On Tue, Mar 09, 2010 at 02:43:08PM -0600, William Rowe wrote: > On 3/9/2010 11:15 AM, Jeff Trawick wrote: > > On Tue, Mar 9, 2010 at 11:52 AM, <[email protected]> wrote: > >> Author: wrowe > >> Date: Tue Mar 9 11:52:32 2010 > >> New Revision: 113 > >> > >> Log: > >> For 2.0 patch available, note different line numbers > > > > I will continue working on the related vulnerabilities-httpd.xml > > update unless you've already started ;) > > Be my guest, I was just moving the single entry and see you had jumped > into the 2.0 security report xml. I was just going back over source code > to verify the age of the flaw.
Has anybody looked into whether CVE-2010-0434 affects 2.0.x too, on the subject of security and 2.0.x? The r->headers_in table issue looks the same but I didn't manage to get a test case working for 2.2.x to be able to reproduce it. Regards, Joe
