Date: Thu, 2 Aug 2012 02:30:14 +0000 From: "Philip M. Gollucci" <pgollucci@p6m7g8.com> To: Wesley Shields <wxs@freebsd.org> Cc: ports-security@freebsd.org, apache@freebsd.org Subject: Re: Apache 2.2.22 vuln Message-ID: <CACM2dAa-uTsSGNDe2uLH39W7-=FzVCtVfz-D03Pj_cRN6Bu4Eg@mail.gmail.com> In-Reply-To: <20120802022815.GA11600@atarininja.org> References: <7c8467ef6164399c7fc1d11960768453@nyi.unixathome.org> <20120802022815.GA11600@atarininja.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Sorry, Wesley, E-notime. However, I'read and agree with your patch. Go head. I would actually mark www/apache20 as forbidden every should be on www/apache22 anyway. Esp with the hopeful drop of www/apache24 sometime. Thanks for the work though. On Thu, Aug 2, 2012 at 2:28 AM, Wesley Shields <wxs@freebsd.org> wrote: > On Wed, Aug 01, 2012 at 11:48:02AM -0400, Dan Langille wrote: > > This post to apache@ seems to indicate that Apache 2.2.22 is vulnerable > > > > > > http://lists.freebsd.org/pipermail/freebsd-apache/2012-June/002778.html > > Would someone from apache@ please commit the patch at [1] to > www/apache22. I will be committing a VuXML about this. I will also be > marking www/apache20 as vulnerable because AFAIK it is but there's no > official patch for it. If I don't see it committed by Friday evening > (GMT-5) I will just do it myself. > > [1]: > > http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/support/envvars-std.in?r1=421103&r2=1341651 > > -- WXS > _______________________________________________ > freebsd-apache@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-apache > To unsubscribe, send any mail to "freebsd-apache-unsubscribe@freebsd.org" > -- --------------------------------------------------------------------------------------------- 1024D/DB9B8C1C B90B FBC3 A3A1 C71A 8E70 3F8C 75B8 8FFB DB9B 8C1C Philip M. Gollucci (pgollucci@p6m7g8.com) c: 703.336.9354 Member, Apache Software Foundation Committer, FreeBSD Foundation Consultant, P6M7G8 Inc. Director Operations, Ridecharge Inc. Work like you don't need the money, love like you'll never get hurt, and dance like nobody's watching.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CACM2dAa-uTsSGNDe2uLH39W7-=FzVCtVfz-D03Pj_cRN6Bu4Eg>