Next update on CVE-2011-3192

I am keeping a draft at http://people.apache.org/~dirkx/CVE-2011-3192.txt Changes since last are: - version ranges more specific - vendor information added - backgrounder on relation to 2007 issues (see below to ensure I got this right). I suggest we sent this out lat

Re: Next update on CVE-2011-3192

I have a feeling that we could push this out today… I'm going to fold Stefan's path into trunk, and we should use trunk (CTR) to polish up the patch as well as add whatever other features we need. From there, backporting to 2.2/2.0 will be trivial. On Aug 25, 2011, at 4:18 AM, Dirk-Willem van Gul

RE: Next update on CVE-2011-3192

+1 Regards Rüdiger > -Original Message- > From: Jim Jagielski [mailto:j...@jagunet.com] > Sent: Donnerstag, 25. August 2011 14:13 > To: dev@httpd.apache.org > Subject: Re: Next update on CVE-2011-3192 > > I have a feeling that we could push this out today... &