Apache | Dev

Apache | Dev Mailing List Archive by Gossamer Threads http://www.gossamer-threads.com/lists/apache/dev/ en-us (c) Gossamer Threads Inc. All rights reserved. 16 May 2008 21:12:40 -0800 120 Gossamer Threads | Apache | Dev 75 23 http://www.gossamer-threads.com/lists/apache/dev/ http://www.gossamer-threads.com/images/lists/rss_logo.jpg Re: httpd lib depencies Philip M. Gollucci wrote: > Is this close ? > > The only way I found to figure this out is to unpack each http distribution > and look in 'CHANGES' > 16 May 2008 19:32:56 -0800 http://www.gossamer-threads.com/lists/apache/dev/351696 Debian gaffe (DSA-1571-1, CVE-2008-016) The debian gaffe also affects any 'req's or self-signed certs created on the affected platform. Unfortunately the blacklists generated by folks are 16 May 2008 13:11:43 -0800 http://www.gossamer-threads.com/lists/apache/dev/351684 [PATCH] Response to TRACE garbled from EBCDIC platform The response to TRACE when "TraceEnable Off" is not used on an EBCDIC platform is partially in ASCII and partially in EBCDIC (part readable, part garb 15 May 2008 10:54:35 -0800 http://www.gossamer-threads.com/lists/apache/dev/351653 bugs/inappropriate coding practice discovered by interprocedural code analysis for version 2.2.8 of Apache Dear Apache-HTTPD developers, I am a Ph.D student in the Software Engineering Research Group of EECS department in Case Western Reserve University, 14 May 2008 11:44:19 -0800 http://www.gossamer-threads.com/lists/apache/dev/351609 Correction to BID 29112 "Apache Server HTML Injection and UTF-7 XSS Vulnerability" HTTP User and Desktop Security Communities; With respect to http://www.securityfocus.com/bid/29112 Per http://www.ietf.org/rfc/rfc2616.txt 3.7.1 Ca 14 May 2008 10:27:42 -0800 http://www.gossamer-threads.com/lists/apache/dev/351607 CVE-2008-2168 > Cross-site scripting (XSS) vulnerability when displaying the 403 Forbidden error page I can't find any info about this issue on the site. I guess 14 May 2008 04:35:12 -0800 http://www.gossamer-threads.com/lists/apache/dev/351590 Impact of OpenSSL Randomness issues on Debian If you are just catching up: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0166 http://it.slashdot.org/article.pl?sid=08/05/13/1533212 Most of the tal 13 May 2008 14:18:29 -0800 http://www.gossamer-threads.com/lists/apache/dev/351562 Missing vote for persistent SSL backend proxy connections I know that the following patch really requires some work to review, but it is missing only one vote and it would be really worth to be included in 2. 13 May 2008 14:02:01 -0800 http://www.gossamer-threads.com/lists/apache/dev/351561 Re: svn commit: r655711 - in /httpd/httpd/trunk: CHANGES support/suexec.c On 05/13/2008 04:21 AM, fielding@apache.org wrote: > Author: fielding > Date: Mon May 12 19:21:33 2008 > New Revision: 655711 > > URL: http://svn.apa 13 May 2008 12:30:58 -0800 http://www.gossamer-threads.com/lists/apache/dev/351560 Re: svn commit: r655594 - /httpd/httpd/branches/2.2.x/STATUS On 05/12/2008 08:39 PM, jim@apache.org wrote: > Author: jim > Date: Mon May 12 11:39:34 2008 > New Revision: 655594 > > URL: http://svn.apache.org/vi 12 May 2008 13:33:21 -0800 http://www.gossamer-threads.com/lists/apache/dev/351478