httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From m..@apache.org
Subject svn commit: r792936 - in /httpd/site/trunk: docs/security/vulnerabilities-oval.xml docs/security/vulnerabilities_22.html xdocs/security/vulnerabilities-httpd.xml
Date Fri, 10 Jul 2009 13:15:00 GMT
Author: mjc
Date: Fri Jul 10 13:15:00 2009
New Revision: 792936

URL: http://svn.apache.org/viewvc?rev=792936&view=rev
Log:
Add the three apr-util issues bundled into 2.2.12-dev

Modified:
    httpd/site/trunk/docs/security/vulnerabilities-oval.xml
    httpd/site/trunk/docs/security/vulnerabilities_22.html
    httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml

Modified: httpd/site/trunk/docs/security/vulnerabilities-oval.xml
URL: http://svn.apache.org/viewvc/httpd/site/trunk/docs/security/vulnerabilities-oval.xml?rev=792936&r1=792935&r2=792936&view=diff
==============================================================================
--- httpd/site/trunk/docs/security/vulnerabilities-oval.xml (original)
+++ httpd/site/trunk/docs/security/vulnerabilities-oval.xml Fri Jul 10 13:15:00 2009
@@ -5,6 +5,71 @@
 <oval:timestamp>2005-10-12T18:13:45</oval:timestamp>
 </generator>
 <definitions>
+<definition id="oval:org.apache.httpd:def:20091956" version="1" class="vulnerability">
+<metadata>
+<title>APR-util off-by-one overflow</title>
+<reference source="CVE" ref_id="CVE-2009-1956" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1956"/>
+<description>
+An off-by-one overflow flaw was found in the way the bundled copy of
+the APR-util library processed a variable list of arguments. An
+attacker could provide a specially-crafted string as input for the
+formatted output conversion routine, which could, on big-endian
+platforms, potentially lead to the disclosure of sensitive information
+or a denial of service.
+</description>
+<apache_httpd_repository>
+<public>20090424</public>
+<reported/>
+<released/>
+<severity level="3">moderate</severity>
+</apache_httpd_repository>
+</metadata>
+<criteria operator="OR">
+<criteria operator="OR">
+<criterion test_ref="oval:org.apache.httpd:tst:2211" comment="the version of httpd is
2.2.11"/>
+<criterion test_ref="oval:org.apache.httpd:tst:229" comment="the version of httpd is 2.2.9"/>
+<criterion test_ref="oval:org.apache.httpd:tst:228" comment="the version of httpd is 2.2.8"/>
+<criterion test_ref="oval:org.apache.httpd:tst:226" comment="the version of httpd is 2.2.6"/>
+<criterion test_ref="oval:org.apache.httpd:tst:225" comment="the version of httpd is 2.2.5"/>
+<criterion test_ref="oval:org.apache.httpd:tst:224" comment="the version of httpd is 2.2.4"/>
+<criterion test_ref="oval:org.apache.httpd:tst:223" comment="the version of httpd is 2.2.3"/>
+<criterion test_ref="oval:org.apache.httpd:tst:222" comment="the version of httpd is 2.2.2"/>
+<criterion test_ref="oval:org.apache.httpd:tst:220" comment="the version of httpd is 2.2.0"/>
+</criteria>
+</criteria>
+</definition>
+<definition id="oval:org.apache.httpd:def:20091955" version="1" class="vulnerability">
+<metadata>
+<title>APR-util XML DoS</title>
+<reference source="CVE" ref_id="CVE-2009-1955" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1955"/>
+<description>
+A denial of service flaw was found in the bundled copy of the APR-util
+library Extensible Markup Language (XML) parser. A remote attacker
+could create a specially-crafted XML document that would cause
+excessive memory consumption when processed by the XML decoding
+engine.
+</description>
+<apache_httpd_repository>
+<public>20090601</public>
+<reported/>
+<released/>
+<severity level="3">moderate</severity>
+</apache_httpd_repository>
+</metadata>
+<criteria operator="OR">
+<criteria operator="OR">
+<criterion test_ref="oval:org.apache.httpd:tst:2211" comment="the version of httpd is
2.2.11"/>
+<criterion test_ref="oval:org.apache.httpd:tst:229" comment="the version of httpd is 2.2.9"/>
+<criterion test_ref="oval:org.apache.httpd:tst:228" comment="the version of httpd is 2.2.8"/>
+<criterion test_ref="oval:org.apache.httpd:tst:226" comment="the version of httpd is 2.2.6"/>
+<criterion test_ref="oval:org.apache.httpd:tst:225" comment="the version of httpd is 2.2.5"/>
+<criterion test_ref="oval:org.apache.httpd:tst:224" comment="the version of httpd is 2.2.4"/>
+<criterion test_ref="oval:org.apache.httpd:tst:223" comment="the version of httpd is 2.2.3"/>
+<criterion test_ref="oval:org.apache.httpd:tst:222" comment="the version of httpd is 2.2.2"/>
+<criterion test_ref="oval:org.apache.httpd:tst:220" comment="the version of httpd is 2.2.0"/>
+</criteria>
+</criteria>
+</definition>
 <definition id="oval:org.apache.httpd:def:20091891" version="1" class="vulnerability">
 <metadata>
 <title>mod_deflate DoS</title>
@@ -121,6 +186,38 @@
 </criteria>
 </criteria>
 </definition>
+<definition id="oval:org.apache.httpd:def:20090023" version="1" class="vulnerability">
+<metadata>
+<title>APR-util heap underwrite</title>
+<reference source="CVE" ref_id="CVE-2009-0023" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023"/>
+<description>
+A heap-based underwrite flaw was found in the way the bundled copy of
+the APR-util library created compiled forms of particular search
+patterns. An attacker could formulate a specially-crafted search
+keyword, that would overwrite arbitrary heap memory locations when
+processed by the pattern preparation engine.
+</description>
+<apache_httpd_repository>
+<public>20090601</public>
+<reported/>
+<released/>
+<severity level="3">moderate</severity>
+</apache_httpd_repository>
+</metadata>
+<criteria operator="OR">
+<criteria operator="OR">
+<criterion test_ref="oval:org.apache.httpd:tst:2211" comment="the version of httpd is
2.2.11"/>
+<criterion test_ref="oval:org.apache.httpd:tst:229" comment="the version of httpd is 2.2.9"/>
+<criterion test_ref="oval:org.apache.httpd:tst:228" comment="the version of httpd is 2.2.8"/>
+<criterion test_ref="oval:org.apache.httpd:tst:226" comment="the version of httpd is 2.2.6"/>
+<criterion test_ref="oval:org.apache.httpd:tst:225" comment="the version of httpd is 2.2.5"/>
+<criterion test_ref="oval:org.apache.httpd:tst:224" comment="the version of httpd is 2.2.4"/>
+<criterion test_ref="oval:org.apache.httpd:tst:223" comment="the version of httpd is 2.2.3"/>
+<criterion test_ref="oval:org.apache.httpd:tst:222" comment="the version of httpd is 2.2.2"/>
+<criterion test_ref="oval:org.apache.httpd:tst:220" comment="the version of httpd is 2.2.0"/>
+</criteria>
+</criteria>
+</definition>
 <definition id="oval:org.apache.httpd:def:20082939" version="1" class="vulnerability">
 <metadata>
 <title>mod_proxy_ftp globbing XSS</title>

