Date: Thu, 1 Sep 2011 23:42:53 +0400 From: Andrey Chernov <ache@FreeBSD.ORG> To: Chris Rees <crees@FreeBSD.ORG> Cc: cvs-ports@FreeBSD.ORG, cvs-all@FreeBSD.ORG, ports-committers@FreeBSD.ORG Subject: Re: cvs commit: ports/security/vuxml vuln.xml Message-ID: <20110901194253.GA84679@vniz.net> In-Reply-To: <201109011906.p81J6RVU069402@repoman.freebsd.org> References: <201109011906.p81J6RVU069402@repoman.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Sep 01, 2011 at 07:06:27PM +0000, Chris Rees wrote: > crees 2011-09-01 19:06:27 UTC > > FreeBSD ports repository > > Modified files: > security/vuxml vuln.xml > Log: > Correct range for apache22, 2.2.20 is fixed and 1.3 wasn't affected. > According to http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192 1.3 _is_ affected and there will be no fix for 1.3: "Note that, while popular, Apache 1.3 is deprecated." (from announce@httpd advisory about ranges bug). -- http://ache.vniz.net/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20110901194253.GA84679>