Author: mjc
Date: Tue Jun 8 11:42:36 2021
New Revision: 1890598
URL: http://svn.apache.org/viewvc?rev=1890598&view=rev
Log:
Fix the release date and version
Modified:
httpd/site/trunk/content/security/json/CVE-2019-17567.json
httpd/site/trunk/content/security/json/CVE-2020-13938.json
httpd/site/trunk/content/security/json/CVE-2020-13950.json
httpd/site/trunk/content/security/json/CVE-2020-35452.json
httpd/site/trunk/content/security/json/CVE-2021-26690.json
httpd/site/trunk/content/security/json/CVE-2021-26691.json
httpd/site/trunk/content/security/json/CVE-2021-30641.json
httpd/site/trunk/content/security/json/CVE-2021-31618.json
Modified: httpd/site/trunk/content/security/json/CVE-2019-17567.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2019-17567.json?rev=1890598&r1=1890597&r2=1890598&view=diff
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2019-17567.json (original)
+++ httpd/site/trunk/content/security/json/CVE-2019-17567.json Tue Jun 8 11:42:36 2021
@@ -13,14 +13,14 @@
"value": "reported"
},
{
- "time": "--",
+ "time": "2021-06-01",
"lang": "eng",
"value": "public"
},
{
- "time": "--",
+ "time": "2021-06-01",
"lang": "eng",
- "value": "2.4.47 released"
+ "value": "2.4.48 released"
}
],
"CNA_private": {
@@ -30,7 +30,7 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "--",
+ "DATE_PUBLIC": "2021-06-01",
"ID": "CVE-2019-17567",
"TITLE": "mod_proxy_wstunnel tunneling of non Upgraded connections"
},
@@ -210,4 +210,4 @@
]
}
}
-}
\ No newline at end of file
+}
Modified: httpd/site/trunk/content/security/json/CVE-2020-13938.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2020-13938.json?rev=1890598&r1=1890597&r2=1890598&view=diff
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2020-13938.json (original)
+++ httpd/site/trunk/content/security/json/CVE-2020-13938.json Tue Jun 8 11:42:36 2021
@@ -13,14 +13,14 @@
"value": "reported"
},
{
- "time": "--",
+ "time": "2021-06-01",
"lang": "eng",
"value": "public"
},
{
- "time": "--",
+ "time": "2021-06-01",
"lang": "eng",
- "value": "2.4.47 released"
+ "value": "2.4.48 released"
}
],
"CNA_private": {
@@ -30,7 +30,7 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "--",
+ "DATE_PUBLIC": "2021-06-01",
"ID": "CVE-2020-13938",
"TITLE": "Improper Handling of Insufficient Privileges"
},
Modified: httpd/site/trunk/content/security/json/CVE-2020-13950.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2020-13950.json?rev=1890598&r1=1890597&r2=1890598&view=diff
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2020-13950.json (original)
+++ httpd/site/trunk/content/security/json/CVE-2020-13950.json Tue Jun 8 11:42:36 2021
@@ -13,14 +13,14 @@
"value": "reported"
},
{
- "time": "--",
+ "time": "2021-06-01",
"lang": "eng",
"value": "public"
},
{
- "time": "--",
+ "time": "2021-06-01",
"lang": "eng",
- "value": "2.4.47 released"
+ "value": "2.4.48 released"
}
],
"CNA_private": {
@@ -30,7 +30,7 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "--",
+ "DATE_PUBLIC": "2021-06-01",
"ID": "CVE-2020-13950",
"TITLE": "mod_proxy_http NULL pointer dereference"
},
@@ -105,4 +105,4 @@
]
}
}
-}
\ No newline at end of file
+}
Modified: httpd/site/trunk/content/security/json/CVE-2020-35452.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2020-35452.json?rev=1890598&r1=1890597&r2=1890598&view=diff
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2020-35452.json (original)
+++ httpd/site/trunk/content/security/json/CVE-2020-35452.json Tue Jun 8 11:42:36 2021
@@ -13,14 +13,14 @@
"value": "reported"
},
{
- "time": "--",
+ "time": "2021-06-01",
"lang": "eng",
"value": "public"
},
{
- "time": "--",
+ "time": "2021-06-01",
"lang": "eng",
