Great stuff Mark!!! Thanks :)
Bill
Mark Thomas wrote:
All,
I have started to put together some additional security pages based on
httpd. I have only added text for a couple vulnerabilities but the
plan is to include all those in the CVE list plus any I can find in
the archives.
The
Author: jfclere
Date: Mon Feb 26 00:16:18 2007
New Revision: 511749
URL: http://svn.apache.org/viewvc?view=revrev=511749
Log:
jk_init has to be a void in Apache httpd-1.3.x
Modified:
tomcat/connectors/trunk/jk/native/apache-1.3/mod_jk.c
Modified:
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=37072.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.
Author: jfclere
Date: Mon Feb 26 00:37:49 2007
New Revision: 511751
URL: http://svn.apache.org/viewvc?view=revrev=511751
Log:
Return HTTP_INTERNAL_SERVER_ERROR instead !OK (even !OK shoudn't be DECLINED).
Modified:
tomcat/connectors/trunk/jk/native/apache-2.0/mod_jk.c
Modified:
On Sun, 2007-02-25 at 17:34 +0100, Rainer Jung wrote:
Two more questions:
[EMAIL PROTECTED] schrieb:
Modified: tomcat/connectors/trunk/jk/native/apache-1.3/mod_jk.c
URL:
On Mon, 2007-02-26 at 16:07 +1300, Tim Whittington wrote:
Never mind the second issue - one should read the docs more carefully.
Apologies for the noise.
The missing sizeof makes me nervous still.
sizeof(char) is one and there is a sprintf()...
Cheers
Jean-Frederic
Author: jfclere
Date: Mon Feb 26 00:54:32 2007
New Revision: 511755
URL: http://svn.apache.org/viewvc?view=revrev=511755
Log:
Add a entry about jk_is_valid_property().
Modified:
tomcat/connectors/trunk/jk/xdocs/miscellaneous/changelog.xml
Modified:
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=41675.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=41695.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=41703.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=41695.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=41697.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.
I have already opened it in bugzlilla as Bug 41563.
http://issues.apache.org/bugzilla/show_bug.cgi?id=41563
Thanks,
Taka J.S.
Rainer Jung[EMAIL PROTECTED] wrote:
Please open an item in bugzilla (issues.apache.org).
Thanks,
Rainer
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=41695.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.
Author: rjung
Date: Mon Feb 26 07:16:38 2007
New Revision: 511845
URL: http://svn.apache.org/viewvc?view=revrev=511845
Log:
Adjust debug message in jk_uri_worker_map.c to make it better distinguishable
from new message regarding JkStripSession (the old message was misleading).
Make the new
Author: rjung
Date: Mon Feb 26 07:51:39 2007
New Revision: 511864
URL: http://svn.apache.org/viewvc?view=revrev=511864
Log:
Fix xml syntax of jfclere's last change log entry.
Modified:
tomcat/connectors/trunk/jk/xdocs/miscellaneous/changelog.xml
Modified:
Author: mturk
Date: Mon Feb 26 08:47:21 2007
New Revision: 511887
URL: http://svn.apache.org/viewvc?view=revrev=511887
Log:
Fix compile time warning. No functional change
Modified:
tomcat/connectors/trunk/jk/native/common/jk_map.c
Modified: tomcat/connectors/trunk/jk/native/common/jk_map.c
Hi the list,
In the class org.apache.naming.factory.EjbFactory
The exception line 136 is not forwarded to the parent class.
We have :
if (factoryClass != null) {
try {
factory = (ObjectFactory) factoryClass.newInstance();
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=41706.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.
Good stuff. Minor typo in the 5-x page:
If directory listings are enabled,
a diretcory listing will be shown.
^^
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Hi all,
the next version of mod_jk is approaching its release. A code snapshot
is available at
http://people.apache.org/~rjung/mod_jk-dev/
It is in the same format as a release download, so easy to build. Under
the same URL you can find the updated documentation.
It would be nice, if we
... and now you can find windows binaries there too (thanks Mladen) ...
http://people.apache.org/~rjung/mod_jk-dev/
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Author: mturk
Date: Mon Feb 26 11:09:41 2007
New Revision: 511951
URL: http://svn.apache.org/viewvc?view=revrev=511951
Log:
Use r-filename because mod_dir or mod_alias could already set that
Modified:
tomcat/connectors/trunk/jk/native/apache-2.0/mod_jk.c
Modified:
Author: mturk
Date: Mon Feb 26 11:11:22 2007
New Revision: 511952
URL: http://svn.apache.org/viewvc?view=revrev=511952
Log:
Use r-filename because mod_dir or mod_alias could already set that
Modified:
tomcat/connectors/trunk/jk/native/apache-1.3/mod_jk.c
Modified:
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=41706.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.
On Feb 23, 2007, at 1:10 PM, Jean-Frederic wrote:
I also have the pending patch... To prevent typos in the
properties no
beeing detected what starting httpd.
Should I include it?
Sorry for the delay... unless it's too late, why
the change from HTTP_INTERNAL_SERVER_ERROR to !OK?
Packaged and available in a few hours for sync and emerge on Gentoo.
Np with compiling or etc.
--
William L. Thomson Jr.
Gentoo/Java
signature.asc
Description: This is a digitally signed message part
Will, this doesn't belong on Gentoo - it's a dev/quality check, no different
than any other snapshot. (If you ship snaps on Gentoo, be our guest.)
William L. Thomson Jr. wrote:
Packaged and available in a few hours for sync and emerge on Gentoo.
Np with compiling or etc.
On Mon, 2007-02-26 at 13:37 -0600, William A. Rowe, Jr. wrote:
Will, this doesn't belong on Gentoo - it's a dev/quality check, no different
than any other snapshot.
Sure but it's sources of a future release, so I will make them available
for anyone to test. Just as I would with alpha, beta,
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=41706.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.
William L. Thomson Jr. wrote:
These types of bumps are minor, and I like to test myself in my own
envs. So can't hurt to make it available for others to test etc.
+1 on testing that the packages all build in advance of any release,
just please don't represent these as releases. Until you see
On Mon, 2007-02-26 at 13:56 -0600, William A. Rowe, Jr. wrote:
William L. Thomson Jr. wrote:
These types of bumps are minor, and I like to test myself in my own
envs. So can't hurt to make it available for others to test etc.
+1 on testing that the packages all build in advance of any
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=41706.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.
On Feb 26, 2007, at 11:11 AM, Rainer Jung wrote:
Hi all,
the next version of mod_jk is approaching its release. A code
snapshot is available at
http://people.apache.org/~rjung/mod_jk-dev/
It is in the same format as a release download, so easy to build.
Under the same URL you can find
Due to a bug one user found (thanks) in the new JkStripSession feature
(only in the Apache httpd implementation of it), there is now a new
tarball available at the old address.
http://people.apache.org/~rjung/mod_jk-dev/
Happy testing!
Regards,
Rainer
Author: markt
Date: Mon Feb 26 16:14:01 2007
New Revision: 512088
URL: http://svn.apache.org/viewvc?view=revrev=512088
Log:
Fix typo.
Modified:
tomcat/site/trunk/docs/security-5.html
tomcat/site/trunk/xdocs/security-5.xml
Modified: tomcat/site/trunk/docs/security-5.html
URL:
Ian Darwin wrote:
Good stuff. Minor typo in the 5-x page:
If directory listings are enabled,
a diretcory listing will be shown.
Thanks. Fixed.
Mark
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail:
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=41709.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.
38 matches
Mail list logo