From owner-freebsd-ports@FreeBSD.ORG  Wed Jul 27 21:14:49 2005
Return-Path: <owner-freebsd-ports@FreeBSD.ORG>
X-Original-To: freebsd-ports@freebsd.org
Delivered-To: freebsd-ports@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 9E9F316A41F
	for <freebsd-ports@freebsd.org>; Wed, 27 Jul 2005 21:14:49 +0000 (GMT)
	(envelope-from pauls@utdallas.edu)
Received: from smtp1.utdallas.edu (smtp1.utdallas.edu [129.110.10.12])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 6304143D45
	for <freebsd-ports@freebsd.org>; Wed, 27 Jul 2005 21:14:49 +0000 (GMT)
	(envelope-from pauls@utdallas.edu)
Received: from utd59514.utdallas.edu (utd59514.utdallas.edu [129.110.3.28])
	by smtp1.utdallas.edu (Postfix) with ESMTP id 9AC96388C71;
	Wed, 27 Jul 2005 16:14:48 -0500 (CDT)
Date: Wed, 27 Jul 2005 16:14:48 -0500
From: Paul Schmehl <pauls@utdallas.edu>
To: virenp@mail.utexas.edu, freebsd-ports@freebsd.org
Message-ID: <782A8803E0E45AF2882CE483@utd59514.utdallas.edu>
In-Reply-To: <37675.146.6.178.5.1122498494.squirrel@mail.cm.utexas.edu>
References: <37675.146.6.178.5.1122498494.squirrel@mail.cm.utexas.edu>
X-Mailer: Mulberry/3.1.6 (Linux/x86)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Cc: 
Subject: Re: apache13-modssl-1.3.33+2.8.22_1 port broken??
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
	<mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
	<mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Jul 2005 21:14:49 -0000

--On Wednesday, July 27, 2005 16:08:14 -0500 Viren Patel 
<virenp@mail.utexas.edu> wrote:

> I am trying to install apache+mod_ssl-1.3.33+2.8.22_1 and
> get the following:
>
># make
> ===>  apache+mod_ssl-1.3.33+2.8.22_1 has known
> vulnerabilities:
> => apache -- http request smuggling.
>    Reference:
> <http://www.FreeBSD.org/ports/portaudit/651996e0-fe07-11d9-8329-000e0c2e4
> 38a.html> => Please update your ports tree and try again.
> *** Error code 1
>
> Stop in /usr/ports/www/apache13-modssl.
>
> I have updated the ports tree and the files directory
> contains the patch for this vulnerability
> (patch-secfix-CAN-2005-2088).
>
> I need to install this port urgently. What am I doing
> wrong?? If the vulnerability has not been fixed, how can I
> force install? TIA.
>
make FORCE_PKGREGISTER=yes && make install

Paul Schmehl (pauls@utdallas.edu)
Adjunct Information Security Officer
University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/ir/security/