Date: Thu, 30 Sep 2004 17:05:24 -0400 From: "Peter C. Lai" <sirmoo@cowbert.net> To: Eli Dart <dart@nersc.gov> Cc: ports@freebsd.org Subject: Re: apache2 port Message-ID: <20040930210524.GT243@cowbert.net> In-Reply-To: <20040930210232.8B81BF987@gemini.nersc.gov> References: <20040930205503.GS243@cowbert.net> <20040930210232.8B81BF987@gemini.nersc.gov>
next in thread | previous in thread | raw e-mail | index | archive | help
if PORTVERSION isn't 2.0.51 then you shouldn't be getting anything in 2.0.51 (if you say the vulnerability was only introduced with 2.0.51). This should really be in the ports@ list. On Thu, Sep 30, 2004 at 02:02:32PM -0700, Eli Dart wrote: >=20 > In reply to "Peter C. Lai" <sirmoo@cowbert.net> : >=20 > > no. you can tell by PORTVERSION in the Makefile. >=20 > That still doesn't cover the case of the vulnerability being=20 > introduced by the patch.... >=20 > Unless I'm truly missing something.... >=20 > --eli >=20 >=20 > >=20 > > On Thu, Sep 30, 2004 at 01:45:16PM -0700, Eli Dart wrote: > > > Hi all, > > >=20 > > > There has been another vulnerability [1] discovered in apache2. This= =20 > > > affects only version 2.0.51 (where it was introduced). The ports=20 > > > tree is frozen, pending 5.3-R, so I assume that an update of the=20 > > > apache2 port to 2.0.52 is not forthcoming any time soon. > > >=20 > > > The question is this -- since the apache2 in the ports tree is 2.0.50= =20 > > > plus patches, does the version in the ports tree have this=20 > > > vulnerability? It seems that it only would if the patches to 2.0.50= =20 > > > introduced the vulnerability... Does anyone know? > > >=20 > > > Thanks! > > >=20 > > > --eli > > >=20 > > >=20 > > >=20 > > >=20 > >=20 > >=20 > >=20 > > --=20 > > Peter C. Lai > > University of Connecticut > > Dept. of Molecular and Cell Biology > > Yale University School of Medicine > > SenseLab | Research Assistant > > http://cowbert.2y.net/ > >=20 >=20 >=20 --=20 Peter C. Lai University of Connecticut Dept. of Molecular and Cell Biology Yale University School of Medicine SenseLab | Research Assistant http://cowbert.2y.net/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040930210524.GT243>