Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 15 Sep 2011 05:10:10 GMT
From:      dfilter@FreeBSD.ORG (dfilter service)
To:        apache@FreeBSD.org
Subject:   Re: ports/160743: commit references a PR
Message-ID:  <201109150510.p8F5A9Em035620@freefall.freebsd.org>

next in thread | raw e-mail | index | archive | help
The following reply was made to PR ports/160743; it has been noted by GNATS.

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/160743: commit references a PR
Date: Thu, 15 Sep 2011 05:00:38 +0000 (UTC)

 ohauer      2011-09-15 05:00:28 UTC
 
   FreeBSD ports repository
 
   Modified files:
     www/apache22         Makefile distinfo 
   Log:
   - update to version 2.2.21
   
   Addresses:
   * SECURITY: CVE-2011-3348 (cve.mitre.org)
    mod_proxy_ajp when combined with mod_proxy_balancer: Prevents
    unrecognized HTTP methods from marking ajp: balancer members
    in an error state, avoiding denial of service.
   
   * SECURITY: CVE-2011-3192 (cve.mitre.org)
    core: Further fixes to the handling of byte-range requests to use
    less memory, to avoid denial of service. This patch includes fixes
    to the patch introduced in release 2.2.20 for protocol compliance,
    as well as the MaxRanges directive.
   
   PR:             ports/160743
   Submitted by:   Jason Helfman <jhelfman@experts-exchange.com>
   
   Revision  Changes    Path
   1.293     +2 -2      ports/www/apache22/Makefile
   1.86      +2 -2      ports/www/apache22/distinfo
 _______________________________________________
 cvs-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/cvs-all
 To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
 



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201109150510.p8F5A9Em035620>