diff
==============================================================================
--- httpd/site/trunk/content/mod_smtpd/index.xml (original)
+++ httpd/site/trunk/content/mod_smtpd/index.mdtext Mon May 7 01:25:16 2012
@@ -1,85 +1,74 @@
-<?xml version="1.0" encoding="iso-8859-1"?>
-<document>
- <properties>
- <author email="dev@httpd.apache.org">HTTPd developers</author>
- <title>mod_smtpd - Modular SMTP Server for Apache 2.2</title>
- </properties>
-<body>
-
-<section>
- <title>Introduction</title>
- <p>
- <tt>mod_smtpd</tt> is a modular SMTP server similar in spirit to
- <a href="http://smtpd.develooper.com">qpsmtpd</a>.
- </p>
- <p>
- For developers it offers a dependable
- platform to quickly write a custom SMTP application
- without the burdens of portability, protocol, daemonization and/or
- process scheduling.
- </p>
- <p>For system administrators it precludes the need for
- a separate SMTP daemon and also allows for simple replacement of SMTP backend
- without having to switch SMTP daemons (just load a different queue module!).
- </p>
- <p>Features Include:</p>
- <ul>
- <li>Simple yet advanced plugin system based on Apache hooks.</li>
- <li>Close to nothing built in. All functionality is required by plugins.</li>
- <li>Use of Apache filters for the SMTP "DATA" command.</li>
- </ul>
-</section>
-
-<section>
- <title>Get It!</title>
-
- <p>
- <tt>mod_smtpd</tt> hasn't been released yet. It is still alpha quality and
- isn't ready for production use. If you'd like to try it out
- development of mod_smtpd can be followed through the
- <a href="http://subversion.apache.org/">Subversion</a>
- repositories. For public access you can use :
- </p>
-
- <code>
- % svn checkout http://svn.apache.org/repos/asf/httpd/mod_smtpd/trunk/ mod_smtpd
- </code>
-</section>
-
-<section>
- <title>Documentation</title>
- <ul>
- <li><a href="install.html">Installation instructions</a></li>
- <li>More documentation coming soon!</li>
- </ul>
-</section>
-
-<section>
- <title>Mailing Lists</title>
- <p>
- Discussions on <tt>mod_smtpd</tt> take place on the main HTTPd development
- mailing list.
- </p>
-
- <ul type="square">
- <li>
- <a href="mailto:dev-subscribe@httpd.apache.org">dev@httpd.apache.org</a>
- - module development (<a href="http://mail-archives.apache.org/mod_mbox/httpd-dev/">archives</a>).
- </li>
- <li>
- <a href="mailto:cvs-subscribe@httpd.apache.org">cvs@httpd.apache.org</a>
- - svn commit logs for httpd, including mod_mbox
- (<a href="http://mail-archives.apache.org/mod_mbox/httpd-cvs/">archives</a>).
- </li>
- </ul>
-</section>
-
-<section>
- <title>History</title>
- <p>
- <tt>mod_smtpd</tt> started life as a 2005 Google Summer of Code project.
- </p>
-</section>
+Title: mod_smtpd - Modular SMTP Server for Apache 2.2
+Notice: Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+ .
+ http://www.apache.org/licenses/LICENSE-2.0
+ .
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+
+# Introduction #
+
+`mod_smtpd` is a modular SMTP server similar in spirit to
+[qpsmtpd](http://smtpd.develooper.com).
+
+For developers it offers a dependable platform to quickly write a custom
+SMTP application without the burdens of portability, protocol,
+daemonization and/or process scheduling.
+
+For system administrators it precludes the need for a separate SMTP daemon
+and also allows for simple replacement of SMTP backend without having to
+switch SMTP daemons (just load a different queue module!).
+
+Features Include:
+
+- Simple yet advanced plugin system based on Apache hooks.
+
+- Close to nothing built in. All functionality is required by plugins.
+
+- Use of Apache filters for the SMTP "DATA" command.
