Date: Sat, 11 Dec 2004 17:50:16 +0100 From: "Simon L. Nielsen" <simon@FreeBSD.org> To: apache@FreeBSD.org Subject: Security update for www/mod_access_referer Message-ID: <20041211165015.GI759@zaphod.nitro.dk>
next in thread | raw e-mail | index | archive | help
--nO3oAMapP4dBpMZi Content-Type: multipart/mixed; boundary="82evfD9Ogz2JrdWZ" Content-Disposition: inline --82evfD9Ogz2JrdWZ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hello mod_access_referer maintainer As recently documented in the FreeBSD VuXML document [1] there is a security vulnerability in mod_access_referer. Niels Heinen <niels.heinen@ubizen.com> has created the attached update for the port to fix the problem. Could somebody either commit this or approve it so I can commit it? Thanks in advance. [1] http://vuxml.FreeBSD.org/af747389-42ba-11d9-bd37-00065be4b5b6.html --=20 Simon L. Nielsen FreeBSD Security Team --82evfD9Ogz2JrdWZ Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="port-mod_access_referer-security-upd.patch" Content-Transfer-Encoding: quoted-printable Index: Makefile =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /home/ncvs/ports/www/mod_access_referer/Makefile,v retrieving revision 1.12 diff -u -d -r1.12 Makefile --- Makefile 18 Aug 2004 16:21:44 -0000 1.12 +++ Makefile 11 Dec 2004 16:49:36 -0000 @@ -7,6 +7,7 @@ =20 PORTNAME=3D mod_access_referer PORTVERSION=3D 1.0.2 +PORTREVISION=3D 1 CATEGORIES=3D www MASTER_SITES=3D ${MASTER_SITE_SOURCEFORGE} MASTER_SITE_SUBDIR=3D accessreferer @@ -14,6 +15,11 @@ MAINTAINER=3D apache@FreeBSD.org COMMENT=3D Provides access control based on Referer HTTP header for Apache =20 +PATCH_SITES=3D ${MASTER_SITE_SOURCEFORGE} +PATCH_SITE_SUBDIR=3D accessreferer +PATCHFILES=3D mod_access_referer_1.0.2_third_part_patch.txt +PATCH_DIST_STRIP=3D -l + WANT_APACHE=3D 13 AP_FAST_BUILD=3D YES AP_GENPLIST=3D YES Index: distinfo =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /home/ncvs/ports/www/mod_access_referer/distinfo,v retrieving revision 1.3 diff -u -d -r1.3 distinfo --- distinfo 29 Jan 2004 16:12:19 -0000 1.3 +++ distinfo 11 Dec 2004 16:15:34 -0000 @@ -1,2 +1,4 @@ MD5 (mod_access_referer-1.0.2.tar.gz) =3D f1726cfe5965eda1bdca90b8db475377 SIZE (mod_access_referer-1.0.2.tar.gz) =3D 9745 +MD5 (mod_access_referer_1.0.2_third_part_patch.txt) =3D 4a1e4c0c9f39bf522f= 36b60178256072 +SIZE (mod_access_referer_1.0.2_third_part_patch.txt) =3D 1122 --82evfD9Ogz2JrdWZ-- --nO3oAMapP4dBpMZi Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (FreeBSD) iD8DBQFBuyVHh9pcDSc1mlERAnFUAJ9isxQ3JtexZ+jHsk1hQ4Rw+A98AACcCOkA 4MWYnpJXM8FEHfTDaIsXbbo= =oC0o -----END PGP SIGNATURE----- --nO3oAMapP4dBpMZi--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041211165015.GI759>