From: Mark J. Cox Date: Thu, 2 Sep 2004 09:37:38 +0000 (+0000) Subject: Promote CAN references to final CVE references for the CVE update X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ba2ef62787df77247c711d249e8dd844df6e6b74;p=thirdparty%2Fapache%2Fhttpd.git Promote CAN references to final CVE references for the CVE update that happened last night PR: Obtained from: Submitted by: Reviewed by: git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@104929 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/src/CHANGES b/src/CHANGES index c24a82b1f96..16bdde724bc 100644 --- a/src/CHANGES +++ b/src/CHANGES @@ -72,7 +72,7 @@ Changes with Apache 1.3.30 NONBLOCK_WHEN_MULTI_LISTEN if needed for your platform and not already defined. [Jeff Trawick, Brad Nicholes, Joe Orton] - *) SECURITY: CAN-2003-0993 (cve.mitre.org) + *) SECURITY: CVE-2003-0993 (cve.mitre.org) Fix parsing of Allow/Deny rules using IP addresses without a netmask; issue is only known to affect big-endian 64-bit platforms; on affected platforms such rules would never produce @@ -126,7 +126,7 @@ Changes with Apache 1.3.30 *) Forensic logging module added (mod_log_forensic). [Ben Laurie] - *) SECURITY: CAN-2003-0020 (cve.mitre.org) + *) SECURITY: CVE-2003-0020 (cve.mitre.org) Escape arbitrary data before writing into the errorlog. Unescaped errorlogs are still possible using the compile time switch "-DAP_UNSAFE_ERROR_LOG_UNESCAPED". [Geoffrey Young, André Malo] @@ -376,7 +376,7 @@ Changes with Apache 1.3.28 Changes with Apache 1.3.27 - *) SECURITY: CAN-2002-0840 (cve.mitre.org) + *) SECURITY: CVE-2002-0840 (cve.mitre.org) Prevent a cross-site scripting vulnerability in the default error page. The issue could only be exploited if the directive UseCanonicalName is set to Off and a server is being run at @@ -4045,7 +4045,7 @@ Changes with Apache 1.3.2 run-time configurable using the ExtendedStatus directive. [Jim Jagielski] - *) SECURITY: CAN-1999-1199 (cve.mitre.org) + *) SECURITY: CVE-1999-1199 (cve.mitre.org) Eliminate O(n^2) space DoS attacks (and other O(n^2) cpu time attacks) in header parsing. Add ap_overlap_tables(), a function which can be used to perform bulk update operations