{"id":10,"date":"2007-09-12T05:46:34","date_gmt":"2007-09-11T22:46:34","guid":{"rendered":"http:\/\/blog.whplus.com\/2007\/09\/12\/upgrade-apache-1337-ke-1339.html"},"modified":"2007-09-12T05:48:59","modified_gmt":"2007-09-11T22:48:59","slug":"upgrade-apache-1337-ke-1339","status":"publish","type":"post","link":"https:\/\/www.whplus.com\/blog\/2007\/09\/12\/upgrade-apache-1337-ke-1339.html","title":{"rendered":"Apache Upgrade from 1.3.37 to 1.3.39"},"content":{"rendered":"

Changes with Apache 1.3.39<\/p>\n

*) SECURITY: CVE-2006-5752 (cve.mitre.org)
\nmod_status: Fix a possible XSS attack against a site with a public
\nserver-status page and ExtendedStatus enabled, for browsers which
\nperform charset “detection”. Reported by Stefan Esser. [Joe Orton]<\/p>\n

*) SECURITY: CVE-2007-3304 (cve.mitre.org)
\nEnsure that the parent process cannot be forced to kill non-child
\nprocesses by checking scoreboard PID data with parent process
\nprivately stored PID data. [Jim Jagielski]<\/p>\n

*) mime.types: Many updates to sync with IANA registry and common
\nunregistered types that the owners refuse to register. Admins
\nare encouraged to update their installed mime.types file.
\nPR: 35550, 37798, 39317, 31483 [Roy T. Fielding]<\/p>\n","protected":false},"excerpt":{"rendered":"

Changes with Apache 1.3.39 *) SECURITY: CVE-2006-5752 (cve.mitre.org) mod_status: Fix a possible XSS attack against a site with a public server-status page and ExtendedStatus enabled, for browsers which perform charset “detection”. Reported by Stefan Esser. [Joe Orton] *) SECURITY: CVE-2007-3304 (cve.mitre.org) Ensure that the parent process cannot be forced to kill non-child processes by checking\u2026 Read More »<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-10","post","type-post","status-publish","format-standard","hentry","category-news"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.whplus.com\/blog\/wp-json\/wp\/v2\/posts\/10","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.whplus.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.whplus.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.whplus.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.whplus.com\/blog\/wp-json\/wp\/v2\/comments?post=10"}],"version-history":[{"count":0,"href":"https:\/\/www.whplus.com\/blog\/wp-json\/wp\/v2\/posts\/10\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.whplus.com\/blog\/wp-json\/wp\/v2\/media?parent=10"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.whplus.com\/blog\/wp-json\/wp\/v2\/categories?post=10"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.whplus.com\/blog\/wp-json\/wp\/v2\/tags?post=10"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}