httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From m..@apache.org
Subject svn commit: r608904 - in /httpd/site/trunk: docs/security/vulnerabilities-oval.xml docs/security/vulnerabilities_13.html docs/security/vulnerabilities_20.html docs/security/vulnerabilities_22.html xdocs/security/vulnerabilities-httpd.xml
Date Fri, 04 Jan 2008 16:17:51 GMT
Author: mjc
Date: Fri Jan  4 08:17:51 2008
New Revision: 608904

URL: http://svn.apache.org/viewvc?rev=608904&view=rev
Log:
Update vulnerability list to include things commmitted to SVN already

Modified:
    httpd/site/trunk/docs/security/vulnerabilities-oval.xml
    httpd/site/trunk/docs/security/vulnerabilities_13.html
    httpd/site/trunk/docs/security/vulnerabilities_20.html
    httpd/site/trunk/docs/security/vulnerabilities_22.html
    httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml

Modified: httpd/site/trunk/docs/security/vulnerabilities-oval.xml
URL: http://svn.apache.org/viewvc/httpd/site/trunk/docs/security/vulnerabilities-oval.xml?rev=608904&r1=608903&r2=608904&view=diff
==============================================================================
--- httpd/site/trunk/docs/security/vulnerabilities-oval.xml (original)
+++ httpd/site/trunk/docs/security/vulnerabilities-oval.xml Fri Jan  4 08:17:51 2008
@@ -5,6 +5,138 @@
 <oval:timestamp>2005-10-12T18:13:45</oval:timestamp>
 </generator>
 <definitions>
+<definition id="oval:org.apache.httpd:def:20076422" version="1" class="vulnerability">
+<metadata>
+<title>mod_proxy_balancer DoS</title>
+<reference source="CVE" ref_id="CVE-2007-6422" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422"/>
+<description>
+A flaw was found in the mod_proxy_balancer module. On sites where
+mod_proxy_balancer is enabled, an authorized user could send a carefully
+crafted request that would cause the Apache child process handling that
+request to crash. This could lead to a denial of service if using a
+threaded Multi-Processing Module. </description>
+<apache_httpd_repository>
+<public>20080102</public>
+<reported>20071212</reported>
+<released/>
+<severity level="4">low</severity>
+</apache_httpd_repository>
+</metadata>
+<criteria operator="OR">
+<criteria operator="OR">
+<criterion test_ref="oval:org.apache.httpd:tst:226" comment="the version of httpd is 2.2.6"/>
+<criterion test_ref="oval:org.apache.httpd:tst:225" comment="the version of httpd is 2.2.5"/>
+<criterion test_ref="oval:org.apache.httpd:tst:224" comment="the version of httpd is 2.2.4"/>
+<criterion test_ref="oval:org.apache.httpd:tst:223" comment="the version of httpd is 2.2.3"/>
+<criterion test_ref="oval:org.apache.httpd:tst:222" comment="the version of httpd is 2.2.2"/>
+<criterion test_ref="oval:org.apache.httpd:tst:220" comment="the version of httpd is 2.2.0"/>
+</criteria>
+</criteria>
+</definition>
+<definition id="oval:org.apache.httpd:def:20076421" version="1" class="vulnerability">
+<metadata>
+<title>mod_proxy_balancer XSS</title>
+<reference source="CVE" ref_id="CVE-2007-6421" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421"/>
+<description>
+A flaw was found in the mod_proxy_balancer module. On sites where
+mod_proxy_balancer is enabled, a cross-site scripting attack against an
+authorized user is possible. </description>
+<apache_httpd_repository>
+<public>20080102</public>
+<reported>20071212</reported>
+<released/>
+<severity level="4">low</severity>
+</apache_httpd_repository>
+</metadata>
+<criteria operator="OR">
+<criteria operator="OR">
+<criterion test_ref="oval:org.apache.httpd:tst:226" comment="the version of httpd is 2.2.6"/>
+<criterion test_ref="oval:org.apache.httpd:tst:225" comment="the version of httpd is 2.2.5"/>
+<criterion test_ref="oval:org.apache.httpd:tst:224" comment="the version of httpd is 2.2.4"/>
+<criterion test_ref="oval:org.apache.httpd:tst:223" comment="the version of httpd is 2.2.3"/>
+<criterion test_ref="oval:org.apache.httpd:tst:222" comment="the version of httpd is 2.2.2"/>
+<criterion test_ref="oval:org.apache.httpd:tst:220" comment="the version of httpd is 2.2.0"/>
+</criteria>
+</criteria>
+</definition>
+<definition id="oval:org.apache.httpd:def:20076388" version="1" class="vulnerability">
+<metadata>
+<title>mod_status XSS</title>
+<reference source="CVE" ref_id="CVE-2007-6388" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388"/>
+<description>
+A flaw was found in the mod_status module. On sites where mod_status is
+enabled and the status pages were publicly accessible, a cross-site
+scripting attack is possible.
+Note that the server-status page is not enabled by default and it is best practice to not
make this publicly available.</description>
+<apache_httpd_repository>
+<public>20080102</public>
+<reported>20071215</reported>
+<released/>
+<severity level="3">moderate</severity>
+</apache_httpd_repository>
+</metadata>
+<criteria operator="OR">
+<criteria operator="OR">
+<criterion test_ref="oval:org.apache.httpd:tst:226" comment="the version of httpd is 2.2.6"/>
+<criterion test_ref="oval:org.apache.httpd:tst:225" comment="the version of httpd is 2.2.5"/>
+<criterion test_ref="oval:org.apache.httpd:tst:224" comment="the version of httpd is 2.2.4"/>
+<criterion test_ref="oval:org.apache.httpd:tst:223" comment="the version of httpd is 2.2.3"/>