+
+# Get It! #
+
+`mod_smtpd` hasn't been released yet. It is still alpha quality and isn't
+ready for production use. If you'd like to try it out development of
+mod_smtpd can be followed through the
+[Subversion](http://subversion.apache.org/) repositories. For public access
+you can use :
+`
+ % svn checkout http://svn.apache.org/repos/asf/httpd/mod_smtpd/trunk/
+ mod_smtpd
+ `
+
+# Documentation #
+
+- [Installation instructions](install.html)
+
+- More documentation coming soon!
+
+# Mailing Lists #
+
+Discussions on `mod_smtpd` take place on the main HTTPd development mailing
+list.
+
+- [dev@httpd.apache.org](mailto:dev-subscribe@httpd.apache.org) - module
+development (
+[archives](http://mail-archives.apache.org/mod_mbox/httpd-dev/) ).
+
+- [cvs@httpd.apache.org](mailto:cvs-subscribe@httpd.apache.org) - svn
+commit logs for httpd, including mod_mbox (
+[archives](http://mail-archives.apache.org/mod_mbox/httpd-cvs/) ).
+
+# History #
+
+`mod_smtpd` started life as a 2005 Google Summer of Code project.
-</body>
-</document>
Copied: httpd/site/trunk/content/mod_smtpd/install.mdtext (from r1334852, httpd/site/trunk/content/mod_smtpd/install.xml)
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/mod_smtpd/install.mdtext?p2=httpd/site/trunk/content/mod_smtpd/install.mdtext&p1=httpd/site/trunk/content/mod_smtpd/install.xml&r1=1334852&r2=1334853&rev=1334853&view=diff
==============================================================================
--- httpd/site/trunk/content/mod_smtpd/install.xml (original)
+++ httpd/site/trunk/content/mod_smtpd/install.mdtext Mon May 7 01:25:16 2012
@@ -1,98 +1,68 @@
-<?xml version="1.0" encoding="iso-8859-1"?>
-<document>
- <properties>
- <author email="dev@httpd.apache.org">HTTPd developers</author>
- <title>mod_smtpd - Modular SMTP Server for Apache 2.2 Installation</title>
- </properties>
-<body>
-
-<section>
- <title>Installation instructions</title>
- <p>
- <tt>mod_smtpd</tt> is very easy to install and setup. First, we
- need to build the module and make the Apache HTTPd webserver load
- it. Then, we'll setup our archives repository and complete
- Apache's configuration.
- </p>
-
- <p>
- <tt>mod_smtpd</tt> has, of course, some requirements :
- </p>
-
- <ul>
- <li>Apache HTTPd >= 2.2 (<tt>mod_smtpd</tt> has been tested succesfully with Apache 2.2.0 and 2.3.0-dev)</li>
- <li>APR and APR-Util >= 0.9</li>
- <li>libapreq2</li>
- </ul>
-</section>
-
-<section>
- <title>Download and build</title>
- <p>
- Checkout sources via Subversion :
- </p>
-
- <code>
- svn checkout https://svn.apache.org/repos/asf/httpd/mod_smtpd/trunk mod_smtpd
- </code>
-
- <p>
- Then, build <tt>mod_smtpd</tt> :
- </p>
-
- <code>
- ./autogen.sh<br />
- ./configure<br />
- make clean all<br />
- su -c 'make install'
- </code>
-
- <p>
- Refer to the configure help (<tt>./configure --help</tt>) if you
- need a to specify an installation prefix (<tt>--prefix=...</tt>)
- or any other specific setup.
- </p>
-</section>
-
-<section>
- <title>Preliminary Apache setup</title>
- <p>
- The next step is to make Apache HTTPd load the <tt>mod_smtpd</tt>
- module at runtime. Edit your Apache configuration file, and add
- the following to the rest of the <tt>LoadModule</tt> lines :
- </p>
-
- <code>
+Title: mod_smtpd - Modular SMTP Server for Apache 2.2 Installation
+Notice: Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+ .
+ http://www.apache.org/licenses/LICENSE-2.0
+ .
