httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From build...@apache.org
Subject svn commit: r817477 - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities_24.html
Date Sun, 13 May 2012 14:52:05 GMT
Author: buildbot
Date: Sun May 13 14:52:05 2012
New Revision: 817477

Log:
Staging update by buildbot for httpd

Modified:
    websites/staging/httpd/trunk/content/   (props changed)
    websites/staging/httpd/trunk/content/security/vulnerabilities_24.html

Propchange: websites/staging/httpd/trunk/content/
------------------------------------------------------------------------------
--- cms:source-revision (original)
+++ cms:source-revision Sun May 13 14:52:05 2012
@@ -1 +1 @@
-1337898
+1337900

Modified: websites/staging/httpd/trunk/content/security/vulnerabilities_24.html
==============================================================================
--- websites/staging/httpd/trunk/content/security/vulnerabilities_24.html (original)
+++ websites/staging/httpd/trunk/content/security/vulnerabilities_24.html Sun May 13 14:52:05
2012
@@ -92,19 +92,16 @@ older releases. Consult the <a href="vul
 list</a> for more information.</em> </p>
 <h1 id="2.4.2">Fixed in Apache httpd 2.4.2</h1>
 <dl>
-<dd><strong>low:</strong>  <strong><name name="CVE-2012-0883">insecure
LD_LIBRARY_PATH
-  handling</name></strong> 
-  <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0883">CVE-2012-0883</a>
</dd>
-<dt>Insecure handling of LD_LIBRARY_PATH was found that could lead to the</dt>
-<dt>current working directory to be searched for DSOs. This could allow a local</dt>
-<dt>user to execute code as root if an administrator runs apachectl from an</dt>
-<dt>untrusted directory.</dt>
+<dt><strong>low: <name name="CVE-2012-0883">insecure LD_LIBRARY_PATH handling</name>
<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0883">CVE-2012-0883</a></strong></dt>
 <dd>
-<p>Reported to security team: 14th February 2012<br></br>Issue public:
- 2nd March 2012<br></br>Update released: 17th April 2012<br></br></p>
-</dd>
-<dd>
-<p>Affected: 2.4.1</p>
+<p>Insecure handling of LD_LIBRARY_PATH was found that could lead to the
+current working directory to be searched for DSOs. This could allow a local
+user to execute code as root if an administrator runs apachectl from an
+untrusted directory.</p>
+<p><em>Reported to security team</em>: 14th February 2012<br/>
+<em>Issue public</em>: 2nd March 2012<br/>
+<em>Update released</em>: 17th April 2012<br/>
+<em>Affected</em>: 2.4.1<br/></p>
 </dd>
 </dl>
             



Mime
View raw message