+<criterion test_ref="oval:org.apache.httpd:tst:222" comment="the version of httpd is 2.2.2"/>
+<criterion test_ref="oval:org.apache.httpd:tst:220" comment="the version of httpd is 2.2.0"/>
+</criteria>
+<criteria operator="OR">
+<criterion test_ref="oval:org.apache.httpd:tst:2061" comment="the version of httpd is
2.0.61"/>
+<criterion test_ref="oval:org.apache.httpd:tst:2059" comment="the version of httpd is
2.0.59"/>
+<criterion test_ref="oval:org.apache.httpd:tst:2058" comment="the version of httpd is
2.0.58"/>
+<criterion test_ref="oval:org.apache.httpd:tst:2055" comment="the version of httpd is
2.0.55"/>
+<criterion test_ref="oval:org.apache.httpd:tst:2054" comment="the version of httpd is
2.0.54"/>
+<criterion test_ref="oval:org.apache.httpd:tst:2053" comment="the version of httpd is
2.0.53"/>
+<criterion test_ref="oval:org.apache.httpd:tst:2052" comment="the version of httpd is
2.0.52"/>
+<criterion test_ref="oval:org.apache.httpd:tst:2051" comment="the version of httpd is
2.0.51"/>
+<criterion test_ref="oval:org.apache.httpd:tst:2050" comment="the version of httpd is
2.0.50"/>
+<criterion test_ref="oval:org.apache.httpd:tst:2049" comment="the version of httpd is
2.0.49"/>
+<criterion test_ref="oval:org.apache.httpd:tst:2048" comment="the version of httpd is
2.0.48"/>
+<criterion test_ref="oval:org.apache.httpd:tst:2047" comment="the version of httpd is
2.0.47"/>
+<criterion test_ref="oval:org.apache.httpd:tst:2046" comment="the version of httpd is
2.0.46"/>
+<criterion test_ref="oval:org.apache.httpd:tst:2045" comment="the version of httpd is
2.0.45"/>
+<criterion test_ref="oval:org.apache.httpd:tst:2044" comment="the version of httpd is
2.0.44"/>
+<criterion test_ref="oval:org.apache.httpd:tst:2043" comment="the version of httpd is
2.0.43"/>
+<criterion test_ref="oval:org.apache.httpd:tst:2042" comment="the version of httpd is
2.0.42"/>
+<criterion test_ref="oval:org.apache.httpd:tst:2040" comment="the version of httpd is
2.0.40"/>
+<criterion test_ref="oval:org.apache.httpd:tst:2039" comment="the version of httpd is
2.0.39"/>
+<criterion test_ref="oval:org.apache.httpd:tst:2037" comment="the version of httpd is
2.0.37"/>
+<criterion test_ref="oval:org.apache.httpd:tst:2036" comment="the version of httpd is
2.0.36"/>
+<criterion test_ref="oval:org.apache.httpd:tst:2035" comment="the version of httpd is
2.0.35"/>
+</criteria>
+<criteria operator="OR">
+<criterion test_ref="oval:org.apache.httpd:tst:1339" comment="the version of httpd is
1.3.39"/>
+<criterion test_ref="oval:org.apache.httpd:tst:1337" comment="the version of httpd is
1.3.37"/>
+<criterion test_ref="oval:org.apache.httpd:tst:1336" comment="the version of httpd is
1.3.36"/>
+<criterion test_ref="oval:org.apache.httpd:tst:1335" comment="the version of httpd is
1.3.35"/>
+<criterion test_ref="oval:org.apache.httpd:tst:1334" comment="the version of httpd is
1.3.34"/>
+<criterion test_ref="oval:org.apache.httpd:tst:1333" comment="the version of httpd is
1.3.33"/>
+<criterion test_ref="oval:org.apache.httpd:tst:1332" comment="the version of httpd is
1.3.32"/>
+<criterion test_ref="oval:org.apache.httpd:tst:1331" comment="the version of httpd is
1.3.31"/>
+<criterion test_ref="oval:org.apache.httpd:tst:1329" comment="the version of httpd is
1.3.29"/>
+<criterion test_ref="oval:org.apache.httpd:tst:1328" comment="the version of httpd is
1.3.28"/>
+<criterion test_ref="oval:org.apache.httpd:tst:1327" comment="the version of httpd is
1.3.27"/>
+<criterion test_ref="oval:org.apache.httpd:tst:1326" comment="the version of httpd is
1.3.26"/>
+<criterion test_ref="oval:org.apache.httpd:tst:1324" comment="the version of httpd is
1.3.24"/>
+<criterion test_ref="oval:org.apache.httpd:tst:1322" comment="the version of httpd is
1.3.22"/>
+<criterion test_ref="oval:org.apache.httpd:tst:1320" comment="the version of httpd is
1.3.20"/>
+<criterion test_ref="oval:org.apache.httpd:tst:1319" comment="the version of httpd is
1.3.19"/>
+<criterion test_ref="oval:org.apache.httpd:tst:1317" comment="the version of httpd is
1.3.17"/>
+<criterion test_ref="oval:org.apache.httpd:tst:1314" comment="the version of httpd is
1.3.14"/>
+<criterion test_ref="oval:org.apache.httpd:tst:1312" comment="the version of httpd is
1.3.12"/>
+<criterion test_ref="oval:org.apache.httpd:tst:1311" comment="the version of httpd is
1.3.11"/>
+<criterion test_ref="oval:org.apache.httpd:tst:139" comment="the version of httpd is 1.3.9"/>
+<criterion test_ref="oval:org.apache.httpd:tst:136" comment="the version of httpd is 1.3.6"/>
+<criterion test_ref="oval:org.apache.httpd:tst:134" comment="the version of httpd is 1.3.4"/>
+<criterion test_ref="oval:org.apache.httpd:tst:133" comment="the version of httpd is 1.3.3"/>
+<criterion test_ref="oval:org.apache.httpd:tst:132" comment="the version of httpd is 1.3.2"/>
+</criteria>
+</criteria>
+</definition>
 <definition id="oval:org.apache.httpd:def:20075000" version="1" class="vulnerability">
 <metadata>
 <title>mod_imagemap XSS</title>
@@ -534,7 +666,7 @@
 </description>
 <apache_httpd_repository>
 <public>20060508</public>
-<reported/>
+<reported></reported>
 <released>20060501</released>
 <severity level="3">moderate</severity>
 </apache_httpd_repository>

