From owner-freebsd-apache@freebsd.org  Mon Aug 10 18:03:57 2020
Return-Path: <owner-freebsd-apache@freebsd.org>
Delivered-To: freebsd-apache@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 834C03AA560
 for <freebsd-apache@mailman.nyi.freebsd.org>;
 Mon, 10 Aug 2020 18:03:57 +0000 (UTC)
 (envelope-from apache@cloudzeeland.nl)
Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3])
 by mx1.freebsd.org (Postfix) with ESMTP id 4BQP3d1r45z4cbC
 for <freebsd-apache@freebsd.org>; Mon, 10 Aug 2020 18:03:57 +0000 (UTC)
 (envelope-from apache@cloudzeeland.nl)
Received: by mailman.nyi.freebsd.org (Postfix)
 id 3F0463AA55F; Mon, 10 Aug 2020 18:03:57 +0000 (UTC)
Delivered-To: apache@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 3ECBC3AA420
 for <apache@mailman.nyi.freebsd.org>; Mon, 10 Aug 2020 18:03:57 +0000 (UTC)
 (envelope-from apache@cloudzeeland.nl)
Received: from poseidon.cloudzeeland.nl (cloudzeeland.xs4all.nl
 [83.161.133.58])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "cloudzeeland.nl",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4BQP3b70bnz4cQH
 for <apache@freebsd.org>; Mon, 10 Aug 2020 18:03:55 +0000 (UTC)
 (envelope-from apache@cloudzeeland.nl)
Received: from poseidon.cloudzeeland.nl (cloudzeeland.nl [10.10.10.36])
 by poseidon.cloudzeeland.nl (Postfix) with ESMTP id A6C1A1E262
 for <apache@freebsd.org>; Mon, 10 Aug 2020 20:03:47 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cloudzeeland.nl;
 s=cloud; t=1597082627;
 bh=+HDByeBHzFyca9I6yVC7stteT8znTtLYMVm+qz7Ypi0=;
 h=To:From:Subject:Date;
 b=edODW/+9O5bGsSENQGhh/DiDDMq6nmehV2tbAH0CNnpCh7dJP3WCfvMnTdZ86hNTL
 BZKJn69qKvtXFTNcoykbGn+2iElhMxBj25FoZ5l/391iTWnuRCGcDVzRhDaLYZBtOZ
 t9YKwktJOTKoFDLA1HD1wXfItgayvlXHXQVoglds=
Received: from [10.10.10.34] (pion1.rpicloud.nl [82.176.127.71])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by poseidon.cloudzeeland.nl (Postfix) with ESMTPSA id 3EA6D1E261
 for <apache@freebsd.org>; Mon, 10 Aug 2020 20:03:47 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cloudzeeland.nl;
 s=cloud; t=1597082627;
 bh=+HDByeBHzFyca9I6yVC7stteT8znTtLYMVm+qz7Ypi0=;
 h=To:From:Subject:Date;
 b=edODW/+9O5bGsSENQGhh/DiDDMq6nmehV2tbAH0CNnpCh7dJP3WCfvMnTdZ86hNTL
 BZKJn69qKvtXFTNcoykbGn+2iElhMxBj25FoZ5l/391iTWnuRCGcDVzRhDaLYZBtOZ
 t9YKwktJOTKoFDLA1HD1wXfItgayvlXHXQVoglds=
To: apache@freebsd.org
From: Jos Chrispijn <apache@cloudzeeland.nl>
Subject: Apache24 vulnerability
Message-ID: <107d7d42-39b6-1f30-b5fd-ff9b69fa8691@cloudzeeland.nl>
Date: Mon, 10 Aug 2020 20:03:48 +0200
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101
 Thunderbird/68.11.0
MIME-Version: 1.0
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
Content-Language: en-GB
X-Virus-Scanned: ClamAV using ClamSMTP
X-Rspamd-Queue-Id: 4BQP3b70bnz4cQH
X-Spamd-Bar: /
Authentication-Results: mx1.freebsd.org;
 dkim=pass header.d=cloudzeeland.nl header.s=cloud header.b=edODW/+9;
 dkim=pass header.d=cloudzeeland.nl header.s=cloud header.b=edODW/+9;
 dmarc=none;
 spf=pass (mx1.freebsd.org: domain of apache@cloudzeeland.nl designates
 83.161.133.58 as permitted sender) smtp.mailfrom=apache@cloudzeeland.nl
X-Spamd-Result: default: False [-0.96 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[];
 ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[cloudzeeland.nl:s=cloud];
 NEURAL_HAM_MEDIUM(-1.06)[-1.057]; FROM_HAS_DN(0.00)[];
 ENVFROM_SERVICE_ACCT(1.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[];
 R_SPF_ALLOW(-0.20)[+a]; MIME_GOOD(-0.10)[text/plain];
 PREVIOUSLY_DELIVERED(0.00)[apache@freebsd.org];
 TO_DN_NONE(0.00)[]; RCPT_COUNT_ONE(0.00)[1];
 NEURAL_HAM_LONG(-0.97)[-0.972]; RCVD_COUNT_THREE(0.00)[3];
 DMARC_NA(0.00)[cloudzeeland.nl];
 DKIM_TRACE(0.00)[cloudzeeland.nl:+]; FROM_SERVICE_ACCT(1.00)[];
 NEURAL_HAM_SHORT(-0.43)[-0.434]; FROM_EQ_ENVFROM(0.00)[];
 MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[];
 ASN(0.00)[asn:3265, ipnet:83.160.0.0/14, country:NL];
 MID_RHS_MATCH_FROM(0.00)[]
X-BeenThere: freebsd-apache@freebsd.org
X-Mailman-Version: 2.1.33
Precedence: list
List-Id: Support of apache-related ports  <freebsd-apache.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-apache>, 
 <mailto:freebsd-apache-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-apache/>
List-Post: <mailto:freebsd-apache@freebsd.org>
List-Help: <mailto:freebsd-apache-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-apache>,
 <mailto:freebsd-apache-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Aug 2020 18:03:57 -0000

Dear package maintainer(s),

Hope you are in good health and have a good holiday with this pandemic 
going on.

Can you please send out an update of following packageas apache24-2.4.43 
seems to be vulnerable:

Apache httpd -- Multiple vulnerabilities CVE: CVE-2020-11993 CVE: 
CVE-2020-11984 CVE: CVE-2020-9490 WWW: 
https://vuxml.FreeBSD.org/freebsd/76700d2f-d959-11ea-b53c-d4c9ef517024.html 
thanks in advance and keep up the good wojk! Jos