On Thu, Sep 01, 2011 at 07:06:27PM +0000, Chris Rees wrote: > crees 2011-09-01 19:06:27 UTC > > FreeBSD ports repository > > Modified files: > security/vuxml vuln.xml > Log: > Correct range for apache22, 2.2.20 is fixed and 1.3 wasn't affected. >
According to http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192 1.3 _is_ affected and there will be no fix for 1.3: "Note that, while popular, Apache 1.3 is deprecated." (from announce@httpd advisory about ranges bug). -- http://ache.vniz.net/ _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscr...@freebsd.org"