- "value": "2.4.47 released"
+ "value": "2.4.48 released"
}
],
"CNA_private": {
@@ -30,7 +30,7 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "--",
+ "DATE_PUBLIC": "2021-06-01",
"ID": "CVE-2020-35452",
"TITLE": "mod_auth_digest possible stack overflow by one nul byte"
},
@@ -235,4 +235,4 @@
]
}
}
-}
\ No newline at end of file
+}
Modified: httpd/site/trunk/content/security/json/CVE-2021-26690.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2021-26690.json?rev=1890598&r1=1890597&r2=1890598&view=diff
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2021-26690.json (original)
+++ httpd/site/trunk/content/security/json/CVE-2021-26690.json Tue Jun 8 11:42:36 2021
@@ -13,14 +13,14 @@
"value": "reported"
},
{
- "time": "--",
+ "time": "2021-06-01",
"lang": "eng",
"value": "public"
},
{
- "time": "--",
+ "time": "2021-06-01",
"lang": "eng",
- "value": "2.4.47 released"
+ "value": "2.4.48 released"
}
],
"CNA_private": {
@@ -30,7 +30,7 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "--",
+ "DATE_PUBLIC": "2021-06-01",
"ID": "CVE-2021-26690",
"TITLE": "mod_session NULL pointer dereference"
},
@@ -235,4 +235,4 @@
]
}
}
-}
\ No newline at end of file
+}
Modified: httpd/site/trunk/content/security/json/CVE-2021-26691.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2021-26691.json?rev=1890598&r1=1890597&r2=1890598&view=diff
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2021-26691.json (original)
+++ httpd/site/trunk/content/security/json/CVE-2021-26691.json Tue Jun 8 11:42:36 2021
@@ -13,14 +13,14 @@
"value": "reported"
},
{
- "time": "--",
+ "time": "2021-06-01",
"lang": "eng",
"value": "public"
},
{
- "time": "--",
+ "time": "2021-06-01",
"lang": "eng",
- "value": "2.4.47 released"
+ "value": "2.4.48 released"
}
],
"CNA_private": {
@@ -30,7 +30,7 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "--",
+ "DATE_PUBLIC": "2021-06-01",
"ID": "CVE-2021-26691",
"TITLE": "mod_session response handling heap overflow"
},
@@ -235,4 +235,4 @@
]
}
}
-}
\ No newline at end of file
+}
Modified: httpd/site/trunk/content/security/json/CVE-2021-30641.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2021-30641.json?rev=1890598&r1=1890597&r2=1890598&view=diff
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2021-30641.json (original)
+++ httpd/site/trunk/content/security/json/CVE-2021-30641.json Tue Jun 8 11:42:36 2021
@@ -13,14 +13,14 @@
"value": "reported"
},
{
- "time": "--",
+ "time": "2021-06-01",
"lang": "eng",
"value": "public"
},
{
- "time": "--",
+ "time": "2021-06-01",
"lang": "eng",
- "value": "2.4.47 released"
+ "value": "2.4.48 released"
}
],
"CNA_private": {
@@ -30,7 +30,7 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "--",
+ "DATE_PUBLIC": "2021-06-01",
"ID": "CVE-2021-30641",
"TITLE": "Unexpected URL matching with 'MergeSlashes OFF'"
},
@@ -110,4 +110,4 @@
]
}
}
-}
\ No newline at end of file
+}
Modified: httpd/site/trunk/content/security/json/CVE-2021-31618.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2021-31618.json?rev=1890598&r1=1890597&r2=1890598&view=diff
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2021-31618.json (original)
+++ httpd/site/trunk/content/security/json/CVE-2021-31618.json Tue Jun 8 11:42:36 2021
@@ -8,7 +8,7 @@
"CVE_data_meta": {
"ID": "CVE-2021-31618",
"ASSIGNER": "security@apache.org",
- "DATE_PUBLIC": "",
+ "DATE_PUBLIC": "2021-06-01",
"TITLE": "NULL pointer dereference on specially crafted HTTP/2 request",
"AKA": "",
"STATE": "DRAFT"
@@ -32,7 +32,7 @@
{
"version_name": "",
"version_affected": "<=",
- "version_value": "2.4.47",
+ "version_value": "2.4.48",
"platform": ""
}
]
@@ -59,7 +59,7 @@
"description": {
"description_data": [.
