1 |
Hello Duncan, |
2 |
|
3 |
|
4 |
On 06.04.2015 06:53, Duncan wrote: |
5 |
> Sebastian Pipping posted on Mon, 06 Apr 2015 01:29:19 +0200 as excerpted: |
6 |
> |
7 |
>> Published a slightly improved version now: |
8 |
>> |
9 |
>> https://gitweb.gentoo.org/proj/gentoo-news.git/tree/2015/2015-04-06- |
10 |
> apache-addhandler-addtype |
11 |
>> |
12 |
>> If there's anything wrong with it, please mail me directly (or put me in |
13 |
>> CC) so there is zero chance of slipping through. Thanks! |
14 |
> |
15 |
> [also mailing sping@g.o as requested] |
16 |
|
17 |
thanks! |
18 |
|
19 |
|
20 |
> $ echo "Apache AddHandler/AddType vulnerability protection" | wc -c |
21 |
> 51 |
22 |
> |
23 |
> GLEP 42 says max title length 44 chars. 51-44=7 chars too long. |
24 |
|
25 |
Actually, echo prints a newline that is also counted. So it's 50 and 6 |
26 |
characters too much but you still have a point :) |
27 |
|
28 |
|
29 |
> Off the top of my head, maybe just s/vulnerability/vuln/ ? That'd cut 9 |
30 |
> chars for 42, leaving two to spare. Anyone with a better idea? |
31 |
|
32 |
I made it say "exploit" now: |
33 |
|
34 |
# echo -n 'Apache AddHandler/AddType exploit protection' | wc -c |
35 |
44 |
36 |
|
37 |
I hope that's "correct enough" in terms of security language. |
38 |
The fix protections against exploits of the related vulnerability. |
39 |
|
40 |
|
41 |
> That's the big one. Here's a couple more minor English usage change |
42 |
> suggestions as well. (Changes denoted in caps here, obviously lowercase |
43 |
> them): |
44 |
> |
45 |
> Line 25, add also: |
46 |
> |
47 |
> may be helpful. Unfortunately, it can ALSO be a security threat. |
48 |
|
49 |
Fixed. |
50 |
|
51 |
|
52 |
> Line 74 s/at/in/: |
53 |
> |
54 |
> You may be using AddHandler or AddType IN other places, |
55 |
|
56 |
Fixed. |
57 |
|
58 |
|
59 |
https://gitweb.gentoo.org/proj/gentoo-news.git/commit/?id=a63ce98a6297bf371488c26c034dc22f6d8877b9 |
60 |
|
61 |
|
62 |
Thanks for the review. |
63 |
|
64 |
Best, |
65 |
|
66 |
|
67 |
|
68 |
Sebastian |