Modified: httpd/site/trunk/docs/security/vulnerabilities_22.html
URL: http://svn.apache.org/viewvc/httpd/site/trunk/docs/security/vulnerabilities_22.html?rev=792936&r1=792935&r2=792936&view=diff
==============================================================================
--- httpd/site/trunk/docs/security/vulnerabilities_22.html [utf-8] (original)
+++ httpd/site/trunk/docs/security/vulnerabilities_22.html [utf-8] Fri Jul 10 13:15:00 2009
@@ -166,6 +166,64 @@
       Affects: 
     2.2.11, 2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0<p />
 </dd>
+<dd>
+<b>moderate: </b>
+<b>
+<name name="CVE-2009-1956">APR-util off-by-one overflow</name>
+</b>
+<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1956">CVE-2009-1956</a>
+<p>
+An off-by-one overflow flaw was found in the way the bundled copy of
+the APR-util library processed a variable list of arguments. An
+attacker could provide a specially-crafted string as input for the
+formatted output conversion routine, which could, on big-endian
+platforms, potentially lead to the disclosure of sensitive information
+or a denial of service.
+</p>
+</dd>
+<dd />
+<dd>
+      Affects: 
+    2.2.11, 2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0<p />
+</dd>
+<dd>
+<b>moderate: </b>
+<b>
+<name name="CVE-2009-1955">APR-util XML DoS</name>
+</b>
+<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1955">CVE-2009-1955</a>
+<p>
+A denial of service flaw was found in the bundled copy of the APR-util
+library Extensible Markup Language (XML) parser. A remote attacker
+could create a specially-crafted XML document that would cause
+excessive memory consumption when processed by the XML decoding
+engine.
+</p>
+</dd>
+<dd />
+<dd>
+      Affects: 
+    2.2.11, 2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0<p />
+</dd>
+<dd>
+<b>moderate: </b>
+<b>
+<name name="CVE-2009-0023">APR-util heap underwrite</name>
+</b>
+<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023">CVE-2009-0023</a>
+<p>
+A heap-based underwrite flaw was found in the way the bundled copy of
+the APR-util library created compiled forms of particular search
+patterns. An attacker could formulate a specially-crafted search
+keyword, that would overwrite arbitrary heap memory locations when
+processed by the pattern preparation engine.
+</p>
+</dd>
+<dd />
+<dd>
+      Affects: 
+    2.2.11, 2.2.9, 2.2.8, 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, 2.2.0<p />
+</dd>
 </dl>
   </blockquote>
  </td></tr>

