httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From j..@apache.org
Subject cvs commit: httpd-site/xdocs index.xml
Date Thu, 21 Oct 2004 12:49:50 GMT
jim         2004/10/21 05:49:50

  Modified:    docs     index.html
               xdocs    index.xml
  Log:
  preload 1.3.32
  
  Revision  Changes    Path
  1.92      +7 -20     httpd-site/docs/index.html
  
  Index: index.html
  ===================================================================
  RCS file: /home/cvs/httpd-site/docs/index.html,v
  retrieving revision 1.91
  retrieving revision 1.92
  diff -u -r1.91 -r1.92
  --- index.html	16 Oct 2004 16:18:46 -0000	1.91
  +++ index.html	21 Oct 2004 12:49:50 -0000	1.92
  @@ -204,38 +204,25 @@
              <table border="0" cellspacing="0" cellpadding="2" width="100%">
    <tr><td bgcolor="#525D76">
     <font color="#ffffff" face="arial,helvetica,sanserif">
  -   <a name="1.3.31"><strong>Apache 1.3.31 Released</strong></a>
  +   <a name="1.3.32"><strong>Apache 1.3.32 Released</strong></a>
     </font>
    </td></tr>
    <tr><td>
     <blockquote>
   <p>The Apache Group is pleased to announce the <a href="http://www.apache.org/dist/httpd/Announcement.html">release
of the 
  -1.3.31 version of the Apache HTTP Server</a>.
  +1.3.32 version of the Apache HTTP Server</a>.
   </p>
   <p>This version of Apache is principally a security and bug fix
  -release.  Of particular note is that 1.3.31 addresses and fixes the
  -following 4 security related issues:</p>
  -<p>In <code>mod_digest</code>, verify whether the nonce returned in the
client 
  -       response is one we issued ourselves.  This problem does not affect
  -       <code>mod_auth_digest</code>.<br. />
  -       <code>[<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0987">CAN-2003-0987
(cve.mitre.org)</a>]</code></p>
  -<p>Escape arbitrary data before writing into the errorlog.<br />
  -       <code>[<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0020">CAN-2003-0020
(cve.mitre.org)</a>]</code></p>
  -<p>Fix starvation issue on listening sockets where a short-lived
  -       connection on a rarely-accessed listening socket will cause a
  -       child to hold the accept mutex and block out new connections until
  -       another connection arrives on that rarely-accessed listening socket.<br />
  -       <code>[<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0174">CAN-2004-0174
(cve.mitre.org)</a>]</code></p>
  -<p>Fix parsing of Allow/Deny rules using IP addresses without a
  -       netmask; issue is only known to affect big-endian 64-bit
  -       platforms<br />
  -       <code>[<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0993">CAN-2003-0993
(cve.mitre.org)</a>]</code></p>
  +release.  Of particular note is that 1.3.32 addresses and fixes the
  +following 1 security related issue:</p>
  +<p>Reject responses from a remote server if sent an invalid (negative) Content-Length.<br.
/>
  +       <code>[<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492">CAN-2004-0492
(cve.mitre.org)</a>]</code></p>
   <p align="center">
   
   <a href="download.cgi">Download</a> | 
   <a href="docs/windows.html">Apache for Win32</a> |
   <a href="docs/new_features_1_3.html">New Features in Apache 1.3</a> |
  -<a href="http://www.apache.org/dist/httpd/CHANGES_1.3">ChangeLog for 1.3.31</a>
  +<a href="http://www.apache.org/dist/httpd/CHANGES_1.3">ChangeLog for 1.3.32</a>
   </p>
     </blockquote>
    </td></tr>
  
  
  
  1.68      +8 -24     httpd-site/xdocs/index.xml
  
  Index: index.xml
  ===================================================================
  RCS file: /home/cvs/httpd-site/xdocs/index.xml,v
  retrieving revision 1.67
  retrieving revision 1.68
  diff -u -r1.67 -r1.68
  --- index.xml	16 Oct 2004 16:18:50 -0000	1.67
  +++ index.xml	21 Oct 2004 12:49:50 -0000	1.68
  @@ -182,43 +182,27 @@
   
   </section>
   
  -<section id="1.3.31">
  -<title>Apache 1.3.31 Released</title>
  +<section id="1.3.32">
  +<title>Apache 1.3.32 Released</title>
   
   <p>The Apache Group is pleased to announce the <a 
   href="http://www.apache.org/dist/httpd/Announcement.html">release of the 
  -1.3.31 version of the Apache HTTP Server</a>.
  +1.3.32 version of the Apache HTTP Server</a>.
   </p>
   
   <p>This version of Apache is principally a security and bug fix
  -release.  Of particular note is that 1.3.31 addresses and fixes the
  -following 4 security related issues:</p>
  +release.  Of particular note is that 1.3.32 addresses and fixes the
  +following 1 security related issue:</p>
   
  -<p>In <code>mod_digest</code>, verify whether the nonce returned in the
client 
  -       response is one we issued ourselves.  This problem does not affect
  -       <code>mod_auth_digest</code>.<br./>
  -       <code>[<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0987">CAN-2003-0987
(cve.mitre.org)</a>]</code></p>
  -
  -<p>Escape arbitrary data before writing into the errorlog.<br/>
  -       <code>[<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0020">CAN-2003-0020
(cve.mitre.org)</a>]</code></p>
  -
  -<p>Fix starvation issue on listening sockets where a short-lived
  -       connection on a rarely-accessed listening socket will cause a
  -       child to hold the accept mutex and block out new connections until
  -       another connection arrives on that rarely-accessed listening socket.<br/>
  -       <code>[<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0174">CAN-2004-0174
(cve.mitre.org)</a>]</code></p>
  -
  -<p>Fix parsing of Allow/Deny rules using IP addresses without a
  -       netmask; issue is only known to affect big-endian 64-bit
  -       platforms<br/>
  -       <code>[<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0993">CAN-2003-0993
(cve.mitre.org)</a>]</code></p>
  +<p>Reject responses from a remote server if sent an invalid (negative) Content-Length.<br./>
  +       <code>[<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492">CAN-2004-0492
(cve.mitre.org)</a>]</code></p>
   
   <p align="center">
   
   <a href="download.cgi">Download</a> | 
   <a href="docs/windows.html">Apache for Win32</a> |
   <a href="docs/new_features_1_3.html">New Features in Apache 1.3</a> |
  -<a href="http://www.apache.org/dist/httpd/CHANGES_1.3">ChangeLog for 1.3.31</a>
  +<a href="http://www.apache.org/dist/httpd/CHANGES_1.3">ChangeLog for 1.3.32</a>
   </p>
   </section>
   
  
  
  

Mime
View raw message