Return-Path: Delivered-To: apmail-httpd-cvs-archive@www.apache.org Received: (qmail 7806 invoked from network); 19 Oct 2005 08:12:29 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 19 Oct 2005 08:12:29 -0000 Received: (qmail 71251 invoked by uid 500); 19 Oct 2005 08:12:29 -0000 Delivered-To: apmail-httpd-cvs-archive@httpd.apache.org Received: (qmail 71188 invoked by uid 500); 19 Oct 2005 08:12:27 -0000 Mailing-List: contact cvs-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list cvs@httpd.apache.org Received: (qmail 71168 invoked by uid 99); 19 Oct 2005 08:12:26 -0000 X-ASF-Spam-Status: No, hits=-9.4 required=10.0 tests=ALL_TRUSTED,NO_REAL_NAME X-Spam-Check-By: apache.org Received: from [209.237.227.194] (HELO minotaur.apache.org) (209.237.227.194) by apache.org (qpsmtpd/0.29) with SMTP; Wed, 19 Oct 2005 01:12:26 -0700 Received: (qmail 7402 invoked by uid 65534); 19 Oct 2005 08:12:05 -0000 Message-ID: <20051019081205.7401.qmail@minotaur.apache.org> Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: svn commit: r326454 - /httpd/httpd/trunk/CHANGES Date: Wed, 19 Oct 2005 08:12:05 -0000 To: cvs@httpd.apache.org From: mjc@apache.org X-Mailer: svnmailer-1.0.5 X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N Author: mjc Date: Wed Oct 19 01:12:00 2005 New Revision: 326454 URL: http://svn.apache.org/viewcvs?rev=326454&view=rev Log: Today a one-time change happens to all CAN- names as they are renamed to CVE-. Make this change to our changelog. Modified: httpd/httpd/trunk/CHANGES Modified: httpd/httpd/trunk/CHANGES URL: http://svn.apache.org/viewcvs/httpd/httpd/trunk/CHANGES?rev=326454&r1=326453&r2=326454&view=diff ============================================================================== --- httpd/httpd/trunk/CHANGES [utf-8] (original) +++ httpd/httpd/trunk/CHANGES [utf-8] Wed Oct 19 01:12:00 2005 @@ -52,7 +52,7 @@ trigger POLL_ERR or POLL_HUP on a terminated connection. PR 36951. [Jeff Trawick, Ruediger Pluem] - *) SECURITY: CAN-2005-2970 (cve.mitre.org) + *) SECURITY: CVE-2005-2970 (cve.mitre.org) worker MPM: Fix a memory leak which can occur after an aborted connection in some limited circumstances. [Greg Ames] @@ -85,7 +85,7 @@ listening ports upon graceful restart or stop. PR 28167. [Colm MacCarthaigh, Brian Pinkerton ] - *) SECURITY: CAN-2005-2700 (cve.mitre.org) + *) SECURITY: CVE-2005-2700 (cve.mitre.org) mod_ssl: Fix a security issue where "SSLVerifyClient" was not enforced in per-location context if "SSLVerifyClient optional" was configured in the vhost configuration. [Joe Orton] @@ -118,7 +118,7 @@ Changes with Apache 2.1.7 - *) SECURITY: CAN-2005-2491 (cve.mitre.org): + *) SECURITY: CVE-2005-2491 (cve.mitre.org): Fix integer overflows in PCRE in quantifier parsing which could be triggered by a local user through use of a carefully-crafted regex in an .htaccess file. [Philip Hazel] @@ -904,7 +904,7 @@ Changes with Apache 2.0.55 - *) SECURITY: CAN-2005-2088 (cve.mitre.org) + *) SECURITY: CVE-2005-2088 (cve.mitre.org) proxy: Correctly handle the Transfer-Encoding and Content-Length headers. Discard the request Content-Length whenever T-E: chunked is used, always passing one of either C-L or T-E: chunked whenever @@ -942,7 +942,7 @@ (or if it didn't succeed) for non-authoritative