{
- "value": "Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and HTTP response is sent to the client with a status code indicating why the request was rejected.\n\nThis rejection response was not fully initialised in the HTTP/2 protocol handler if the offending header was the very first one received or appeared in a a footer. This led to a NULL pointer dereference on initialised memory, crashing reliably the child process. Since such a triggering HTTP/2 request is easy to craft and submit, this can be exploited to DoS the server.\n\nThis affected versions prior to 2.4.47",
+ "value": "Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and HTTP response is sent to the client with a status code indicating why the request was rejected.\n\nThis rejection response was not fully initialised in the HTTP/2 protocol handler if the offending header was the very first one received or appeared in a a footer. This led to a NULL pointer dereference on initialised memory, crashing reliably the child process. Since such a triggering HTTP/2 request is easy to craft and submit, this can be exploited to DoS the server.\n\nThis affected versions prior to 2.4.48",
"lang": "eng"
}
]
@@ -114,12 +114,12 @@
"value": "reported"
},
{
- "time": "--",
+ "time": "2021-06-01",
"lang": "eng",
"value": "public"
},
{
- "time": "--",
+ "time": "2021-06-01",
"lang": "eng",
"value": "2.4.48 released"
}
Date: Tue Jun 8 11:42:36 2021
New Revision: 1890598
URL: http://svn.apache.org/viewvc?rev=1890598&view=rev
Log:
Fix the release date and version
Modified:
httpd/site/trunk/content/security/json/CVE-2019-17567.json
httpd/site/trunk/content/security/json/CVE-2020-13938.json
httpd/site/trunk/content/security/json/CVE-2020-13950.json
httpd/site/trunk/content/security/json/CVE-2020-35452.json
httpd/site/trunk/content/security/json/CVE-2021-26690.json
httpd/site/trunk/content/security/json/CVE-2021-26691.json
httpd/site/trunk/content/security/json/CVE-2021-30641.json
httpd/site/trunk/content/security/json/CVE-2021-31618.json
Modified: httpd/site/trunk/content/security/json/CVE-2019-17567.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2019-17567.json?rev=1890598&r1=1890597&r2=1890598&view=diff
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2019-17567.json (original)
+++ httpd/site/trunk/content/security/json/CVE-2019-17567.json Tue Jun 8 11:42:36 2021
@@ -13,14 +13,14 @@
"value": "reported"
},
{
- "time": "--",
+ "time": "2021-06-01",
"lang": "eng",
"value": "public"
},
{
- "time": "--",
+ "time": "2021-06-01",
"lang": "eng",
- "value": "2.4.47 released"
+ "value": "2.4.48 released"
}
],
"CNA_private": {
@@ -30,7 +30,7 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "--",
+ "DATE_PUBLIC": "2021-06-01",
"ID": "CVE-2019-17567",
"TITLE": "mod_proxy_wstunnel tunneling of non Upgraded connections"
},
@@ -210,4 +210,4 @@
]
}
}
-}
\ No newline at end of file
+}
Modified: httpd/site/trunk/content/security/json/CVE-2020-13938.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2020-13938.json?rev=1890598&r1=1890597&r2=1890598&view=diff
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2020-13938.json (original)
+++ httpd/site/trunk/content/security/json/CVE-2020-13938.json Tue Jun 8 11:42:36 2021
@@ -13,14 +13,14 @@
"value": "reported"
},
{
- "time": "--",
+ "time": "2021-06-01",
"lang": "eng",
"value": "public"
},
{
- "time": "--",
+ "time": "2021-06-01",