Modified: httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml
URL: http://svn.apache.org/viewvc/httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml?rev=792936&r1=792935&r2=792936&view=diff
==============================================================================
--- httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml [utf-8] (original)
+++ httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml [utf-8] Fri Jul 10 13:15:00
2009
@@ -1,5 +1,50 @@
 <security updated="20090709">
 
+<issue fixed="2.2.12-dev" public="20090424" released="">
+<cve name="CVE-2009-1956"/>
+<severity level="3">moderate</severity>
+<title>APR-util off-by-one overflow</title>
+<description><p>
+An off-by-one overflow flaw was found in the way the bundled copy of
+the APR-util library processed a variable list of arguments. An
+attacker could provide a specially-crafted string as input for the
+formatted output conversion routine, which could, on big-endian
+platforms, potentially lead to the disclosure of sensitive information
+or a denial of service.
+</p></description>
+<affects prod="httpd" version="2.2.11"/>
+<affects prod="httpd" version="2.2.9"/>
+<affects prod="httpd" version="2.2.8"/>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.2.12-dev" public="20090601" released="">
+<cve name="CVE-2009-1955"/>
+<severity level="3">moderate</severity>
+<title>APR-util XML DoS</title>
+<description><p>
+A denial of service flaw was found in the bundled copy of the APR-util
+library Extensible Markup Language (XML) parser. A remote attacker
+could create a specially-crafted XML document that would cause
+excessive memory consumption when processed by the XML decoding
+engine.
+</p></description>
+<affects prod="httpd" version="2.2.11"/>
+<affects prod="httpd" version="2.2.9"/>
+<affects prod="httpd" version="2.2.8"/>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
 <issue fixed="2.2.12-dev" public="20090626" reported="20090626" released="">
 <cve name="CVE-2009-1891"/>
 <severity level="4">low</severity>
@@ -80,6 +125,28 @@
 <affects prod="httpd" version="2.2.11"/>
 </issue>
 
+<issue fixed="2.2.12-dev" public="20090601" released="">
+<cve name="CVE-2009-0023"/>
+<severity level="3">moderate</severity>
+<title>APR-util heap underwrite</title>
+<description><p>
+A heap-based underwrite flaw was found in the way the bundled copy of
+the APR-util library created compiled forms of particular search
+patterns. An attacker could formulate a specially-crafted search
+keyword, that would overwrite arbitrary heap memory locations when
+processed by the pattern preparation engine.
+</p></description>
+<affects prod="httpd" version="2.2.11"/>
+<affects prod="httpd" version="2.2.9"/>
+<affects prod="httpd" version="2.2.8"/>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
 <issue fixed="2.2.10" public="20080805" reported="20080728" released="20081031">
 <cve name="CVE-2008-2939"/>
 <severity level="4">low</severity>



Mime
View raw message