httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From traw...@apache.org
Subject svn commit: r1032024 - in /httpd/site/trunk/docs: download.html mod_fcgid/index.en.html
Date Sat, 06 Nov 2010 12:34:07 GMT
Author: trawick
Date: Sat Nov  6 12:34:07 2010
New Revision: 1032024

URL: http://svn.apache.org/viewvc?rev=1032024&view=rev
Log:
generated html

Modified:
    httpd/site/trunk/docs/download.html
    httpd/site/trunk/docs/mod_fcgid/index.en.html

Modified: httpd/site/trunk/docs/download.html
URL: http://svn.apache.org/viewvc/httpd/site/trunk/docs/download.html?rev=1032024&r1=1032023&r2=1032024&view=diff
==============================================================================
--- httpd/site/trunk/docs/download.html [utf-8] (original)
+++ httpd/site/trunk/docs/download.html [utf-8] Sat Nov  6 12:34:07 2010
@@ -341,48 +341,61 @@ not compatible with Apache 2.x.</p>
  <td bgcolor="#828DA6">
   <font color="#ffffff" face="arial,helvetica,sanserif">
    <a name="mod_fcgid"><strong>Apache mod_fcgid FastCGI module 
-for Apache HTTP Server released as 2.3.5</strong></a>
+for Apache HTTP Server released as 2.3.6</strong></a>
   </font>
  </td>
  <td bgcolor="#828DA6" align="right">
   <font color="#ffffff" face="arial,helvetica,sanserif">
-   <strong>2010-01-27</strong>
+   <strong>2010-11-06</strong>
   </font>
  </td>
  </tr>
  <tr><td colspan="2">
   <blockquote>
-<p>The Apache HTTP Server Project is pleased to announce the release of Apache
-mod_fcgid version 2.3.5, a FastCGI module for Apache HTTP Server, for general
-availability.</p>
+<p>
+  The Apache Software Foundation and the Apache HTTP Server Project are
+  pleased to announce the release of version 2.3.6 of mod_fcgid, a
+  FastCGI implementation for Apache HTTP Server versions 2.0, 2.2, and 
+  future 2.4.  This version of mod_fcgid is a bug fix release.
+</p>
+<p>
+  A fix is included for CVE-2010-3872, a potential vulnerability which
+  can affect sites with untrusted FastCGI applications.
+</p>
+<p>
+  Additionally, default configuration settings for request body handling
+  have been changed to prevent large system resource use.  Administrators
+  of all versions of mod_fcgid are strongly cautioned to ensure that
+  FcgidMaxRequestLen is configured appropriately.
+</p>
 <p>For information about this module subproject, see the <a href="http://httpd.apache.org/mod_fcgid/">mod_fcgid
module project page</a>.</p>
 <ul>
 <li>Unix Source as gzip with LF line endings: 
-<a href="[preferred]/httpd/mod_fcgid/mod_fcgid-2.3.5.tar.gz">mod_fcgid-2.3.5.tar.gz</a>

-[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.5.tar.gz.asc">PGP</a>]
-[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.5.tar.gz.md5">MD5</a>]
-[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.5.tar.gz.sha1">SHA1</a>]
+<a href="[preferred]/httpd/mod_fcgid/mod_fcgid-2.3.6.tar.gz">mod_fcgid-2.3.6.tar.gz</a>

+[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.6.tar.gz.asc">PGP</a>]
+[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.6.tar.gz.md5">MD5</a>]
+[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.6.tar.gz.sha1">SHA1</a>]
 </li>
 
 <li>Unix Source as bz2 with LF line endings: 
-<a href="[preferred]/httpd/mod_fcgid/mod_fcgid-2.3.5.tar.bz2">mod_fcgid-2.3.5.tar.bz2</a>

-[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.5.tar.bz2.asc">PGP</a>]
-[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.5.tar.bz2.md5">MD5</a>]
-[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.5.tar.bz2.sha1">SHA1</a>]
+<a href="[preferred]/httpd/mod_fcgid/mod_fcgid-2.3.6.tar.bz2">mod_fcgid-2.3.6.tar.bz2</a>

+[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.6.tar.bz2.asc">PGP</a>]
+[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.6.tar.bz2.md5">MD5</a>]
+[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.6.tar.bz2.sha1">SHA1</a>]
 </li>
 
 <li>Win32, Netware or OS/2 Source with CR/LF line endings: 
-<a href="[preferred]/httpd/mod_fcgid/mod_fcgid-2.3.5-crlf.zip">mod_fcgid-2.3.5-crlf.zip</a>

-[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.5-crlf.zip.asc">PGP</a>]
-[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.5-crlf.zip.md5">MD5</a>]
-[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.5-crlf.zip.sha1">SHA1</a>]
+<a href="[preferred]/httpd/mod_fcgid/mod_fcgid-2.3.6-crlf.zip">mod_fcgid-2.3.6-crlf.zip</a>

