Hi,
I just noticed that it was missed to mention that CVE-2005-2970 has been fixed
with httpd 2.0.55 (See the following
entry from 2.0.55 Changelog:
*) worker MPM: Fix a memory leak which can occur after an aborted
connection in some limited circumstances. [Greg Ames]
)
The entry is missing in the Changelog (which cannot be changed any longer for
2.0.55,
btw: does it make sense to adjust this entry such that this hint will be
included in
2.0.56?)
as well as on http://httpd.apache.org/security/vulnerabilities_20.html
As I see that the vulnerabilities files are basicly only adjusted by one person
the question for me is:
Should I add it or not?
Regards
RĂ¼diger
