Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 1 Feb 2012 19:00:24 GMT
From:      dfilter@FreeBSD.ORG (dfilter service)
To:        apache@FreeBSD.org
Subject:   Re: ports/164675: commit references a PR
Message-ID:  <201202011900.q11J0Ol1068834@freefall.freebsd.org>

next in thread | raw e-mail | index | archive | help
The following reply was made to PR ports/164675; it has been noted by GNATS.

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/164675: commit references a PR
Date: Wed,  1 Feb 2012 18:56:20 +0000 (UTC)

 jgh         2012-02-01 18:56:08 UTC
 
   FreeBSD ports repository
 
   Modified files:
     www/apache22         Makefile Makefile.doc distinfo 
     www/apache22/files   patch-Makefile.in 
                          patch-docs__conf__extra__httpd-ssl.conf.in 
   Log:
   - Update to 2.2.22
   
   Addresses:
   * SECURITY: CVE-2011-3607 (cve.mitre.org)
   Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP
   Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif
   module is enabled, allows local users to gain privileges via a .htaccess file
   with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request
   header, leading to a heap-based buffer overflow.
   
   * SECURITY: CVE-2012-0021 (cve.mitre.org)
   The log_cookie function in mod_log_config.c in the mod_log_config module in the
   Apache HTTP Server 2.2.17 through 2.2.21, when a threaded MPM is used, does not
   properly handle a %{}C format string, which allows remote attackers to cause a
   denial of service (daemon crash) via a cookie that lacks both a name and a
   value.
   
   * SECURITY: CVE-2012-0031 (cve.mitre.org)
   scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local
   users to cause a denial of service (daemon crash during shutdown) or possibly
   have unspecified other impact by modifying a certain type field within a
   scoreboard shared memory segment, leading to an invalid call to the free
   function.
   
   * SECURITY: CVE-2011-4317 (cve.mitre.org)
   The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x
   through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in
   place, does not properly interact with use of (1) RewriteRule and (2)
   ProxyPassMatch pattern matches for configuration of a reverse proxy, which
   allows remote attackers to send requests to intranet servers via a malformed URI
   containing an @ (at sign) character and a : (colon) character in invalid
   positions. NOTE: this vulnerability exists because of an incomplete fix for
   CVE-2011-3368.
   
   * SECURITY: CVE-2012-0053 (cve.mitre.org)
   protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly
   restrict header information during construction of Bad Request (aka 400) error
   documents, which allows remote attackers to obtain the values of HTTPOnly
   cookies via vectors involving a (1) long or (2) malformed header in conjunction
   with crafted web script.
   
   * SECURITY: CVE-2011-3368 (cve.mitre.org)
   The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x
   through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of
   (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a
   reverse proxy, which allows remote attackers to send requests to intranet
   servers via a malformed URI containing an initial @ (at sign) character.
   
   PR: ports/164675
   Reviewed by: pgollucci
   Approved by: pgollucci, crees, rene (mentors, implicit)
   With Hat: apache@
   
   Revision  Changes    Path
   1.295     +1 -1      ports/www/apache22/Makefile
   1.16      +3 -3      ports/www/apache22/Makefile.doc
   1.87      +2 -2      ports/www/apache22/distinfo
   1.26      +2 -2      ports/www/apache22/files/patch-Makefile.in
   1.4       +4 -40     ports/www/apache22/files/patch-docs__conf__extra__httpd-ssl.conf.in
 _______________________________________________
 cvs-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/cvs-all
 To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
 



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201202011900.q11J0Ol1068834>