The mirror system is no longer used. Most downloads are processed through a
CDN instead. European downloaders will tend to hit downloads.apache.org
which is "instantly" updated once a release artifact is committed to the
svn distribution repository.
rsync.apache should be just as instant. If not,
Why would the release system initiate an announce when the mirrors are not
up to date, they cant be, since rsync.apache still lists 2.4.51 as latest,
the process is to allow time for mirrors to get the package before
announcing it
On Mon, Dec 20, 2021 at 7:53 PM Stefan Eissing wrote:
> The
Am 20.12.2021 um 10:53 schrieb Stefan Eissing:
> The mailings to announce lists continue to bother me. The release
announcement is the the moderation queue (hopefully) and the cveprocess
mails go right through to the list. This is not the order I prefer.
>
> I am holden back the send about the
Aaah, sorry, it did come in now,, son't know whether via dev@ or
announce@. Thanks.
Am 20.12.2021 um 10:53 schrieb Stefan Eissing:
The mailings to announce lists continue to bother me. The release announcement
is the the moderation queue (hopefully) and the cveprocess mails go right
through
Hmmm, still no announcement mail received, or did I miss it?
Am 20.12.2021 um 10:53 schrieb Stefan Eissing:
The mailings to announce lists continue to bother me. The release announcement
is the the moderation queue (hopefully) and the cveprocess mails go right
through to the list. This is not
Severity: high
Description:
A carefully crafted request body can cause a buffer overflow in the mod_lua
multipart parser (r:parsebody() called from Lua scripts).
The Apache httpd team is not aware of an exploit for the vulnerabilty though it
might be possible to craft one.
This issue affects
The mailings to announce lists continue to bother me. The release announcement
is the the moderation queue (hopefully) and the cveprocess mails go right
through to the list. This is not the order I prefer.
I am holden back the send about the second CVE until I see the release
announcement
Severity: moderate
Description:
A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on)
can cause a crash (NULL pointer dereference) or, for configurations mixing
forward and reverse proxy declarations, can allow for requests to be directed
to a declared Unix Domain
With 7 +1 votes and no objections, the vote has PASSED.
Thank you all who took the time to test this! I will start the release work.
Kind Regards,
Stefan
> Am 19.12.2021 um 17:56 schrieb Steffen :
>
> +1 for Windows release.
>
> Cheers, Steffen
>
>> Op 16 dec. 2021 om 15:03 heeft Stefan
> Am 19.12.2021 um 10:36 schrieb Christophe JAILLET
> :
>
> Hi,
>
> I've been able to build mod_tls
>
> Basically, I've done:
>
> sudo apt install cargo
> sudo apt install cbindgen
>
> git clone https://github.com/rustls/rustls-ffi.git git_rustls-ffi
> sudo make install
>
> I have:
>
10 matches
Mail list logo