Mailing-List: contact commits-help@couchdb.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@couchdb.apache.org
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: djc@apache.org
To: commits@couchdb.apache.org
Date: Tue, 15 Apr 2014 07:13:41 -0000
Message-Id: <2ab5f763bd9b4f4092e157975fb83fbe@git.apache.org>
Subject: [1/3] couchdb commit: updated refs/heads/1.6.x to cd5220f

Repository: couchdb
Updated Branches:
  refs/heads/1.6.x 12f745c43 -> cd5220ff6


Add documentation for CVE-2014-2668


Project: http://git-wip-us.apache.org/repos/asf/couchdb/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/9be8f97a
Tree: http://git-wip-us.apache.org/repos/asf/couchdb/tree/9be8f97a
Diff: http://git-wip-us.apache.org/repos/asf/couchdb/diff/9be8f97a

Branch: refs/heads/1.6.x
Commit: 9be8f97a75f75fa7f33fac8c1a65e26b886121c7
Parents: 12f745c
Author: Alexander Shorin <kxepal@apache.org>
Authored: Tue Apr 15 09:11:00 2014 +0200
Committer: Dirkjan Ochtman <dirkjan@ochtman.nl>
Committed: Tue Apr 15 09:11:00 2014 +0200

----------------------------------------------------------------------
 share/doc/src/cve/2014-2668.rst | 54 ++++++++++++++++++++++++++++++++++++
 1 file changed, 54 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/couchdb/blob/9be8f97a/share/doc/src/cve/2014-2668.rst
----------------------------------------------------------------------
diff --git a/share/doc/src/cve/2014-2668.rst b/share/doc/src/cve/2014-2668.rst
new file mode 100644
index 0000000..5ccd2a4
--- /dev/null
+++ b/share/doc/src/cve/2014-2668.rst
@@ -0,0 +1,54 @@
+.. Licensed under the Apache License, Version 2.0 (the "License"); you may not
+.. use this file except in compliance with the License. You may obtain a copy of
+.. the License at
+..
+..   http://www.apache.org/licenses/LICENSE-2.0
+..
+.. Unless required by applicable law or agreed to in writing, software
+.. distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+.. WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+.. License for the specific language governing permissions and limitations under
+.. the License.
+
+
+.. _cve/2014-2668:
+
+==================================================================================
+CVE-2014-2668: DoS (CPU and memory consumption) via the count parameter to /_uuids
+==================================================================================
+
+:Date: 26.03.2014
+
+:Affected: Apache CouchDB releases up to and including 1.3.1, 1.4.0,
+           and 1.5.0 are vulnerable.
+
+:Severity: Moderate
+
+:Vendor: The Apache Software Foundation
+
+Description
+===========
+
+The :ref:`api/server/uuids` resource's `count` query parameter is able to take
+unreasonable huge numeric value which leads to exhaustion of server resources
+(CPU and memory) and to DoS as the result.
+
+Mitigation
+==========
+
+Upgrade to a supported CouchDB release that includes this fix, such as:
+
+- :ref:`1.5.1 <release/1.5.1>`
+- :ref:`1.6.0 <release/1.6.0>`
+
+All listed releases have included a specific fix to
+
+Work-Around
+===========
+
+Disable the :ref:`api/server/uuids` handler completely, by adapting
+`local.ini` and restarting CouchDB::
+
+  [httpd_global_handlers]
+  _uuids =
+