From owner-cvs-all@FreeBSD.ORG  Tue Jul 26 10:10:35 2005
Return-Path: <owner-cvs-all@FreeBSD.ORG>
X-Original-To: cvs-all@FreeBSD.org
Delivered-To: cvs-all@FreeBSD.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id BC61B16A41F;
	Tue, 26 Jul 2005 10:10:35 +0000 (GMT)
	(envelope-from clement@FreeBSD.org)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 8326743D45;
	Tue, 26 Jul 2005 10:10:35 +0000 (GMT)
	(envelope-from clement@FreeBSD.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id j6QAAZgT015989;
	Tue, 26 Jul 2005 10:10:35 GMT
	(envelope-from clement@repoman.freebsd.org)
Received: (from clement@localhost)
	by repoman.freebsd.org (8.13.1/8.13.1/Submit) id j6QAAZGs015988;
	Tue, 26 Jul 2005 10:10:35 GMT (envelope-from clement)
Message-Id: <200507261010.j6QAAZGs015988@repoman.freebsd.org>
From: Clement Laforet <clement@FreeBSD.org>
Date: Tue, 26 Jul 2005 10:10:35 +0000 (UTC)
To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org
X-FreeBSD-CVS-Branch: HEAD
Cc: 
Subject: cvs commit: ports/www/apache2 Makefile ports/www/apache2/files
 patch-secfix-CAN-2005-1268 patch-secfix-CAN-2005-2088
 patch-secfix-ssl_engine_kernel.c
 ports/www/apache20 Makefile ports/www/apache20/files
 patch-secfix-CAN-2005-1268 patch-secfix-CAN-2005-2088
 patch-secfix-ssl_engine_kernel.c
X-BeenThere: cvs-all@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: CVS commit messages for the entire tree <cvs-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-all>
List-Post: <mailto:cvs-all@freebsd.org>
List-Help: <mailto:cvs-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Jul 2005 10:10:35 -0000

clement     2005-07-26 10:10:35 UTC

  FreeBSD ports repository

  Modified files:
    www/apache2          Makefile 
    www/apache20         Makefile 
  Added files:
    www/apache2/files    patch-secfix-CAN-2005-1268 
                         patch-secfix-CAN-2005-2088 
    www/apache20/files   patch-secfix-CAN-2005-1268 
                         patch-secfix-CAN-2005-2088 
  Removed files:
    www/apache2/files    patch-secfix-ssl_engine_kernel.c 
    www/apache20/files   patch-secfix-ssl_engine_kernel.c 
  Log:
  - Add fix for CAN-2005-2088
  From Changelog:
    *) SECURITY: CAN-2005-2088
       core: If a request contains both Transfer-Encoding and Content-Length
       headers, remove the Content-Length, mitigating some HTTP Request
       Splitting/Spoofing attacks.  [Paul Querna, Joe Orton]
  
  - Rename previous patch to CVE ID
  - bump PORTREVISION
  
  Security:       CAN-2005-2088
  Obtained From: Apache repository
  
  Revision  Changes    Path
  1.223     +1 -1      ports/www/apache2/Makefile
  1.1       +11 -0     ports/www/apache2/files/patch-secfix-CAN-2005-1268 (new)
  1.1       +20 -0     ports/www/apache2/files/patch-secfix-CAN-2005-2088 (new)
  1.2       +0 -11     ports/www/apache2/files/patch-secfix-ssl_engine_kernel.c (dead)
  1.221     +1 -1      ports/www/apache20/Makefile
  1.1       +11 -0     ports/www/apache20/files/patch-secfix-CAN-2005-1268 (new)
  1.1       +20 -0     ports/www/apache20/files/patch-secfix-CAN-2005-2088 (new)
  1.2       +0 -11     ports/www/apache20/files/patch-secfix-ssl_engine_kernel.c (dead)