Return-Path: Delivered-To: apmail-httpd-cvs-archive@www.apache.org Received: (qmail 41282 invoked from network); 6 Nov 2010 12:32:05 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 6 Nov 2010 12:32:05 -0000 Received: (qmail 76662 invoked by uid 500); 6 Nov 2010 12:32:37 -0000 Delivered-To: apmail-httpd-cvs-archive@httpd.apache.org Received: (qmail 76463 invoked by uid 500); 6 Nov 2010 12:32:34 -0000 Mailing-List: contact cvs-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list cvs@httpd.apache.org Received: (qmail 76456 invoked by uid 99); 6 Nov 2010 12:32:34 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 06 Nov 2010 12:32:34 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 06 Nov 2010 12:32:33 +0000 Received: by eris.apache.org (Postfix, from userid 65534) id BD960238890B; Sat, 6 Nov 2010 12:31:19 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: svn commit: r1032023 - in /httpd/site/trunk/xdocs: download.xml mod_fcgid/index.en.xml Date: Sat, 06 Nov 2010 12:31:19 -0000 To: cvs@httpd.apache.org From: trawick@apache.org X-Mailer: svnmailer-1.0.8 Message-Id: <20101106123119.BD960238890B@eris.apache.org> Author: trawick Date: Sat Nov 6 12:31:19 2010 New Revision: 1032023 URL: http://svn.apache.org/viewvc?rev=1032023&view=rev Log: mod_fcgid 2.3.6 Modified: httpd/site/trunk/xdocs/download.xml httpd/site/trunk/xdocs/mod_fcgid/index.en.xml Modified: httpd/site/trunk/xdocs/download.xml URL: http://svn.apache.org/viewvc/httpd/site/trunk/xdocs/download.xml?rev=1032023&r1=1032022&r2=1032023&view=diff ============================================================================== --- httpd/site/trunk/xdocs/download.xml [utf-8] (original) +++ httpd/site/trunk/xdocs/download.xml [utf-8] Sat Nov 6 12:31:19 2010 @@ -253,45 +253,60 @@ href="http://www.apache.org/dist/httpd/a -
Apache mod_fcgid FastCGI module -for Apache HTTP Server released as 2.3.5 +
Apache mod_fcgid FastCGI module +for Apache HTTP Server released as 2.3.6 -

The Apache HTTP Server Project is pleased to announce the release of Apache -mod_fcgid version 2.3.5, a FastCGI module for Apache HTTP Server, for general -availability.

+

+ The Apache Software Foundation and the Apache HTTP Server Project are + pleased to announce the release of version 2.3.6 of mod_fcgid, a + FastCGI implementation for Apache HTTP Server versions 2.0, 2.2, and + future 2.4. This version of mod_fcgid is a bug fix release. +

+ +

+ A fix is included for CVE-2010-3872, a potential vulnerability which + can affect sites with untrusted FastCGI applications. +

+ +

+ Additionally, default configuration settings for request body handling + have been changed to prevent large system resource use. Administrators + of all versions of mod_fcgid are strongly cautioned to ensure that + FcgidMaxRequestLen is configured appropriately. +

For information about this module subproject, see the mod_fcgid module project page.

@@ -379,7 +394,8 @@ using

  • apache_1.3.42.tar.* are signed by Colm MacCárthaigh F39B3750
  • apache_*.msi are signed by William A Rowe Jr B55D9977(7F7214A7)
  • httpd-2.*-win32-src.zip are signed by William A. Rowe Jr. B55D9977(7F7214A7)
    • -
  • mod_fcgid-2.3.5.tar.* and mod_fcgid-2.3.5-crlf.zip are signed by Jeff Trawick 39FF092C
    • +
  • mod_fcgid-2.3.6.tar.* and mod_fcgid-2.3.6-crlf.zip are signed by Jeff Trawick 39FF092C
    • +
  • mod_fcgid-2.3.6-win32-x86.zip is signed by William A. Rowe Jr. B55D9977(7F7214A7)
  • mod_ftp-0.9.6-beta* are signed by William A. Rowe Jr. B55D9977(7F7214A7)
    • Modified: httpd/site/trunk/xdocs/mod_fcgid/index.en.xml URL: http://svn.apache.org/viewvc/httpd/site/trunk/xdocs/mod_fcgid/index.en.xml?rev=1032023&r1=1032022&r2=1032023&view=diff ============================================================================== --- httpd/site/trunk/xdocs/mod_fcgid/index.en.xml [utf-8] (original) +++ httpd/site/trunk/xdocs/mod_fcgid/index.en.xml [utf-8] Sat Nov 6 12:31:19 2010 @@ -18,12 +18,30 @@

    -
    - Get It! +
    + mod_fcgid 2.3.6 released + +

    + The Apache Software Foundation and the Apache HTTP Server Project are + pleased to announce the release of version 2.3.6 of mod_fcgid, a + FastCGI implementation for Apache HTTP Server versions 2.0, 2.2, and + future 2.4. This version of mod_fcgid is a bug fix release. +

    + +

    + A fix is included for CVE-2010-3872, a potential vulnerability which + can affect sites with untrusted FastCGI applications. +

    + +

    + Additionally, default configuration settings for request body handling + have been changed to prevent large system resource use. Administrators + of all versions of mod_fcgid are strongly cautioned to ensure that + FcgidMaxRequestLen is configured appropriately. +

    - mod_fcgid 2.3.5 is now released for general availability! - You can get the source from + You can get the source and Windows binaries from your local mirror