"lang": "eng",
- "value": "2.4.47 released"
+ "value": "2.4.48 released"
}
],
"CNA_private": {
@@ -30,7 +30,7 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "--",
+ "DATE_PUBLIC": "2021-06-01",
"ID": "CVE-2020-13938",
"TITLE": "Improper Handling of Insufficient Privileges"
},
Modified: httpd/site/trunk/content/security/json/CVE-2020-13950.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2020-13950.json?rev=1890598&r1=1890597&r2=1890598&view=diff
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2020-13950.json (original)
+++ httpd/site/trunk/content/security/json/CVE-2020-13950.json Tue Jun 8 11:42:36 2021
@@ -13,14 +13,14 @@
"value": "reported"
},
{
- "time": "--",
+ "time": "2021-06-01",
"lang": "eng",
"value": "public"
},
{
- "time": "--",
+ "time": "2021-06-01",
"lang": "eng",
- "value": "2.4.47 released"
+ "value": "2.4.48 released"
}
],
"CNA_private": {
@@ -30,7 +30,7 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "--",
+ "DATE_PUBLIC": "2021-06-01",
"ID": "CVE-2020-13950",
"TITLE": "mod_proxy_http NULL pointer dereference"
},
@@ -105,4 +105,4 @@
]
}
}
-}
\ No newline at end of file
+}
Modified: httpd/site/trunk/content/security/json/CVE-2020-35452.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2020-35452.json?rev=1890598&r1=1890597&r2=1890598&view=diff
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2020-35452.json (original)
+++ httpd/site/trunk/content/security/json/CVE-2020-35452.json Tue Jun 8 11:42:36 2021
@@ -13,14 +13,14 @@
"value": "reported"
},
{
- "time": "--",
+ "time": "2021-06-01",
"lang": "eng",
"value": "public"
},
{
- "time": "--",
+ "time": "2021-06-01",
"lang": "eng",
- "value": "2.4.47 released"
+ "value": "2.4.48 released"
}
],
"CNA_private": {
@@ -30,7 +30,7 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "--",
+ "DATE_PUBLIC": "2021-06-01",
"ID": "CVE-2020-35452",
"TITLE": "mod_auth_digest possible stack overflow by one nul byte"
},
@@ -235,4 +235,4 @@
]
}
}
-}
\ No newline at end of file
+}
Modified: httpd/site/trunk/content/security/json/CVE-2021-26690.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2021-26690.json?rev=1890598&r1=1890597&r2=1890598&view=diff
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2021-26690.json (original)
+++ httpd/site/trunk/content/security/json/CVE-2021-26690.json Tue Jun 8 11:42:36 2021
@@ -13,14 +13,14 @@
"value": "reported"
},
{
- "time": "--",
+ "time": "2021-06-01",
"lang": "eng",
"value": "public"
},
{
- "time": "--",
+ "time": "2021-06-01",
"lang": "eng",
- "value": "2.4.47 released"
+ "value": "2.4.48 released"
}
],
"CNA_private": {
@@ -30,7 +30,7 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "--",
+ "DATE_PUBLIC": "2021-06-01",
"ID": "CVE-2021-26690",
"TITLE": "mod_session NULL pointer dereference"
},
@@ -235,4 +235,4 @@
]
}
}
-}
\ No newline at end of file
+}
Modified: httpd/site/trunk/content/security/json/CVE-2021-26691.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2021-26691.json?rev=1890598&r1=1890597&r2=1890598&view=diff
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2021-26691.json (original)
+++ httpd/site/trunk/content/security/json/CVE-2021-26691.json Tue Jun 8 11:42:36 2021
@@ -13,14 +13,14 @@
"value": "reported"
},
{
- "time": "--",
+ "time": "2021-06-01",
"lang": "eng",
"value": "public"
},
{
- "time": "--",
+ "time": "2021-06-01",
"lang": "eng",
- "value": "2.4.47 released"
