From owner-freebsd-apache@FreeBSD.ORG Sat Dec 11 17:11:08 2004 Return-Path: Delivered-To: freebsd-apache@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BA96716A4CE for ; Sat, 11 Dec 2004 17:11:08 +0000 (GMT) Received: from goofy.cultdeadsheep.org (charon.cultdeadsheep.org [80.65.226.72]) by mx1.FreeBSD.org (Postfix) with SMTP id 3703A43D46 for ; Sat, 11 Dec 2004 17:11:07 +0000 (GMT) (envelope-from clement@FreeBSD.org) Received: (qmail 67197 invoked by uid 89); 11 Dec 2004 18:11:04 +0100 Received: from clement@FreeBSD.org by goofy.cultdeadsheep.org by uid 89 with qmail-scanner-1.22 (clamdscan: 0.74. spamassassin: 2.63. Clear:RC:1(192.168.0.8):. Processed in 0.175624 secs); 11 Dec 2004 17:11:04 -0000 X-Qmail-Scanner-Mail-From: clement@FreeBSD.org via goofy.cultdeadsheep.org X-Qmail-Scanner: 1.22 (Clear:RC:1(192.168.0.8):. Processed in 0.175624 secs) Received: from unknown (HELO persephone.cultdeadsheep.org) (192.168.0.8) by goofy.cultdeadsheep.org with SMTP; 11 Dec 2004 18:11:03 +0100 Received: (qmail 11933 invoked from network); 11 Dec 2004 18:10:17 +0100 Received: from unknown (HELO localhost) (192.168.0.4) by persephone.cultdeadsheep.org with SMTP; 11 Dec 2004 18:10:17 +0100 Date: Sat, 11 Dec 2004 18:10:50 +0100 From: Clement Laforet To: "Simon L. Nielsen" Message-Id: <20041211181050.675ea844.clement@FreeBSD.org> In-Reply-To: <20041211165015.GI759@zaphod.nitro.dk> References: <20041211165015.GI759@zaphod.nitro.dk> Organization: FreeBSD Project X-Mailer: Sylpheed version 1.0.0beta1 (GTK+ 1.2.10; i386-portbld-freebsd5.3) Mime-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg="pgp-sha1"; boundary="Signature=_Sat__11_Dec_2004_18_10_50_+0100_AnYt8EQIPMhi12Us" cc: apache@FreeBSD.org Subject: Re: Security update for www/mod_access_referer X-BeenThere: freebsd-apache@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Support of apache-related ports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Dec 2004 17:11:08 -0000 --Signature=_Sat__11_Dec_2004_18_10_50_+0100_AnYt8EQIPMhi12Us Content-Type: text/plain; charset=US-ASCII Content-Disposition: inline Content-Transfer-Encoding: 7bit On Sat, 11 Dec 2004 17:50:16 +0100 "Simon L. Nielsen" wrote: > Hello mod_access_referer maintainer Hello fellow secteam member :) > As recently documented in the FreeBSD VuXML document [1] there is a > security vulnerability in mod_access_referer. > > Niels Heinen has created the attached update > for the port to fix the problem. Could somebody either commit this or > approve it so I can commit it? Approved :) BTY, can please you add: DIST_SUBDIR= apache in the Makefile ? clem --Signature=_Sat__11_Dec_2004_18_10_50_+0100_AnYt8EQIPMhi12Us Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (FreeBSD) iD8DBQFBuyofsRhfjwcjuh0RAqKEAKCfhAXMS5YDBQpjvQdqQ3wYQHldjgCgxwux F6MKctDMV+7xG5bs7mhHxhA= =e+Di -----END PGP SIGNATURE----- --Signature=_Sat__11_Dec_2004_18_10_50_+0100_AnYt8EQIPMhi12Us--