From owner-freebsd-apache@FreeBSD.ORG Mon Sep 26 16:14:59 2011 Return-Path: Delivered-To: freebsd-apache@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0B0E6106566B; Mon, 26 Sep 2011 16:14:59 +0000 (UTC) (envelope-from pgollucci@p6m7g8.com) Received: from exhub015-2.exch015.msoutlookonline.net (exhub015-2.exch015.msoutlookonline.net [207.5.72.94]) by mx1.freebsd.org (Postfix) with ESMTP id E99998FC14; Mon, 26 Sep 2011 16:14:55 +0000 (UTC) Received: from philip.hq.rws (174.79.184.239) by smtpx15.msoutlookonline.net (207.5.72.103) with Microsoft SMTP Server (TLS) id 8.2.254.0; Mon, 26 Sep 2011 09:14:55 -0700 Message-ID: <4E80A4FE.6000605@p6m7g8.com> Date: Mon, 26 Sep 2011 16:14:54 +0000 From: "Philip M. Gollucci" Organization: P6M7G8 Inc. User-Agent: Mozilla/5.0 (X11; U; FreeBSD amd64; en-US; rv:1.9.1.16) Gecko/20110507 Thunderbird/3.0.11 MIME-Version: 1.0 To: Doug Barton References: <4E621BDD.9000207@FreeBSD.org> <4E621D2C.2090204@FreeBSD.org> <4E6642E0.5050101@p6m7g8.com> <4E801894.6060907@FreeBSD.org> In-Reply-To: <4E801894.6060907@FreeBSD.org> X-Enigmail-Version: 1.0.1 Content-Type: text/plain; charset="ISO-8859-1" Content-Transfer-Encoding: 7bit Cc: freebsd-apache@FreeBSD.org Subject: Re: FreeBSD port(s) you maintain which are currently vulnerable X-BeenThere: freebsd-apache@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Support of apache-related ports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Sep 2011 16:14:59 -0000 AFAIK, we should whack it when we remove www/apache20. Feel free to match the dates, or one of us will get to it. On 09/26/11 06:15, Doug Barton wrote: > On 09/06/2011 08:57, Philip M. Gollucci wrote: >> On 09/03/11 12:27, Doug Barton wrote: >>> /usr/ports/devel/apr0 >>> /usr/ports/russian/apache13 >>> /usr/ports/russian/apache13-modssl >>> /usr/ports/www/apache13-ssl >>> /usr/ports/www/apache20 >> >> We'll deal with these. > > Thanks! > > I see deprecated for: > russian/apache13 > russian/apache13-modssl > www/apache13-ssl > www/apache20 > > Nothing for: > devel/apr0 > > Is that one going to be fixed? > Affected package: apr-0.9.19.0.9.19_1 > Type of problem: apr -- multiple vulnerabilities. > Reference: > http://portaudit.FreeBSD.org/eb9212f7-526b-11de-bbf2-001b77d09812.html > > > Doug > -- ------------------------------------------------------------------------ 1024D/DB9B8C1C B90B FBC3 A3A1 C71A 8E70 3F8C 75B8 8FFB DB9B 8C1C Philip M. Gollucci (pgollucci@p6m7g8.com) c: 703.336.9354 VP Infrastructure, Apache Software Foundation Committer, FreeBSD Foundation Consultant, P6M7G8 Inc. Director Operations, Ridecharge Inc. Work like you don't need the money, love like you'll never get hurt, and dance like nobody's watching.