httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From traw...@apache.org
Subject cvs commit: httpd-site/docs index.html
Date Tue, 29 Jun 2004 00:03:08 GMT
trawick     2004/06/28 17:03:08

  Modified:    docs     index.html
  Log:
  publish the CAN-2004-0493 patch
  
  Revision  Changes    Path
  1.77      +23 -0     httpd-site/docs/index.html
  
  Index: index.html
  ===================================================================
  RCS file: /home/cvs/httpd-site/docs/index.html,v
  retrieving revision 1.76
  retrieving revision 1.77
  diff -u -r1.76 -r1.77
  --- index.html	29 May 2004 22:55:44 -0000	1.76
  +++ index.html	29 Jun 2004 00:03:08 -0000	1.77
  @@ -94,6 +94,29 @@
              <table border="0" cellspacing="0" cellpadding="2" width="100%">
    <tr><td bgcolor="#525D76">
     <font color="#ffffff" face="arial,helvetica,sanserif">
  +   <a name="bugnotice"><strong>Important Security Patch for 2.0</strong></a>
  +  </font>
  + </td></tr>
  + <tr><td>
  +  <blockquote>
  +<p>Vulnerability <a
  +href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0493">CAN-2004-0493</a>
  +has been announced by its discoverer, before 2.0.50 could be
  +released.  It is a remote exploit which allows an
  +attacker to cause the server to allocate increasing amounts of memory
  +until system memory is exhausted or until process limits are reached,
  +depending on the platform and configuration.</p>
  +<p>This problem will be resolved in 2.0.50.  To resolve this problem
  +with 2.0.47, 2.0.48 or 2.0.49, apply the patch at <a
  +href="http://www.apache.org/dist/httpd/patches/apply_to_2.0.49/CAN-2004-0493.patch">
  +http://www.apache.org/dist/httpd/patches/apply_to_2.0.49/CAN-2004-0493.patch</a>.</p>
  +<p>The patch has not been tested with earlier releases.</p>
  +  </blockquote>
  + </td></tr>
  +</table>
  +           <table border="0" cellspacing="0" cellpadding="2" width="100%">
  + <tr><td bgcolor="#525D76">
  +  <font color="#ffffff" face="arial,helvetica,sanserif">
      <a name="bugnotice"><strong>Important Bug Workaround for 2.0.48 and 1.3.29</strong></a>
     </font>
    </td></tr>
  
  
  

Mime
View raw message