Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 31 Aug 2008 23:00:27 +0000 (UTC)
From:      Clement Laforet <clement@FreeBSD.org>
To:        ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org
Subject:   cvs commit: ports/www/apache22 Makefile pkg-plist ports/www/apache22/files apache22.sh.in patch-CVE-2008-2939
Message-ID:  <200808312300.m7VN0RJV025926@repoman.freebsd.org>

next in thread | raw e-mail | index | archive | help
clement     2008-08-31 23:00:27 UTC

  FreeBSD ports repository

  Modified files:
    www/apache22         Makefile pkg-plist 
    www/apache22/files   apache22.sh.in 
  Added files:
    www/apache22/files   patch-CVE-2008-2939 
  Log:
  - Yet Another Plist Fix [1]
  - Completely shut up rc.d script when no profiles are enabled
    (add add support to disable profiles) [2]
  - Fix CVE-2008-2939 for mod_proxy_ftp
    (XSS attacks when using wildcards in the path of the FTP URL)
  - Add "apache22_fib" to start apache22 prefixed by
    "setfib -F ${apache22_fib}", so apache can use an alternate
    network view (not carefully tested yet)
  - Revert previous patch to "fix" missing rc.d scripts. It
    actually breaks profiles.
  - Bump PORTREVISION
  
  PR:             ports/126670 [1],
                  ports/116627 [2]
  Submitted by:   Joseph S. Atkinson [1],
                  Eygene Ryabinkin [2]
  Security:       CVE-2008-2939
  
  Special thanks to: pgollucci@
  
  Revision  Changes    Path
  1.222     +5 -3      ports/www/apache22/Makefile
  1.6       +43 -2     ports/www/apache22/files/apache22.sh.in
  1.1       +11 -0     ports/www/apache22/files/patch-CVE-2008-2939 (new)
  1.89      +3 -2      ports/www/apache22/pkg-plist



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200808312300.m7VN0RJV025926>