httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From m..@apache.org
Subject svn commit: r1025512 - /httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml
Date Wed, 20 Oct 2010 11:47:12 GMT
Author: mjc
Date: Wed Oct 20 11:47:11 2010
New Revision: 1025512

URL: http://svn.apache.org/viewvc?rev=1025512&view=rev
Log:
Add first missing issue

Modified:
    httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml

Modified: httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml
URL: http://svn.apache.org/viewvc/httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml?rev=1025512&r1=1025511&r2=1025512&view=diff
==============================================================================
--- httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml [utf-8] (original)
+++ httpd/site/trunk/xdocs/security/vulnerabilities-httpd.xml [utf-8] Wed Oct 20 11:47:11
2010
@@ -1,4 +1,68 @@
-<security updated="20101019">
+<security updated="20101020">
+
+<issue fixed="2.2.17" reported="20100303" public="20101001" released="20101019">
+<cve name="CVE-2010-1623"/>
+<severity level="4">low</severity>
+<title>apr_bridage_split_line DoS</title>
+<description><p>
+A flaw was found in the apr_brigade_split_line() function of the bundled
+APR-util library, used to process non-SSL requests.  A remote attacker
+could send carefully crafted requests which would slowly consume
+memory, potentially leading to a denial of service.
+</p>
+</description>
+<affects prod="httpd" version="2.2.16"/>
+<affects prod="httpd" version="2.2.15"/>
+<affects prod="httpd" version="2.2.14"/>
+<affects prod="httpd" version="2.2.13"/>
+<affects prod="httpd" version="2.2.12"/>
+<affects prod="httpd" version="2.2.11"/>
+<affects prod="httpd" version="2.2.10"/>
+<affects prod="httpd" version="2.2.9"/>
+<affects prod="httpd" version="2.2.8"/>
+<affects prod="httpd" version="2.2.6"/>
+<affects prod="httpd" version="2.2.5"/>
+<affects prod="httpd" version="2.2.4"/>
+<affects prod="httpd" version="2.2.3"/>
+<affects prod="httpd" version="2.2.2"/>
+<affects prod="httpd" version="2.2.0"/>
+</issue>
+
+<issue fixed="2.0.64" reported="20100303" public="20101001" released="20101019">
+<cve name="CVE-2010-1623"/>
+<severity level="4">low</severity>
+<title>apr_bridage_split_line DoS</title>
+<description><p>
+A flaw was found in the apr_brigade_split_line() function of the bundled
+APR-util library, used to process non-SSL requests.  A remote attacker
+could send carefully crafted requests which would slowly consume
+memory, potentially leading to a denial of service.
+</p>
+</description>
+<affects prod="httpd" version="2.0.63"/>
+<affects prod="httpd" version="2.0.61"/>
+<affects prod="httpd" version="2.0.59"/>
+<affects prod="httpd" version="2.0.58"/>
+<affects prod="httpd" version="2.0.55"/>
+<affects prod="httpd" version="2.0.54"/>
+<affects prod="httpd" version="2.0.53"/>
+<affects prod="httpd" version="2.0.52"/>
+<affects prod="httpd" version="2.0.51"/>
+<affects prod="httpd" version="2.0.50"/>
+<affects prod="httpd" version="2.0.49"/>
+<affects prod="httpd" version="2.0.48"/>
+<affects prod="httpd" version="2.0.47"/>
+<affects prod="httpd" version="2.0.46"/>
+<affects prod="httpd" version="2.0.45"/>
+<affects prod="httpd" version="2.0.44"/>
+<affects prod="httpd" version="2.0.43"/>
+<affects prod="httpd" version="2.0.42"/>
+<affects prod="httpd" version="2.0.40"/>
+<affects prod="httpd" version="2.0.39"/>
+<affects prod="httpd" version="2.0.37"/>
+<affects prod="httpd" version="2.0.36"/>
+<affects prod="httpd" version="2.0.35"/>
+</issue>
 
 <issue fixed="2.2.16" reported="20100504" public="20100725" released="20100725">
 <cve name="CVE-2010-1452"/>



Mime
View raw message