On 1 September 2011 20:42, Andrey Chernov <a...@freebsd.org> wrote: > On Thu, Sep 01, 2011 at 07:06:27PM +0000, Chris Rees wrote: >> crees 2011-09-01 19:06:27 UTC >> >> FreeBSD ports repository >> >> Modified files: >> security/vuxml vuln.xml >> Log: >> Correct range for apache22, 2.2.20 is fixed and 1.3 wasn't affected. >> > > According to http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192 > 1.3 _is_ affected and there will be no fix for 1.3: > "Note that, while popular, Apache 1.3 is deprecated." (from > announce@httpd advisory about ranges bug). >
Yeah, there's an update from yesterday at https://people.apache.org/~dirkx/CVE-2011-3192.txt Perhaps I should have put the link rather than the CVE name, sorry. Although there's a problem with apache13, it's no longer a showstopper, just causes slowdowns. Chris _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscr...@freebsd.org"
