httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Fritsch>
Subject RE: XSS vulnerability in mod_negotiation - status in 2.2.8?
Date Wed, 06 Feb 2008 11:57:16 GMT

On Wed, 6 Feb 2008, Boyle Owen wrote:

> It is clear to me now that this is a storm in a teacup. I note also that
> the "vulnerability" never made it to the CVE database so I think we can
> decide on "no further action".

That's not true. CVE-2008-0455 and CVE-2008-0456 have been assigned to 
this issue. Maybe the apache security team should contact mitre so that 
these entries are marked as disputed.


View raw message