httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From m..@apache.org
Subject svn commit: r330027 - in /httpd/site/trunk: docs/security/vulnerabilities_20.html xdocs/security/vulnerabilities-httpd.xml
Date Tue, 01 Nov 2005 11:22:46 GMT
Author: mjc
Date: Tue Nov  1 03:22:35 2005
New Revision: 330027

URL: http://svn.apache.org/viewcvs?rev=330027&view=rev
Log:
Add missing CVE name from vulnerabilities list

Modified:
    httpd/site/trunk/docs/security/vulnerabilities_20.html
    httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml

Modified: httpd/site/trunk/docs/security/vulnerabilities_20.html
URL: http://svn.apache.org/viewcvs/httpd/site/trunk/docs/security/vulnerabilities_20.html?rev=330027&r1=330026&r2=330027&view=diff
==============================================================================
--- httpd/site/trunk/docs/security/vulnerabilities_20.html (original)
+++ httpd/site/trunk/docs/security/vulnerabilities_20.html Tue Nov  1 03:22:35 2005
@@ -155,6 +155,26 @@
 <dd>
 <b>moderate: </b>
 <b>
+<name name="CVE-2005-2970">Worker MPM memory leak</name>
+</b>
+<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2970">CVE-2005-2970</a>
+<p>
+A memory leak in the worker MPM would allow remote attackers to cause
+a denial of service (memory consumption) via aborted connections,
+which prevents the memory for the transaction pool from being reused
+for other connections.
+</p>
+</dd>
+<dd>
+  Update Released: 14th October 2005<br />
+</dd>
+<dd>
+      Affects: 
+    2.0.54, 2.0.53, 2.0.52, 2.0.51, 2.0.50, 2.0.49, 2.0.48, 2.0.47, 2.0.46, 2.0.45, 2.0.44,
2.0.43, 2.0.42, 2.0.40, 2.0.39, 2.0.37, 2.0.36<p />
+</dd>
+<dd>
+<b>moderate: </b>
+<b>
 <name name="CVE-2005-2728">Byterange filter DoS</name>
 </b>
 <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2728">CVE-2005-2728</a>

Modified: httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml
URL: http://svn.apache.org/viewcvs/httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml?rev=330027&r1=330026&r2=330027&view=diff
==============================================================================
--- httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml (original)
+++ httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml Tue Nov  1 03:22:35 2005
@@ -1,4 +1,36 @@
-<security updated="20051014">
+<security updated="20051101">
+
+<issue fixed="2.0.55" released="20051014">
+<cve name="CVE-2005-2970"/>
+<severity level="3">moderate</severity>
+<title>Worker MPM memory leak</title>
+<description>
+<p>
+A memory leak in the worker MPM would allow remote attackers to cause
+a denial of service (memory consumption) via aborted connections,
+which prevents the memory for the transaction pool from being reused
+for other connections.
+</p>
+</description>
+<affects prod="httpd" version="2.0.54"/>
+<affects prod="httpd" version="2.0.53"/>
+<affects prod="httpd" version="2.0.52"/>
+<affects prod="httpd" version="2.0.51"/>
+<affects prod="httpd" version="2.0.50"/>
+<affects prod="httpd" version="2.0.49"/>
+<affects prod="httpd" version="2.0.48"/>
+<affects prod="httpd" version="2.0.47"/>
+<affects prod="httpd" version="2.0.46"/>
+<affects prod="httpd" version="2.0.45"/>
+<affects prod="httpd" version="2.0.44"/>
+<affects prod="httpd" version="2.0.43"/>
+<affects prod="httpd" version="2.0.42"/>
+<affects prod="httpd" version="2.0.40"/>
+<affects prod="httpd" version="2.0.39"/>
+<affects prod="httpd" version="2.0.37"/>
+<affects prod="httpd" version="2.0.36"/>
+<!-- bad code was added 20020428 therefore after 2.0.35 -->
+</issue>
 
 <issue fixed="2.0.55" public="20050707" reported="20050707" released="20051014">
 <cve name="CVE-2005-2728"/>



Mime
View raw message