On Thu, 2007-02-15 at 22:34 -0500, Mark Thomas wrote:
All,
I have started to put together some additional security pages based on
httpd. I have only added text for a couple vulnerabilities but the
plan is to include all those in the CVE list plus any I can find in
the archives.
The draft
Jean-Frederic wrote:
On Thu, 2007-02-15 at 22:34 -0500, Mark Thomas wrote:
Any comments before I commit these changes to the live site?
Add a mod_jk Apache Tomcat JK
Done, with information about the recently announced issue.
Mark
Great stuff Mark!!! Thanks :)
Bill
Mark Thomas wrote:
All,
I have started to put together some additional security pages based on
httpd. I have only added text for a couple vulnerabilities but the
plan is to include all those in the CVE list plus any I can find in
the archives.
The
Good stuff. Minor typo in the 5-x page:
If directory listings are enabled,
a diretcory listing will be shown.
^^
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Ian Darwin wrote:
Good stuff. Minor typo in the 5-x page:
If directory listings are enabled,
a diretcory listing will be shown.
Thanks. Fixed.
Mark
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail:
Hi,
On 2/20/07, Filip Hanik - Dev Lists [EMAIL PROTECTED] wrote:
sounds good, as long as we don't publish vulnerabilities until they are
indeed fix and the release has been voted stable
Agreed except the stable part. When the vulnerabilities have been
fixed in any release, including alpha /
Yoav Shapira wrote:
Hi,
On 2/20/07, Filip Hanik - Dev Lists [EMAIL PROTECTED] wrote:
sounds good, as long as we don't publish vulnerabilities until they are
indeed fix and the release has been voted stable
Agreed except the stable part. When the vulnerabilities have been
fixed in any
Hi,
On 2/20/07, Filip Hanik - Dev Lists [EMAIL PROTECTED] wrote:
The consequence of this is that you are advertising a security
vulnerability to the world, and you are leaving your users with either
continue running a stable version that everyone knows how to exploit or
to upgrade to a non
Hi,
On 2/20/07, Filip Hanik - Dev Lists [EMAIL PROTECTED] wrote:
yes, I can see a few folks doing this. But I believe most folks still
get the updated binaries from their distribution source.
for example, RedHat will apply the actual patch and rebuild for their
distro, others will do the same.
Hi,
On 2/20/07, Filip Hanik - Dev Lists [EMAIL PROTECTED] wrote:
and with all this crap said, I'm ok either way. Not trying to convince
anyone, I just thought that we should provide our users with the same
delay-courtesy that we would expect a reporting body to provide for us
I didn't pick
Mark Thomas wrote:
All,
I have started to put together some additional security pages based on
httpd. I have only added text for a couple vulnerabilities but the
plan is to include all those in the CVE list plus any I can find in
the archives.
The draft is currently on people.a.o at
Hi,
On 2/15/07, Mark Thomas [EMAIL PROTECTED] wrote:
I have started to put together some additional security pages based on
httpd. I have only added text for a couple vulnerabilities but the
plan is to include all those in the CVE list plus any I can find in
the archives.
The draft is
Good idea.
+1
2007/2/16, Mark Thomas [EMAIL PROTECTED]:
All,
I have started to put together some additional security pages based on
httpd. I have only added text for a couple vulnerabilities but the
plan is to include all those in the CVE list plus any I can find in
the archives.
The draft
13 matches
Mail list logo