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+
+# Installation instructions #
+
+`mod_smtpd` is very easy to install and setup. First, we need to build the
+module and make the Apache HTTPd webserver load it. Then, we'll setup our
+archives repository and complete Apache's configuration.
+
+`mod_smtpd` has, of course, some requirements :
+
+- Apache HTTPd >= 2.2 ( `mod_smtpd` has been tested succesfully with
+Apache 2.2.0 and 2.3.0-dev)
+
+- APR and APR-Util >= 0.9
+
+- libapreq2
+
+# Download and build #
+
+Checkout sources via Subversion :
+`
+ svn checkout https://svn.apache.org/repos/asf/httpd/mod_smtpd/trunk
+ mod_smtpd
+ `
+Then, build `mod_smtpd` :
+<code>./autogen.sh<br></br>./configure<br></br>make clean all<br></br>su -c
+'make install'</code>
+Refer to the configure help ( `./configure --help` ) if you need a to
+specify an installation prefix ( `--prefix=...` ) or any other specific
+setup.
+
+# Preliminary Apache setup #
+
+The next step is to make Apache HTTPd load the `mod_smtpd` module at
+runtime. Edit your Apache configuration file, and add the following to the
+rest of the `LoadModule` lines :
+`
LoadModule smtpd_module /usr/lib/apache2/modules/mod_smtpd.so
- </code>
+ `
+Or replace that directory with your default Apache 2.2 install directory.
- <p>
- Or replace that directory with your default Apache 2.2 install directory.
- </p>
-</section>
-
-<section>
- <title>mod_smtpd configuration</title>
- <p>
- You now need to configure Apache to run mod_smtpd whenever a network
- connection comes in. We recommend this virtual host setup:
- </p>
-
- <code>
- NameVirtualHost *:80<br />
- NameVirtualHost *:25<br />
- <br />
- <VirtualHost *:80><br />
- # your webserver configuration here<br />
- </VirtualHost ><br />
- <br />
- <VirtualHost *:25><br />
- ServerName localhost # or whatever desired<br />
- SmtpProtocol On<br />
- # addition mod_smtpd or associated plugin configuration here<br />
- </VirtualHost ><br />
- </code>
-</section>
+# mod_smtpd configuration #
-</body>
-</document>
+You now need to configure Apache to run mod_smtpd whenever a network
+connection comes in. We recommend this virtual host setup:
+<code>NameVirtualHost *:80<br></br>NameVirtualHost
+*:25<br></br><br></br><VirtualHost *:80><br></br># your webserver
+configuration here<br></br></VirtualHost
+><br></br><br></br><VirtualHost *:25><br></br>ServerName localhost
+# or whatever desired<br></br>SmtpProtocol On<br></br># addition mod_smtpd
+or associated plugin configuration here<br></br></VirtualHost
+><br></br></code>
Copied: httpd/site/trunk/content/security/impact_levels.mdtext (from r1334852, httpd/site/trunk/content/security/impact_levels.xml)
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/impact_levels.mdtext?p2=httpd/site/trunk/content/security/impact_levels.mdtext&p1=httpd/site/trunk/content/security/impact_levels.xml&r1=1334852&r2=1334853&rev=1334853&view=diff
==============================================================================
--- httpd/site/trunk/content/security/impact_levels.xml (original)
+++ httpd/site/trunk/content/security/impact_levels.mdtext Mon May 7 01:25:16 2012
@@ -1,70 +1,68 @@
-<?xml version="1.0"?>
-<document>
-<properties>
-<author email="security@httpd.apache.org">Security Group</author>
-<title>Summary of security impact levels</title>
-</properties>
-
-<body>
-<section id="top">
- <title>Summary of security impact levels for Apache httpd</title>
-
-<p>The Apache Security Team rates the impact of each security flaw
-that affects the Apache web server. We've chosen a rating scale quite
-similar to those used by other major vendors in order to be
-consistent. Basically the goal of the rating system is to answer the
-question "How worried should I be about this vulnerability?". </p>
-
-<p>Note that the rating chosen for each flaw is the worst possible
-case across all architectures. In the past for example we've had
-flaws that have a Critical impact on some BSD architectures, whilst no
-real impact on others. To determine the exact impact of a
-particular vulnerability on your own systems you will still need to
-read the security advisories to find out more about the flaw.</p>
-
-<p>We use the following descriptions
-to decide on the impact rating to give each vulnerability:</p>
-
-</section>
-
-<section id="Critical">
- <title>Critical</title>
-<p>A vulnerability rated with a Critical impact is one which could
-potentially be exploited by a remote attacker to get Apache to execute
-arbitrary code (either as the user the server is running as, or root). These
-are the sorts of vulnerabilities that could be exploited automatically
-by worms.
