On 7/14/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
Author: sctemme
Date: Sat Jul 14 10:03:18 2007
New Revision: 556298
URL: http://svn.apache.org/viewvc?view=rev&rev=556298
Log:
Backport of 2.0.x PID table problem fix
+ *) SECURITY: CVE-2007-3304 (cve.mitre.org)
+ scoreboard pid protection fixes -- the only fix for 2.0.x is
+ to ensure a valid positive pid is passed to apr_proc_wait();
+ the MPMs do not kill children directly as in 2.2.x.
assert(
CVE-2007-3304 does not apply to 2.0.x. This commit is a fix in the
same general area as the 2.2.x vulnerability and should not have the
SECURITY/CVE label.
)
