httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christophe JAILLET <christophe.jail...@wanadoo.fr>
Subject Re: vulnerabilities page vs change log
Date Sun, 06 Jun 2021 09:02:33 GMT


Le 04/06/2021 à 20:01, Christophe JAILLET a écrit :
> Le 04/06/2021 à 09:45, Steffen Land a écrit :
>>
>>
>> Thanks Christophe for all the work,  nice process changes !
>>
>> See a little one:
>>
>> - at https://httpd.apache.org/security/vulnerabilities_24.html I see 
>> under 2.4.48 the CVE 13938 and in the change log  under 2.4.47
>>
>> - in changelog I see under 2.4.48 the CVE 31618 and at the page under 
>> 2.4.47
>>
>> Steffen
>>
> Hi,
> 
> you are right Steffen.
> 
> Hopefully, the new tools dedicated to CVE management provided by 
> apache.org will help us avoid these small copy/paste issues.
> 
> I also plan to add some checks in our internal tools to catch such cases.
> 
> In the above cases, CHANGES is right (vulnerabilities_24.html is wrong)
> This will be fixed by tomorrow.
> 
> Thanks for reporting.
> 
> CJ
> 

Hi,
This should be fixed now. If you spot anything else that looks spurious, 
do not hesitate to notify us.

CJ

Mime
View raw message