httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christophe JAILLET <christophe.jail...@wanadoo.fr>
Subject Re: svn commit: r1890598 - in /httpd/site/trunk/content/security/json: CVE-2019-17567.json CVE-2020-13938.json CVE-2020-13950.json CVE-2020-35452.json CVE-2021-26690.json CVE-2021-26691.json CVE-2021-30641.json CVE-2021-31618.json
Date Wed, 09 Jun 2021 20:10:10 GMT
Le 08/06/2021 à 13:42, mjc@apache.org a écrit :
> Author: mjc
> Date: Tue Jun  8 11:42:36 2021
> New Revision: 1890598
> 
> URL: http://svn.apache.org/viewvc?rev=1890598&view=rev
> Log:
> Fix the release date and version
> 
> Modified:
>      httpd/site/trunk/content/security/json/CVE-2019-17567.json
>      httpd/site/trunk/content/security/json/CVE-2020-13938.json
>      httpd/site/trunk/content/security/json/CVE-2020-13950.json
>      httpd/site/trunk/content/security/json/CVE-2020-35452.json
>      httpd/site/trunk/content/security/json/CVE-2021-26690.json
>      httpd/site/trunk/content/security/json/CVE-2021-26691.json
>      httpd/site/trunk/content/security/json/CVE-2021-30641.json
>      httpd/site/trunk/content/security/json/CVE-2021-31618.json
> 
> Modified: httpd/site/trunk/content/security/json/CVE-2019-17567.json
> URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2019-17567.json?rev=1890598&r1=1890597&r2=1890598&view=diff
> ==============================================================================
> --- httpd/site/trunk/content/security/json/CVE-2019-17567.json (original)
> +++ httpd/site/trunk/content/security/json/CVE-2019-17567.json Tue Jun  8 11:42:36 2021
> @@ -13,14 +13,14 @@
>         "value": "reported"
>       },
>       {
> -      "time": "--",
> +      "time": "2021-06-01",
>         "lang": "eng",
>         "value": "public"
>       },
>       {
> -      "time": "--",
> +      "time": "2021-06-01",
>         "lang": "eng",
> -      "value": "2.4.47 released"
> +      "value": "2.4.48 released"
>       }
>     ],
>     "CNA_private": {
> @@ -30,7 +30,7 @@
>       "ASSIGNER": "security@apache.org",
>       "AKA": "",
>       "STATE": "PUBLIC",
> -    "DATE_PUBLIC": "--",
> +    "DATE_PUBLIC": "2021-06-01",
>       "ID": "CVE-2019-17567",
>       "TITLE": "mod_proxy_wstunnel tunneling of non Upgraded connections"
>     },
> @@ -210,4 +210,4 @@
>         ]
>       }
>     }
> -}
> \ No newline at end of file
> +}
> 
> 

Not a big issue from my point of view, but now cvetool, CHANGES and 
CHANGES_2.48 are not in line anymore with vulnerabilities_xx.html

My own preference is for keeping 2.4.47 because it was really fixed in 
this version, even if not announced.

I guess that it is mostly a matter of taste and that both point of view 
are acceptable.

CJ

Mime
View raw message