-</p>
-</section>
-
-<section id="Important">
- <title>Important</title>
-<p>A vulnerability rated as Important impact is one which could result
-in the compromise of data or availability of the server. For the
-Apache web server this includes issues that allow an easy remote
-denial of service (something that is out of proportion to the attack
-or with a lasting consequence), access to arbitrary files outside of the
-document root, or access to files that should be otherwise prevented by
-limits or authentication.</p>
-</section>
-
-<section id="Moderate">
- <title>Moderate</title>
-<p>A vulnerability is likely to be rated as Moderate if there is
-significant mitigation to make the issue less of an impact. This
-might be because the flaw does not affect likely configurations, or it
-is a configuration that isn't widely used, or where a remote user
-must be authenticated in order to exploit the issue. Flaws that
-allow Apache to serve directory listings instead of index files are
-included here, as are flaws that might crash an Apache child process
-in Apache 1.3</p>
-</section>
-
-<section id="Low">
- <title>Low</title>
-<p>All other security flaws are classed as a Low impact. This rating
-is used for issues that are believed to be extremely hard to
-exploit, or where an exploit gives minimal consequences.</p>
-</section>
-</body>
-</document>
+Title: Summary of security impact levels
+Notice: Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+ .
+ http://www.apache.org/licenses/LICENSE-2.0
+ .
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+
+# Summary of security impact levels for Apache httpd # {#top}
+
+The Apache Security Team rates the impact of each security flaw that
+affects the Apache web server. We've chosen a rating scale quite similar to
+those used by other major vendors in order to be consistent. Basically the
+goal of the rating system is to answer the question "How worried should I
+be about this vulnerability?".
+
+Note that the rating chosen for each flaw is the worst possible case across
+all architectures. In the past for example we've had flaws that have a
+Critical impact on some BSD architectures, whilst no real impact on others.
+To determine the exact impact of a particular vulnerability on your own
+systems you will still need to read the security advisories to find out
+more about the flaw.
+
+We use the following descriptions to decide on the impact rating to give
+each vulnerability:
+
+# Critical # {#Critical}
+
+A vulnerability rated with a Critical impact is one which could potentially
+be exploited by a remote attacker to get Apache to execute arbitrary code
+(either as the user the server is running as, or root). These are the sorts
+of vulnerabilities that could be exploited automatically by worms.
+
+# Important # {#Important}
+
+A vulnerability rated as Important impact is one which could result in the
+compromise of data or availability of the server. For the Apache web server
+this includes issues that allow an easy remote denial of service (something
+that is out of proportion to the attack or with a lasting consequence),
+access to arbitrary files outside of the document root, or access to files
+that should be otherwise prevented by limits or authentication.
+
+# Moderate # {#Moderate}
+
+A vulnerability is likely to be rated as Moderate if there is significant
+mitigation to make the issue less of an impact. This might be because the
+flaw does not affect likely configurations, or it is a configuration that
+isn't widely used, or where a remote user must be authenticated in order to
+exploit the issue. Flaws that allow Apache to serve directory listings
+instead of index files are included here, as are flaws that might crash an
+Apache child process in Apache 1.3
+
+# Low # {#Low}
+
+All other security flaws are classed as a Low impact. This rating is used
+for issues that are believed to be extremely hard to exploit, or where an
+exploit gives minimal consequences.
+