On Mon, Apr 23, 2012 at 7:21 AM, <[email protected]> wrote: > Author: trawick > Date: Mon Apr 23 11:21:13 2012 > New Revision: 1329187 > > URL: http://svn.apache.org/viewvc?rev=1329187&view=rev > Log: > Announcing mod_fcgid 2.3.7...
BTW Bill, any plans to create Windows binaries (2.2? 2.4?)? We would then restore+edit some text removed with this commit. > > Modified: > httpd/site/trunk/xdocs/download.xml > httpd/site/trunk/xdocs/mod_fcgid/index.en.xml > > Modified: httpd/site/trunk/xdocs/download.xml > URL: > http://svn.apache.org/viewvc/httpd/site/trunk/xdocs/download.xml?rev=1329187&r1=1329186&r2=1329187&view=diff > ============================================================================== > --- httpd/site/trunk/xdocs/download.xml [utf-8] (original) > +++ httpd/site/trunk/xdocs/download.xml [utf-8] Mon Apr 23 11:21:13 2012 > @@ -1,4 +1,4 @@ > -<?xml version="1.0"?> > +<?xml version="1.0"?> > <document> > <properties> > <author email="[email protected]">Documentation Group</author> > @@ -254,66 +254,43 @@ fixes a few potential security vulnerabi > </section> > > <section id="mod_fcgid" date="2010-11-06"><title>Apache mod_fcgid FastCGI > module > -for Apache HTTP Server released as 2.3.6</title> > +for Apache HTTP Server released as 2.3.7</title> > > <p> > The Apache Software Foundation and the Apache HTTP Server Project are > - pleased to announce the release of version 2.3.6 of mod_fcgid, a > + pleased to announce the release of version 2.3.7 of mod_fcgid, a > FastCGI implementation for Apache HTTP Server versions 2.0, 2.2, and > future 2.4. This version of mod_fcgid is a bug fix release. > </p> > > -<p> > - A fix is included for CVE-2010-3872, a potential vulnerability which > - can affect sites with untrusted FastCGI applications. > -</p> > - > -<p> > - Additionally, default configuration settings for request body handling > - have been changed to prevent large system resource use. Administrators > - of all versions of mod_fcgid are strongly cautioned to ensure that > - FcgidMaxRequestLen is configured appropriately. > -</p> > - > <p>For information about this module subproject, see the <a > href="http://httpd.apache.org/mod_fcgid/";>mod_fcgid module project > page</a>.</p> > > <ul> > <li>Unix Source as gzip with LF line endings: > -<a > href="[preferred]/httpd/mod_fcgid/mod_fcgid-2.3.6.tar.gz">mod_fcgid-2.3.6.tar.gz</a> > -[<a > href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.6.tar.gz.asc";>PGP</a>] > -[<a > href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.6.tar.gz.md5";>MD5</a>] > -[<a > href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.6.tar.gz.sha1";>SHA1</a>] > +<a > href="[preferred]/httpd/mod_fcgid/mod_fcgid-2.3.7.tar.gz">mod_fcgid-2.3.7.tar.gz</a> > +[<a > href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.7.tar.gz.asc";>PGP</a>] > +[<a > href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.7.tar.gz.md5";>MD5</a>] > +[<a > href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.7.tar.gz.sha1";>SHA1</a>] > </li> > > <li>Unix Source as bz2 with LF line endings: > -<a > href="[preferred]/httpd/mod_fcgid/mod_fcgid-2.3.6.tar.bz2">mod_fcgid-2.3.6.tar.bz2</a> > -[<a > href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.6.tar.bz2.asc";>PGP</a>] > -[<a > href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.6.tar.bz2.md5";>MD5</a>] > -[<a > href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.6.tar.bz2.sha1";>SHA1</a>] > +<a > href="[preferred]/httpd/mod_fcgid/mod_fcgid-2.3.7.tar.bz2">mod_fcgid-2.3.7.tar.bz2</a> > +[<a > href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.7.tar.bz2.asc";>PGP</a>] > +[<a > href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.7.tar.bz2.md5";>MD5</a>] > +[<a > href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.7.tar.bz2.sha1";>SHA1</a>] > </li> > > <li>Win32, Netware or OS/2 Source with CR/LF line endings: > -<a href="[preferred]/httpd/mod_fcgid/mod_fcgid-2.3.6-crlf.zip" > - >mod_fcgid-2.3.6-crlf.zip</a> > -[<a > href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.6-crlf.zip.asc";>PGP</a>] > -[<a > href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.6-crlf.zip.md5";>MD5</a>] > -[<a > href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.6-crlf.zip.sha1";>SHA1</a>] > -</li> > - > -<li>Win32 binary build (unzip over the installed Apache 2.2 directory): > -<a href="[preferred]/httpd/binaries/win32/mod_fcgid-2.3.6-win32-x86.zip" > - >mod_fcgid-2.3.6-win32-x86.zip</a> > -[<a > href="http://www.apache.org/dist/httpd/binaries/win32/mod_fcgid-2.3.6-win32-x86.zip.asc";>PGP</a>] > -[<a > href="http://www.apache.org/dist/httpd/binaries/win32/mod_fcgid-2.3.6-win32-x86.zip.md5";>MD5</a>] > -[<a > href="http://www.apache.org/dist/httpd/binaries/win32/mod_fcgid-2.3.6-win32-x86.zip.sha1";>SHA1</a>] > +<a href="[preferred]/httpd/mod_fcgid/mod_fcgid-2.3.7-crlf.zip" > + >mod_fcgid-2.3.7-crlf.zip</a> > +[<a > href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.7-crlf.zip.asc";>PGP</a>] > +[<a > href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.7-crlf.zip.md5";>MD5</a>] > +[<a > href="http://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.7-crlf.zip.sha1";>SHA1</a>] > </li> > > </ul> > > -<p>A patch is available <a > href="[preferred]/httpd/mod_fcgid/patches/apply_to_2.3.6/">here</a> > -for a regression in this release. The patch has not been applied to the > Windows binaries.</p> > - > </section> > > <section id="mod_ftp" date="2008-10-08"><title>Apache FTP module for Apache > @@ -396,8 +373,7 @@ using</p> > <li>httpd-2.0.64.tar.* are signed by William A Rowe Jr > <code>B55D9977(7F7214A7)</code></li> > <li>httpd-2.2.22-win32-src.zip, .msi, and -netware/-sdk files signed by > William A Rowe Jr <code>B55D9977(60C5442D)</code></li> > <li>httpd-2.0.64-win32-src.zip and .msi signed by William A Rowe Jr > <code>B55D9977(7F7214A7)</code></li> > -<li>mod_fcgid-2.3.6.tar.* and mod_fcgid-2.3.6-crlf.zip are signed by Jeff > Trawick <code>39FF092C</code></li> > -<li>mod_fcgid-2.3.6-win32-x86.zip is signed by William A Rowe Jr > <code>B55D9977(7F7214A7)</code></li> > +<li>mod_fcgid-2.3.7.tar.* and mod_fcgid-2.3.7-crlf.zip are signed by Jeff > Trawick <code>39FF092C</code></li> > <li>mod_ftp-0.9.6-beta* are signed by William A Rowe Jr > <code>B55D9977(7F7214A7)</code></li> > </ul> > > > Modified: httpd/site/trunk/xdocs/mod_fcgid/index.en.xml > URL: > http://svn.apache.org/viewvc/httpd/site/trunk/xdocs/mod_fcgid/index.en.xml?rev=1329187&r1=1329186&r2=1329187&view=diff > ============================================================================== > --- httpd/site/trunk/xdocs/mod_fcgid/index.en.xml [utf-8] (original) > +++ httpd/site/trunk/xdocs/mod_fcgid/index.en.xml [utf-8] Mon Apr 23 11:21:13 > 2012 > @@ -18,30 +18,18 @@ > </p> > </section> > > -<section date="2010-11-06"> > - <title>mod_fcgid 2.3.6 released</title> > +<section date="2012-04-23"> > + <title>mod_fcgid 2.3.7 released</title> > > <p> > The Apache Software Foundation and the Apache HTTP Server Project are > - pleased to announce the release of version 2.3.6 of mod_fcgid, a > + pleased to announce the release of version 2.3.7 of mod_fcgid, a > FastCGI implementation for Apache HTTP Server versions 2.0, 2.2, and > - future 2.4. This version of mod_fcgid is a bug fix release. > -</p> > - > -<p> > - A fix is included for CVE-2010-3872, a potential vulnerability which > - can affect sites with untrusted FastCGI applications. > -</p> > - > -<p> > - Additionally, default configuration settings for request body handling > - have been changed to prevent large system resource use. Administrators > - of all versions of mod_fcgid are strongly cautioned to ensure that > - FcgidMaxRequestLen is configured appropriately. > + 2.4. This version of mod_fcgid is a bug fix release. > </p> > > <p> > - You can get the source and Windows binaries from > + You can get the source from > <a href="http://httpd.apache.org/download.cgi#mod_fcgid"; > >your local mirror</a> > </p> > > -- Born in Roswell... married an alien... http://emptyhammock.com/
