Date: Thu, 30 Sep 2004 16:55:03 -0400 From: "Peter C. Lai" <sirmoo@cowbert.net> To: Eli Dart <dart@nersc.gov> Cc: freebsd-security@freebsd.org Subject: Re: apache2 port Message-ID: <20040930205503.GS243@cowbert.net> In-Reply-To: <20040930204516.EB577F987@gemini.nersc.gov> References: <20040930204516.EB577F987@gemini.nersc.gov>
next in thread | previous in thread | raw e-mail | index | archive | help
no. you can tell by PORTVERSION in the Makefile. On Thu, Sep 30, 2004 at 01:45:16PM -0700, Eli Dart wrote: > Hi all, > > There has been another vulnerability [1] discovered in apache2. This > affects only version 2.0.51 (where it was introduced). The ports > tree is frozen, pending 5.3-R, so I assume that an update of the > apache2 port to 2.0.52 is not forthcoming any time soon. > > The question is this -- since the apache2 in the ports tree is 2.0.50 > plus patches, does the version in the ports tree have this > vulnerability? It seems that it only would if the patches to 2.0.50 > introduced the vulnerability... Does anyone know? > > Thanks! > > --eli > > > > -- Peter C. Lai University of Connecticut Dept. of Molecular and Cell Biology Yale University School of Medicine SenseLab | Research Assistant http://cowbert.2y.net/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040930205503.GS243>