Date: Mon, 18 Jul 2016 20:15:17 +0000 (UTC) From: Bernard Spil <brnrd@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r418744 - head/security/vuxml Message-ID: <201607182015.u6IKFHnh008744@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: brnrd Date: Mon Jul 18 20:15:17 2016 New Revision: 418744 URL: https://svnweb.freebsd.org/changeset/ports/418744 Log: www/apache24: Fix httpoxy vulnerability (+2.2) - Mark new Apache revisions not vulnerable - Add apache22-mpm-* ports - Add Apache CVE-number Security: cf0b5668-4d1b-11e6-b2ec-b499baebfeaf Security: CVE-2016-5387 Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Mon Jul 18 20:14:19 2016 (r418743) +++ head/security/vuxml/vuln.xml Mon Jul 18 20:15:17 2016 (r418744) @@ -63,11 +63,15 @@ Notes: <affects> <package> <name>apache22</name> - <range><ge>0</ge></range> + <name>apache22-event-mpm</name> + <name>apache22-itk-mpm</name> + <name>apache22-peruser-mpm</name> + <name>apache22-worker-mpm</name> + <range><lt>2.2.31_1</lt></range> </package> <package> <name>apache24</name> - <range><ge>0</ge></range> + <range><lt>2.4.23_1</lt></range> </package> <package> <name>tomcat6</name> @@ -142,12 +146,14 @@ Notes: <url>https://www.kb.cert.org/vuls/id/797896</url>; <url>CVE-2016-5385</url> <url>CVE-2016-5386</url> + <url>CVE-2016-5387</url> <url>CVE-2016-5388</url> <url>CVE-2016-1000110</url> </references> <dates> <discovery>2016-07-18</discovery> <entry>2016-07-18</entry> + <modified>2016-07-18</modified> </dates> </vuln>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201607182015.u6IKFHnh008744>