diff options
author | nectar <nectar@FreeBSD.org> | 2004-08-23 05:44:40 +0800 |
---|---|---|
committer | nectar <nectar@FreeBSD.org> | 2004-08-23 05:44:40 +0800 |
commit | 1420b2490a4699f738f2dfb5173243d8047a7e7d (patch) | |
tree | c81ede09fba8d24e98f693d18ad7e63906bc7c01 | |
parent | 9f366027119909e08dfd40ed43dda098f52b5d97 (diff) | |
download | freebsd-ports-gnome-1420b2490a4699f738f2dfb5173243d8047a7e7d.tar.gz freebsd-ports-gnome-1420b2490a4699f738f2dfb5173243d8047a7e7d.tar.zst freebsd-ports-gnome-1420b2490a4699f738f2dfb5173243d8047a7e7d.zip |
Cancel a VuXML entry for an Apache vulnerability that does not affect
FreeBSD.
Reminded by: recent conversations :-)
-rw-r--r-- | security/vuxml/vuln.xml | 43 |
1 files changed, 1 insertions, 42 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 28d2dd656ba2..bb5d5171a7eb 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -2279,48 +2279,7 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. </vuln> <vuln vid="3362f2c1-8344-11d8-a41f-0020ed76ef5a"> - <topic>apache 2 denial-of-service attack (does not affect FreeBSD)</topic> - <affects> - <package> - <name>apache</name> - <range><lt>0</lt></range> - </package> - </affects> - <description> - <body xmlns="http://www.w3.org/1999/xhtml"> - <p><em>NOTE WELL:</em> This issue does not affect any FreeBSD - platform. It is recorded only for reference.</p> - <p>A denial-of-service issue was reported by Jeff Trawick. From - the CVS commit log for the fix:</p> - <blockquote cite=""> - <p>Fix starvation issue on listening sockets where a - short-lived connection on a rarely-accessed listening - socket will cause a child to hold the accept mutex and - block out new connections until another connection arrives - on that rarely-accessed listening socket. With Apache - 2.x there is no performance concern about enabling the - logic for platforms which don't need it, so it is enabled - everywhere except for Win32.</p> - </blockquote> - <p>It was determined that this issue does not affect - FreeBSD systems. From the Apache security advisory:</p> - <blockquote cite="http://www.apacheweek.com/features/security-20"> - <p>This issue is known to affect some versions of AIX, - Solaris, and Tru64; it is known to not affect FreeBSD or - Linux.</p> - </blockquote> - </body> - </description> - <references> - <cvename>CAN-2004-0174</cvename> - <url>http://marc.theaimsgroup.com/?l=bugtraq&m=107973894328806</url> - <url>http://marc.theaimsgroup.com/?l=apache-cvs&m=107969495524201</url> - <url>http://www.apacheweek.com/features/security-20</url> - </references> - <dates> - <discovery>2004-03-19</discovery> - <entry>2004-03-31</entry> - </dates> + <cancelled /> </vuln> <vuln vid="5e7f58c3-b3f8-4258-aeb8-795e5e940ff8"> |