Modified: httpd/site/trunk/docs/security/vulnerabilities_13.html
URL: http://svn.apache.org/viewvc/httpd/site/trunk/docs/security/vulnerabilities_13.html?rev=608904&r1=608903&r2=608904&view=diff
==============================================================================
--- httpd/site/trunk/docs/security/vulnerabilities_13.html (original)
+++ httpd/site/trunk/docs/security/vulnerabilities_13.html Fri Jan  4 08:17:51 2008
@@ -96,6 +96,23 @@
 <dd>
 <b>moderate: </b>
 <b>
+<name name="CVE-2007-6388">mod_status XSS</name>
+</b>
+<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388">CVE-2007-6388</a>
+<p>
+A flaw was found in the mod_status module. On sites where mod_status is
+enabled and the status pages were publicly accessible, a cross-site
+scripting attack is possible.
+Note that the server-status page is not enabled by default and it is best practice to not
make this publicly available.</p>
+</dd>
+<dd />
+<dd>
+      Affects: 
+    1.3.39, 1.3.37, 1.3.36, 1.3.35, 1.3.34, 1.3.33, 1.3.32, 1.3.31, 1.3.29, 1.3.28, 1.3.27,
1.3.26, 1.3.24, 1.3.22, 1.3.20, 1.3.19, 1.3.17, 1.3.14, 1.3.12, 1.3.11, 1.3.9, 1.3.6, 1.3.4,
1.3.3, 1.3.2<p />
+</dd>
+<dd>
+<b>moderate: </b>
+<b>
 <name name="CVE-2007-5000">mod_imap XSS</name>
 </b>
 <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000">CVE-2007-5000</a>

