community-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bertrand Delacretaz <>
Subject Re: Cross-project blog post?
Date Wed, 20 Jul 2016 09:37:29 GMT
On Tue, Jul 19, 2016 at 8:02 PM, William A Rowe Jr <> wrote:
> What if we digest the audience and list the scope (different projects which
> are impacted/offering mitigations) in a more conversational tone, mention
> the httpoxy URL and just point the reader to
> for all the
> detailed workarounds we've offered?...

That sounds good to me, here's a minimal suggestion that we might
publish at unless you want
something more complete.

Title: "httpoxy" CGI vulnerability response

A group of ASF projects (HTTP, Tomcat, Traffic Server, Perl) has
analyzed the CGI application vulnerability recently published at

Their detailed analysis, targeted at Web server administrators and CGI
developers and including mitigation information, can be found at


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message