+[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.6-crlf.zip.asc">PGP</a>]
+[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.6-crlf.zip.md5">MD5</a>]
+[<a href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.6-crlf.zip.sha1">SHA1</a>]
 </li>
 
 <li>Win32 binary build (unzip over the installed Apache 2.2 directory):
-<a href="[preferred]/httpd/binaries/win32/mod_fcgid-2.3.5-win32-x86.zip">mod_fcgid-2.3.5-win32-x86.zip</a>

-[<a href="http://www.apache.org/dist/httpd/binaries/win32/mod_fcgid-2.3.5-win32-x86.zip.asc">PGP</a>]
-[<a href="http://www.apache.org/dist/httpd/binaries/win32/mod_fcgid-2.3.5-win32-x86.zip.sha1">SHA1</a>]
-[<a href="http://www.apache.org/dist/httpd/binaries/win32/mod_fcgid-2.3.5-win32-x86.zip.md5">MD5</a>]
+<a href="[preferred]/httpd/binaries/win32/mod_fcgid-2.3.6-win32-x86.zip">mod_fcgid-2.3.6-win32-x86.zip</a>

+[<a href="http://www.apache.org/dist/httpd/binaries/win32/mod_fcgid-2.3.6-win32-x86.zip.asc">PGP</a>]
+[<a href="http://www.apache.org/dist/httpd/binaries/win32/mod_fcgid-2.3.6-win32-x86.zip.sha1">SHA1</a>]
+[<a href="http://www.apache.org/dist/httpd/binaries/win32/mod_fcgid-2.3.6-win32-x86.zip.md5">MD5</a>]
 </li>
 
 </ul>
@@ -481,7 +494,8 @@ using</p>
 <li>apache_1.3.42.tar.* are signed by Colm MacCárthaigh <code>F39B3750</code></li>
 <li>apache_*.msi are signed by William A Rowe Jr <code>B55D9977(7F7214A7)</code></li>
 <li>httpd-2.*-win32-src.zip are signed by William A. Rowe Jr. <code>B55D9977(7F7214A7)</code></li>
-<li>mod_fcgid-2.3.5.tar.* and mod_fcgid-2.3.5-crlf.zip are signed by Jeff Trawick <code>39FF092C</code></li>
+<li>mod_fcgid-2.3.6.tar.* and mod_fcgid-2.3.6-crlf.zip are signed by Jeff Trawick <code>39FF092C</code></li>
+<li>mod_fcgid-2.3.6-win32-x86.zip is signed by William A. Rowe Jr. <code>B55D9977(7F7214A7)</code></li>
 <li>mod_ftp-0.9.6-beta* are signed by William A. Rowe Jr. <code>B55D9977(7F7214A7)</code></li>
 </ul>
 <p>Alternatively, you can verify the MD5 signature on the files.  A

Modified: httpd/site/trunk/docs/mod_fcgid/index.en.html
URL: http://svn.apache.org/viewvc/httpd/site/trunk/docs/mod_fcgid/index.en.html?rev=1032024&r1=1032023&r2=1032024&view=diff
==============================================================================
--- httpd/site/trunk/docs/mod_fcgid/index.en.html [utf-8] (original)
+++ httpd/site/trunk/docs/mod_fcgid/index.en.html [utf-8] Sat Nov  6 12:34:07 2010
@@ -87,15 +87,35 @@ href="/info/">Miscellaneous</a></b></p>
  <tr>
  <td bgcolor="#525D76">
   <font color="#ffffff" face="arial,helvetica,sanserif">
-   <strong>Get It!</strong>
+   <strong>mod_fcgid 2.3.6 released</strong>
+  </font>
+ </td>
+ <td bgcolor="#525D76" align="right">
+  <font color="#ffffff" face="arial,helvetica,sanserif">
+   <strong>2010-11-06</strong>
   </font>
  </td>
  </tr>
- <tr><td>
+ <tr><td colspan="2">
   <blockquote>
 <p>
-    <tt>mod_fcgid</tt> 2.3.5 is now released for general availability!
-    You can get the source from
+  The Apache Software Foundation and the Apache HTTP Server Project are
+  pleased to announce the release of version 2.3.6 of mod_fcgid, a
+  FastCGI implementation for Apache HTTP Server versions 2.0, 2.2, and 
+  future 2.4.  This version of mod_fcgid is a bug fix release.
+</p>
+<p>
+  A fix is included for CVE-2010-3872, a potential vulnerability which
+  can affect sites with untrusted FastCGI applications.
+</p>
+<p>
+  Additionally, default configuration settings for request body handling
+  have been changed to prevent large system resource use.  Administrators
+  of all versions of mod_fcgid are strongly cautioned to ensure that
+  FcgidMaxRequestLen is configured appropriately.
+</p>
+<p>
+    You can get the source and Windows binaries from
     <a href="http://httpd.apache.org/download.cgi#mod_fcgid">your local mirror</a>
   </p>
 <p>Development of mod_fcgid can be followed through the



Mime
View raw message