httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dirk-Willem van Gulik <di...@webweaving.org>
Subject CVE-2011-3192 (Was: CVE (Was: DoS with mod_deflate & range requests))
Date Wed, 24 Aug 2011 11:43:28 GMT
The new Range: header has been given the CVE of

	CVE-2011-3192

Please use that in subjects, commits and what not.

Thanks,

Dw.

On 24 Aug 2011, at 09:28, Dirk-Willem van Gulik wrote:

> Folks,
> 
> Have we done (or who is doing a CVE) on this ? So we get immediate 'fixes' out like a
tiny patch to count the comma's, a caveated LimitRequestFieldSize 100 or a clever Regex on
%{HTTP_Range}.
> 
> Or am I totally asleep and missed the CVE (as my google foo only nets me CVE-2005-2728
right now - which is from 2005!).
> 
> Dw.
> 


Mime
View raw message