Return-Path: 
 <dev-return-67426-apmail-httpd-dev-archive=httpd.apache.org@httpd.apache.org>
Delivered-To: apmail-httpd-dev-archive@www.apache.org
Received: (qmail 18054 invoked from network); 8 Jan 2010 12:29:43 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3)
  by minotaur.apache.org with SMTP; 8 Jan 2010 12:29:43 -0000
Received: (qmail 3997 invoked by uid 500); 8 Jan 2010 12:29:42 -0000
Delivered-To: apmail-httpd-dev-archive@httpd.apache.org
Received: (qmail 3913 invoked by uid 500); 8 Jan 2010 12:29:42 -0000
Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@httpd.apache.org
list-help: <mailto:dev-help@httpd.apache.org>
list-unsubscribe: <mailto:dev-unsubscribe@httpd.apache.org>
List-Post: <mailto:dev@httpd.apache.org>
List-Id: <dev.httpd.apache.org>
Delivered-To: mailing list dev@httpd.apache.org
Received: (qmail 3904 invoked by uid 99); 8 Jan 2010 12:29:42 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 08 Jan 2010 12:29:42 +0000
X-ASF-Spam-Status: No, hits=1.2 required=10.0
	tests=SPF_NEUTRAL
X-Spam-Check-By: apache.org
Received-SPF: neutral (nike.apache.org: local policy)
Received: from [209.85.160.45] (HELO mail-pw0-f45.google.com) (209.85.160.45)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 08 Jan 2010 12:29:33 +0000
Received: by pwj1 with SMTP id 1so12865637pwj.24
        for <multiple recipients>; Fri, 08 Jan 2010 04:29:11 -0800 (PST)
MIME-Version: 1.0
Received: by 10.141.100.13 with SMTP id c13mr12191189rvm.33.1262953751437;
	Fri, 08 Jan 2010 04:29:11 -0800 (PST)
Date: Fri, 8 Jan 2010 12:29:11 +0000
Message-ID: <6f5b6fe71001080429i64c10db8n797e1cb4c71354b6@mail.gmail.com>
Subject: [VOTE] 1.3.42 release candidate
From: =?ISO-8859-1?Q?Colm_MacC=E1rthaigh?= <colm@allcosts.net>
To: dev@httpd.apache.org, current-testers@httpd.apache.org,
	stable-testers@httpd.apache.org
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
X-Virus-Checked: Checked by ClamAV on apache.org

There is a 1.3.42 release candidate for testing, and voting, at;

         http://people.apache.org/~colm/1.3.42/

As per the changes, there are two updates;

 *) SECURITY: CVE-2010-0010 (cve.mitre.org)
     mod_proxy: Prevent chunk-size integer overflow on platforms
     where sizeof(int) < sizeof(long). Reported by Adam Zabrocki.
     [Colm MacC=E1rthaigh

  *) Protect logresolve from mismanaged DNS records that return
     blank/null hostnames. [Jim Jagielski]

Notes;

this is intended as the final release of Apache httpd 1.3, which has
reached end of life. Security updates may continue to be provided by
another means (see the CHANGES file for details).

Apache httpd 1.3's "./configure" script does not work with some
versions of "dash". Please change the hash-bang line to execute a
bourne-compatible shell, such as "/bin/bash" on platforms affected.

Many thanks in advance for your help and testing.

--=20
Colm