cases. [Jim Jagielski] - *) SECURITY: CAN-2005-2728 (cve.mitre.org) + *) SECURITY: CVE-2005-2728 (cve.mitre.org) Fix cases where the byterange filter would buffer responses into memory. PR 29962. [Joe Orton] @@ -960,7 +960,7 @@ *) mod_ssl: Fix build with OpenSSL 0.9.8. PR 35757. [William Rowe] - *) SECURITY: CAN-2005-2088 (cve.mitre.org) + *) SECURITY: CVE-2005-2088 (cve.mitre.org) core: If a request contains both Transfer-Encoding and Content-Length headers, remove the Content-Length, mitigating some HTTP Request Splitting/Spoofing attacks. [Paul Querna, Joe Orton] @@ -973,7 +973,7 @@ *) Prevent hangs of child processes when writing to piped loggers at the time of graceful restart. PR 26467. [Jeff Trawick] - *) SECURITY: CAN-2005-1268 (cve.mitre.org) + *) SECURITY: CVE-2005-1268 (cve.mitre.org) mod_ssl: Fix off-by-one overflow whilst printing CRL information at "LogLevel debug" which could be triggered if configured to use a "malicious" CRL. PR 35081. [Marc Stern ] @@ -1013,7 +1013,7 @@ slow to exit. [Joe Orton, Jeff Trawick] *) Remove formatting characters from ap_log_error() calls. These - were escaped as fallout from CAN-2003-0020. + were escaped as fallout from CVE-2003-0020. [Eric Covener ] *) mod_ssl: If SSLUsername is used, set r->user earlier. PR 31418. @@ -1102,11 +1102,11 @@ specified matches the value of the user object. PR 31913 [Ryan Morgan ] - *) SECURITY: CAN-2004-0942 (cve.mitre.org) + *) SECURITY: CVE-2004-0942 (cve.mitre.org) Fix for memory consumption DoS in handling of MIME folded request headers. [Joe Orton] - *) SECURITY: CAN-2004-0885 (cve.mitre.org) + *) SECURITY: CVE-2004-0885 (cve.mitre.org) mod_ssl: Fix a bug which allowed an SSLCipherSuite setting to be bypassed during an SSL renegotiation. PR 31505. [Hartmut Keil , Joe Orton] @@ -1148,7 +1148,7 @@ is causing a potential problem with the LDAP shared memory cache. PR 31431 [Graham Leggett] - *) SECURITY: CAN-2004-1834 (cve.mitre.org) + *) SECURITY: CVE-2004-1834 (cve.mitre.org) mod_disk_cache: Do not store hop-by-hop headers. [Justin Erenkrantz] *) Fix the re-linking issue when purging elements from the LDAP cache @@ -1171,7 +1171,7 @@ *) Fix a segfault in the LDAP cache when it is configured switched off. [Jess Holle ] - *) SECURITY: CAN-2004-0811 (cve.mitre.org) + *) SECURITY: CVE-2004-0811 (cve.mitre.org) Fix merging of the Satisfy directive, which was applied to the surrounding context and could allow access despite configured authentication. PR 31315. [Rici Lake ] @@ -1193,15 +1193,15 @@ Changes with Apache 2.0.51 - *) SECURITY: CAN-2004-0786 (cve.mitre.org) + *) SECURITY: CVE-2004-0786 (cve.mitre.org) Fix an input validation issue in apr-util which could be triggered by malformed IPv6 literal addresses. [Joe Orton] - *) SECURITY: CAN-2004-0747 (cve.mitre.org) + *) SECURITY: CVE-2004-0747 (cve.mitre.org) Fix buffer overflow in expansion of environment variables in configuration file parsing. [André Malo] - *) SECURITY: CAN-2004-0809 (cve.mitre.org) + *) SECURITY: CVE-2004-0809 (cve.mitre.org) mod_dav_fs: Fix a segfault in the handling of an indirect lock refresh. PR 31183. [Joe Orton] @@ -1223,7 +1223,7 @@ server shutdown on these code paths. [Bill Stoddard] - *) SECURITY: CAN-2004-0751 (cve.mitre.org) + *) SECURITY: CVE-2004-0751 (cve.mitre.org) mod_ssl: Fix a segfault in the SSL input filter which could be triggered if using "speculative" mode, for instance by a proxy request to an SSL server. PR 30134. [Joe Orton] @@ -1276,7 +1276,7 @@ *) mod_ssl: Build on RHEL 3. PR 18989. [Justin Erenkrantz] - *) SECURITY: CAN-2004-0748 (cve.mitre.org) + *) SECURITY: CVE-2004-0748 (cve.mitre.org) mod_ssl: Fix a potential infinite loop. PR 29964. [Joe Orton] *) mod_ssl: Avoid startup failure after unclean shutdown if using shmcb. @@ -1364,7 +1364,7 @@ Changes with Apache 2.0.50 - *) SECURITY: CAN-2004-0493 (cve.mitre.org) + *) SECURITY: CVE-2004-0493 (cve.mitre.org) Close a denial of service vulnerability identified by Georgi Guninski which could lead to memory exhaustion with certain input data. [Jeff Trawick] @@ -1394,7 +1394,7 @@ *) util_ldap: allow relative paths for LDAPTrustedCA to be resolved against ServerRoot PR#26602 [Brad Nicholes] - *) SECURITY: CAN-2004-0488 (cve.mitre.org) + *) SECURITY: CVE-2004-0488 (cve.mitre.org) mod_ssl: Fix a buffer overflow in the FakeBasicAuth code for a (trusted) client certificate subject DN which exceeds 6K in length. [Joe Orton] @@ -1541,7 +1541,7 @@ Changes with Apache 2.0.49 - *) SECURITY: CAN-2004-0174 (cve.mitre.org) + *) SECURITY: CVE-2004-0174 (cve.mitre.org) Fix starvation issue on listening sockets where a short-lived connection on a rarely-accessed listening socket will cause a child to hold the accept mutex and block out new connections until @@ -1825,12 +1825,12 @@ Changes with Apache 2.0.48 - *) SECURITY: CAN-2003-0789 (cve.mitre.org) + *) SECURITY: CVE-2003-0789 (cve.mitre.org) mod_cgid: Resolve some mishandling of the AF_UNIX socket used to communicate with the cgid daemon and the CGI script. [Jeff Trawick] - *) SECURITY: CAN-2003-0542 (cve.mitre.org) + *) SECURITY: CVE-2003-0542 (cve.mitre.org) Fix buffer overflows in mod_alias and mod_rewrite which occurred if one configured a regular expression with more than 9 captures. [André Malo] @@ -1984,19 +1984,19 @@ Changes with Apache 2.0.47 - *) SECURITY: CAN-2003-0192 (cve.mitre.org) + *) SECURITY: CVE-2003-0192 (cve.mitre.org) Fixed a bug whereby certain sequences of per-directory renegotiations and the SSLCipherSuite directive being used to upgrade from a weak ciphersuite to a strong one could result in the weak ciphersuite being used in place of the strong one. [Ben Laurie] - *) SECURITY: CAN-2003-0253 (cve.mitre.org) + *) SECURITY: CVE-2003-0253 (cve.mitre.org) Fixed a bug in prefork MPM causing temporary denial of service when accept() on a rarely accessed port returns certain errors. Reported by Saheed Akhtar . [Jeff Trawick] - *) SECURITY: CAN-2003-0254 (cve.mitre.org) + *) SECURITY: CVE-2003-0254 (cve.mitre.org) Fixed a bug in ftp proxy causing denial of service when target host is IPv6 but proxy server can't create IPv6 socket. Fixed by the reporter. [Yoshioka Tsuneo ] @@ -2031,13 +2031,13 @@ Changes with Apache 2.0.46 - *) SECURITY: CAN-2003-0245 (cve.mitre.org) + *) SECURITY: CVE-2003-0245 (cve.mitre.org) Fixed a bug causing apr_pvsprintf() to crash by sending an overly long string. This can be triggered remotely through mod_dav, mod_ssl, and other mechanisms. Reported by David Endler . [Joe Orton] - *) SECURITY: CAN-2003-0189 (cve.mitre.org) + *) SECURITY: CVE-2003-0189 (cve.mitre.org) Fixed a denial-of-service vulnerability affecting basic authentication on Unix platforms related to thread-safety in apr_password_validate(). @@ -2169,13 +2169,13 @@ *) Fixed a segfault when multiple ProxyBlock directives were used. PR: 19023 [Sami Tikka ] - *) SECURITY: CAN-2003-0134 (cve.mitre.org) + *) SECURITY: CVE-2003-0134 (cve.mitre.org) OS2: Fix a Denial of Service vulnerability identified and reported by Robert Howard that where device names faulted the running OS2 worker process. The fix is actually in APR 0.9.4. [Brian Havard] - *) SECURITY: CAN-2003-0083 (cve.mitre.org) + *) SECURITY: CVE-2003-0083 (cve.mitre.org) Forward port: Escape special characters (especially control characters) in mod_log_config to make a clear distinction between client-supplied strings (with special characters) and server-side @@ -2192,7 +2192,7 @@ *) Fix possible segfaults under obscure error conditions within the cgid daemon. [Jeff Trawick, William Rowe] - *) SECURITY: CAN-2003-0132 (cve.mitre.org) + *) SECURITY: CVE-2003-0132 (cve.mitre.org) Close a Denial of Service vulnerability identified by David Endler on all platforms. An unlimited stream of newlines were acceptable between requests where each @@ -2699,7 +2699,7 @@ Changes with Apache 2.0.42 - *) SECURITY: CAN-2002-1593 (cve.mitre.org) [CERT VU#406121] + *) SECURITY: CVE-2002-1593 (cve.mitre.org) [CERT VU#406121] mod_dav: Check for versioning hooks before using them. [Greg Stein] @@ -2843,7 +2843,7 @@ Changes with Apache 2.0.40 - *) SECURITY: CAN-2002-0661 (cve.mitre.org) + *) SECURITY: CVE-2002-0661 (cve.mitre.org) Close a very significant security hole that applies only to the Win32, OS2 and Netware platforms. Unix was not affected, Cygwin may be affected. Certain URIs will bypass security @@ -2855,7 +2855,7 @@ Reported by Auriemma Luigi . [Brad Nicholes] - *) SECURITY: CAN-2002-0654 (cve.mitre.org) + *) SECURITY: CVE-2002-0654 (cve.mitre.org) Close a path-revealing exposure in multiview type map negotiation (such as the default error documents) where the module would report the full path of the typemapped .var file when @@ -2863,7 +2863,7 @@ negotiation. Reported by Auriemma Luigi . [William Rowe] - *) SECURITY: CAN-2002-0654 (cve.mitre.org) + *) SECURITY: CVE-2002-0654 (cve.mitre.org) Close a path-revealing exposure in cgi/cgid when we fail to invoke a script. The modules would report "couldn't create child process /path-to-script/script.pl" revealing the full path @@ -3427,7 +3427,7 @@ *) Fix AcceptPathInfo. PR 8234 [Cliff Woolley] - *) SECURITY: CAN-2002-1592 (cve.mitre.org) [CERT VU#165803] + *) SECURITY: CVE-2002-1592 (cve.mitre.org) [CERT VU#165803] Added the APLOG_TOCLIENT flag to ap_log_rerror() to explicitly tell the server that warning messages should be sent to the client in addition to being recorded in the error log. @@ -7214,7 +7214,7 @@ container is VirtualHost or Directory or whatever. [Jeff Trawick] - *) SECURITY: CAN-2000-1204 (cve.mitre.org) + *) SECURITY: CVE-2000-1204 (cve.mitre.org) Prevent the source code for CGIs from being revealed when using mod_vhost_alias and the CGI directory is under the document root and a user makes a request like http://www.example.com//cgi-bin/cgi