Modified: httpd/site/trunk/docs/security/vulnerabilities_20.html
URL: http://svn.apache.org/viewvc/httpd/site/trunk/docs/security/vulnerabilities_20.html?rev=608904&r1=608903&r2=608904&view=diff
==============================================================================
--- httpd/site/trunk/docs/security/vulnerabilities_20.html (original)
+++ httpd/site/trunk/docs/security/vulnerabilities_20.html Fri Jan  4 08:17:51 2008
@@ -96,6 +96,23 @@
 <dd>
 <b>moderate: </b>
 <b>
+<name name="CVE-2007-6388">mod_status XSS</name>
+</b>
+<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388">CVE-2007-6388</a>
+<p>
+A flaw was found in the mod_status module. On sites where mod_status is
+enabled and the status pages were publicly accessible, a cross-site
+scripting attack is possible.
+Note that the server-status page is not enabled by default and it is best practice to not
make this publicly available.</p>
+</dd>
+<dd />
+<dd>
+      Affects: 
+    2.0.61, 2.0.59, 2.0.58, 2.0.55, 2.0.54, 2.0.53, 2.0.52, 2.0.51, 2.0.50, 2.0.49, 2.0.48,
2.0.47, 2.0.46, 2.0.45, 2.0.44, 2.0.43, 2.0.42, 2.0.40, 2.0.39, 2.0.37, 2.0.36, 2.0.35<p
/>
+</dd>
+<dd>
+<b>moderate: </b>
+<b>
 <name name="CVE-2007-5000">mod_imap XSS</name>
 </b>
 <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000">CVE-2007-5000</a>

Modified: httpd/site/trunk/docs/security/vulnerabilities_22.html
URL: http://svn.apache.org/viewvc/httpd/site/trunk/docs/security/vulnerabilities_22.html?rev=608904&r1=608903&r2=608904&view=diff
==============================================================================
--- httpd/site/trunk/docs/security/vulnerabilities_22.html (original)
+++ httpd/site/trunk/docs/security/vulnerabilities_22.html Fri Jan  4 08:17:51 2008
@@ -94,6 +94,57 @@
   <blockquote>
 <dl>
 <dd>
+<b>low: </b>
+<b>
+<name name="CVE-2007-6422">mod_proxy_balancer DoS</name>
+</b>
+<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422">CVE-2007-6422</a>
+<p>
+A flaw was found in the mod_proxy_balancer module. On sites where
+mod_proxy_balancer is enabled, an authorized user could send a carefully
+crafted request that would cause the Apache child process handling that
+request to crash. This could lead to a denial of service if using a
+threaded Multi-Processing Module. </p>
+</dd>
+<dd />
+<dd>
+      Affects: 
+    2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0<p />
+</dd>
+<dd>
+<b>low: </b>
+<b>
+<name name="CVE-2007-6421">mod_proxy_balancer XSS</name>
+</b>
+<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421">CVE-2007-6421</a>
+<p>
+A flaw was found in the mod_proxy_balancer module. On sites where
+mod_proxy_balancer is enabled, a cross-site scripting attack against an
+authorized user is possible. </p>
+</dd>
+<dd />
+<dd>
+      Affects: 
+    2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0<p />
+</dd>
+<dd>
+<b>moderate: </b>
+<b>
+<name name="CVE-2007-6388">mod_status XSS</name>
+</b>
+<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388">CVE-2007-6388</a>
+<p>
+A flaw was found in the mod_status module. On sites where mod_status is
+enabled and the status pages were publicly accessible, a cross-site
+scripting attack is possible.
+Note that the server-status page is not enabled by default and it is best practice to not
make this publicly available.</p>
+</dd>
+<dd />
+<dd>
+      Affects: 
+    2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0<p />
+</dd>
+<dd>
 <b>moderate: </b>
 <b>
 <name name="CVE-2007-5000">mod_imagemap XSS</name>

