From owner-cvs-ports@FreeBSD.ORG  Thu Jul 27 20:26:37 2006
Return-Path: <owner-cvs-ports@FreeBSD.ORG>
X-Original-To: cvs-ports@FreeBSD.org
Delivered-To: cvs-ports@FreeBSD.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 6DE1C16A4DD;
	Thu, 27 Jul 2006 20:26:37 +0000 (UTC)
	(envelope-from clement@FreeBSD.org)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 0B69043D66;
	Thu, 27 Jul 2006 20:26:29 +0000 (GMT)
	(envelope-from clement@FreeBSD.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.13.6/8.13.6) with ESMTP id k6RKQTcp017564;
	Thu, 27 Jul 2006 20:26:29 GMT
	(envelope-from clement@repoman.freebsd.org)
Received: (from clement@localhost)
	by repoman.freebsd.org (8.13.6/8.13.4/Submit) id k6RKQTYK017563;
	Thu, 27 Jul 2006 20:26:29 GMT (envelope-from clement)
Message-Id: <200607272026.k6RKQTYK017563@repoman.freebsd.org>
From: Clement Laforet <clement@FreeBSD.org>
Date: Thu, 27 Jul 2006 20:26:29 +0000 (UTC)
To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org
X-FreeBSD-CVS-Branch: HEAD
Cc: 
Subject: cvs commit: ports/www/apache13-modperl Makefile
 ports/www/apache13-modperl/files
 patch-secfix-CVE-2006-3747 ports/www/apache13-ssl Makefile
 ports/www/apache13-ssl/files patch-secfix-CVE-2006-3747 ports/www/apache20
 Makefile ports/www/apache20/files patch-secfix-CVE-2006-3747 ...
X-BeenThere: cvs-ports@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: CVS commit messages for the ports tree <cvs-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-ports>,
	<mailto:cvs-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-ports>
List-Post: <mailto:cvs-ports@freebsd.org>
List-Help: <mailto:cvs-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-ports>,
	<mailto:cvs-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Jul 2006 20:26:37 -0000

clement     2006-07-27 20:26:29 UTC

  FreeBSD ports repository

  Modified files:
    www/apache13-modperl Makefile 
    www/apache13-ssl     Makefile 
    www/apache20         Makefile 
    www/apache21         Makefile 
    www/apache22         Makefile 
  Added files:
    www/apache13-modperl/files patch-secfix-CVE-2006-3747 
    www/apache13-ssl/files patch-secfix-CVE-2006-3747 
    www/apache20/files   patch-secfix-CVE-2006-3747 
    www/apache21/files   patch-secfix-CVE-2006-3747 
    www/apache22/files   patch-secfix-CVE-2006-3747 
  Log:
  - Fix security issue in mod_rewrite.
  All people using mod_rewrite are strongly encouraged to update.
  
  An off-by-one flaw exists in the Rewrite module, mod_rewrite.
  Depending on the manner in which Apache httpd was compiled, this
  software defect may result in a vulnerability which, in combination
  with certain types of Rewrite rules in the web server configuration
  files, could be triggered remotely.  For vulnerable builds, the nature
  of the vulnerability can be denial of service (crashing of web server
  processes) or potentially allow arbitrary code execution.
  This issue has been rated as having important security impact
  by the Apache HTTP Server Security Team
  
  Updates to latest versions will follow soon.
  
  Notified by:    so@ (simon)
  Obtained from:  Apache Security Team
  Security:       CVE-2006-3747
  
  Revision  Changes    Path
  1.15      +1 -0      ports/www/apache13-modperl/Makefile
  1.1       +13 -0     ports/www/apache13-modperl/files/patch-secfix-CVE-2006-3747 (new)
  1.119     +1 -1      ports/www/apache13-ssl/Makefile
  1.1       +13 -0     ports/www/apache13-ssl/files/patch-secfix-CVE-2006-3747 (new)
  1.241     +1 -1      ports/www/apache20/Makefile
  1.1       +13 -0     ports/www/apache20/files/patch-secfix-CVE-2006-3747 (new)
  1.186     +1 -1      ports/www/apache21/Makefile
  1.1       +13 -0     ports/www/apache21/files/patch-secfix-CVE-2006-3747 (new)
  1.195     +1 -0      ports/www/apache22/Makefile
  1.1       +13 -0     ports/www/apache22/files/patch-secfix-CVE-2006-3747 (new)