Date: Thu, 1 Sep 2011 20:47:19 +0100 From: Chris Rees <crees@freebsd.org> To: Andrey Chernov <ache@freebsd.org>, Chris Rees <crees@freebsd.org>, ports-committers@freebsd.org, cvs-ports@freebsd.org, cvs-all@freebsd.org Subject: Re: cvs commit: ports/security/vuxml vuln.xml Message-ID: <CADLo838Pa6zCtAaw94xE2mQcNY-4yCNDiszOXUy6QYWXJHdhrg@mail.gmail.com> In-Reply-To: <20110901194253.GA84679@vniz.net> References: <201109011906.p81J6RVU069402@repoman.freebsd.org> <20110901194253.GA84679@vniz.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 1 September 2011 20:42, Andrey Chernov <ache@freebsd.org> wrote: > On Thu, Sep 01, 2011 at 07:06:27PM +0000, Chris Rees wrote: >> crees =A0 =A0 =A0 2011-09-01 19:06:27 UTC >> >> =A0 FreeBSD ports repository >> >> =A0 Modified files: >> =A0 =A0 security/vuxml =A0 =A0 =A0 vuln.xml >> =A0 Log: >> =A0 Correct range for apache22, 2.2.20 is fixed and 1.3 wasn't affected. >> > > According to http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2011-319= 2 > 1.3 _is_ affected and there will be no fix for 1.3: > "Note that, while popular, Apache 1.3 is deprecated." (from > announce@httpd advisory about ranges bug). > Yeah, there's an update from yesterday at https://people.apache.org/~dirkx/CVE-2011-3192.txt Perhaps I should have put the link rather than the CVE name, sorry. Although there's a problem with apache13, it's no longer a showstopper, just causes slowdowns. Chris
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CADLo838Pa6zCtAaw94xE2mQcNY-4yCNDiszOXUy6QYWXJHdhrg>