Modified: httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml
URL: http://svn.apache.org/viewvc/httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml?rev=608904&r1=608903&r2=608904&view=diff
==============================================================================
--- httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml (original)
+++ httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml Fri Jan  4 08:17:51 2008
@@ -1,4 +1,124 @@
-<security updated="20071211">
+<security updated="20080104">
+
+<issue fixed="2.2.7-dev" public="20080102" reported="20071212">
+<cve name="CVE-2007-6422"/>
+<severity level="4">low</severity>      
+<title>mod_proxy_balancer DoS</title>
+<description><p>
+A flaw was found in the mod_proxy_balancer module. On sites where
+mod_proxy_balancer is enabled, an authorized user could send a carefully
+crafted request that would cause the Apache child process handling that
+request to crash. This could lead to a denial of service if using a
+threaded Multi-Processing Module. </p></description>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.2.7-dev" public="20080102" reported="20071212">
+<cve name="CVE-2007-6421"/>
+<severity level="4">low</severity>      
+<title>mod_proxy_balancer XSS</title>
+<description><p>
+A flaw was found in the mod_proxy_balancer module. On sites where
+mod_proxy_balancer is enabled, a cross-site scripting attack against an
+authorized user is possible. </p></description>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.2.7-dev" public="20080102" reported="20071215">
+<cve name="CVE-2007-6388"/>
+<severity level="3">moderate</severity>      
+<title>mod_status XSS</title>
+<description><p>
+A flaw was found in the mod_status module. On sites where mod_status is
+enabled and the status pages were publicly accessible, a cross-site
+scripting attack is possible.
+Note that the server-status page is not enabled by default and it is best practice to not
make this publicly available.</p></description>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.0.62-dev" public="20080102" reported="20071215">
+<cve name="CVE-2007-6388"/>
+<severity level="3">moderate</severity>      
+<title>mod_status XSS</title>
+<description><p>
+A flaw was found in the mod_status module. On sites where mod_status is
+enabled and the status pages were publicly accessible, a cross-site
+scripting attack is possible.
+Note that the server-status page is not enabled by default and it is best practice to not
make this publicly available.</p></description>
+<affects prod="httpd" version="2.0.61"/>
+<affects prod="httpd" version="2.0.59"/>
+<affects prod="httpd" version="2.0.58"/>
+<affects prod="httpd" version="2.0.55"/>
+<affects prod="httpd" version="2.0.54"/>
+<affects prod="httpd" version="2.0.53"/>
+<affects prod="httpd" version="2.0.52"/>
+<affects prod="httpd" version="2.0.51"/>
+<affects prod="httpd" version="2.0.50"/>
+<affects prod="httpd" version="2.0.49"/>
+<affects prod="httpd" version="2.0.48"/>
+<affects prod="httpd" version="2.0.47"/>
+<affects prod="httpd" version="2.0.46"/>
+<affects prod="httpd" version="2.0.45"/>
+<affects prod="httpd" version="2.0.44"/>
+<affects prod="httpd" version="2.0.43"/>
+<affects prod="httpd" version="2.0.42"/>
+<affects prod="httpd" version="2.0.40"/>
+<affects prod="httpd" version="2.0.39"/>
+<affects prod="httpd" version="2.0.37"/>
+<affects prod="httpd" version="2.0.36"/>
+<affects prod="httpd" version="2.0.35"/>
+</issue>
+
+<issue fixed="1.3.40-dev" public="20080102" reported="20071215">
+<cve name="CVE-2007-6388"/>
+<severity level="3">moderate</severity>      
+<title>mod_status XSS</title>
+<description><p>
+A flaw was found in the mod_status module. On sites where mod_status is
+enabled and the status pages were publicly accessible, a cross-site
+scripting attack is possible.
+Note that the server-status page is not enabled by default and it is best practice to not
make this publicly available.</p></description>
+<affects prod="httpd" version="1.3.39"/>
+<affects prod="httpd" version="1.3.37"/>
+<affects prod="httpd" version="1.3.36"/>
+<affects prod="httpd" version="1.3.35"/>
+<affects prod="httpd" version="1.3.34"/>
+<affects prod="httpd" version="1.3.33"/>
+<affects prod="httpd" version="1.3.32"/>
+<affects prod="httpd" version="1.3.31"/>
+<affects prod="httpd" version="1.3.29"/>
+<affects prod="httpd" version="1.3.28"/>
+<affects prod="httpd" version="1.3.27"/>
+<affects prod="httpd" version="1.3.26"/>
+<affects prod="httpd" version="1.3.24"/>
+<affects prod="httpd" version="1.3.22"/>
+<affects prod="httpd" version="1.3.20"/>
+<affects prod="httpd" version="1.3.19"/>
+<affects prod="httpd" version="1.3.17"/>
+<affects prod="httpd" version="1.3.14"/>
+<affects prod="httpd" version="1.3.12"/>
+<affects prod="httpd" version="1.3.11"/>
+<affects prod="httpd" version="1.3.9"/>
+<affects prod="httpd" version="1.3.6"/>
+<affects prod="httpd" version="1.3.4"/>
+<affects prod="httpd" version="1.3.3"/>
+<affects prod="httpd" version="1.3.2"/>
+</issue>
 
 <issue fixed="2.2.7-dev" public="20071211" reported="20071023">
 <cve name="CVE-2007-5000"/>



Mime
View raw message