+ "value": "2.4.48 released"
}
],
"CNA_private": {
@@ -30,7 +30,7 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "--",
+ "DATE_PUBLIC": "2021-06-01",
"ID": "CVE-2021-26691",
"TITLE": "mod_session response handling heap overflow"
},
@@ -235,4 +235,4 @@
]
}
}
-}
\ No newline at end of file
+}
Modified: httpd/site/trunk/content/security/json/CVE-2021-30641.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2021-30641.json?rev=1890598&r1=1890597&r2=1890598&view=diff
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2021-30641.json (original)
+++ httpd/site/trunk/content/security/json/CVE-2021-30641.json Tue Jun 8 11:42:36 2021
@@ -13,14 +13,14 @@
"value": "reported"
},
{
- "time": "--",
+ "time": "2021-06-01",
"lang": "eng",
"value": "public"
},
{
- "time": "--",
+ "time": "2021-06-01",
"lang": "eng",
- "value": "2.4.47 released"
+ "value": "2.4.48 released"
}
],
"CNA_private": {
@@ -30,7 +30,7 @@
"ASSIGNER": "security@apache.org",
"AKA": "",
"STATE": "PUBLIC",
- "DATE_PUBLIC": "--",
+ "DATE_PUBLIC": "2021-06-01",
"ID": "CVE-2021-30641",
"TITLE": "Unexpected URL matching with 'MergeSlashes OFF'"
},
@@ -110,4 +110,4 @@
]
}
}
-}
\ No newline at end of file
+}
Modified: httpd/site/trunk/content/security/json/CVE-2021-31618.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2021-31618.json?rev=1890598&r1=1890597&r2=1890598&view=diff
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2021-31618.json (original)
+++ httpd/site/trunk/content/security/json/CVE-2021-31618.json Tue Jun 8 11:42:36 2021
@@ -8,7 +8,7 @@
"CVE_data_meta": {
"ID": "CVE-2021-31618",
"ASSIGNER": "security@apache.org",
- "DATE_PUBLIC": "",
+ "DATE_PUBLIC": "2021-06-01",
"TITLE": "NULL pointer dereference on specially crafted HTTP/2 request",
"AKA": "",
"STATE": "DRAFT"
@@ -32,7 +32,7 @@
{
"version_name": "",
"version_affected": "<=",
- "version_value": "2.4.47",
+ "version_value": "2.4.48",
"platform": ""
}
]
@@ -59,7 +59,7 @@
"description": {
"description_data": [.
{
- "value": "Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and HTTP response is sent to the client with a status code indicating why the request was rejected.\n\nThis rejection response was not fully initialised in the HTTP/2 protocol handler if the offending header was the very first one received or appeared in a a footer. This led to a NULL pointer dereference on initialised memory, crashing reliably the child process. Since such a triggering HTTP/2 request is easy to craft and submit, this can be exploited to DoS the server.\n\nThis affected versions prior to 2.4.47",
+ "value": "Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and HTTP response is sent to the client with a status code indicating why the request was rejected.\n\nThis rejection response was not fully initialised in the HTTP/2 protocol handler if the offending header was the very first one received or appeared in a a footer. This led to a NULL pointer dereference on initialised memory, crashing reliably the child process. Since such a triggering HTTP/2 request is easy to craft and submit, this can be exploited to DoS the server.\n\nThis affected versions prior to 2.4.48",
"lang": "eng"
}
]
@@ -114,12 +114,12 @@
"value": "reported"
},
{
- "time": "--",
+ "time": "2021-06-01",
"lang": "eng",
"value": "public"
},
{
- "time": "--",
+ "time": "2021-06-01",
"lang": "eng",
"value": "2.4.48 released"
}