httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christophe JAILLET <christophe.jail...@wanadoo.fr>
Subject Re: vulnerabilities page vs change log
Date Fri, 04 Jun 2021 18:01:59 GMT
Le 04/06/2021 à 09:45, Steffen Land a écrit :
> 
> 
> Thanks Christophe for all the work,  nice process changes !
> 
> See a little one:
> 
> - at https://httpd.apache.org/security/vulnerabilities_24.html I see 
> under 2.4.48 the CVE 13938 and in the change log  under 2.4.47
> 
> - in changelog I see under 2.4.48 the CVE 31618 and at the page under 
> 2.4.47
> 
> Steffen
> 
Hi,

you are right Steffen.

Hopefully, the new tools dedicated to CVE management provided by 
apache.org will help us avoid these small copy/paste issues.

I also plan to add some checks in our internal tools to catch such cases.

In the above cases, CHANGES is right (vulnerabilities_24.html is wrong)
This will be fixed by tomorrow.

Thanks for reporting.

CJ


Mime
View raw message