cvs commit: ports/www/apache22 Makefile pkg-plist
ports/www/apache22/files apache22.sh.in patch-CVE-2008-2939
Clement Laforet
clement at FreeBSD.org
Sun Aug 31 23:00:27 UTC 2008
clement 2008-08-31 23:00:27 UTC
FreeBSD ports repository
Modified files:
www/apache22 Makefile pkg-plist
www/apache22/files apache22.sh.in
Added files:
www/apache22/files patch-CVE-2008-2939
Log:
- Yet Another Plist Fix [1]
- Completely shut up rc.d script when no profiles are enabled
(add add support to disable profiles) [2]
- Fix CVE-2008-2939 for mod_proxy_ftp
(XSS attacks when using wildcards in the path of the FTP URL)
- Add "apache22_fib" to start apache22 prefixed by
"setfib -F ${apache22_fib}", so apache can use an alternate
network view (not carefully tested yet)
- Revert previous patch to "fix" missing rc.d scripts. It
actually breaks profiles.
- Bump PORTREVISION
PR: ports/126670 [1],
ports/116627 [2]
Submitted by: Joseph S. Atkinson [1],
Eygene Ryabinkin [2]
Security: CVE-2008-2939
Special thanks to: pgollucci@
Revision Changes Path
1.222 +5 -3 ports/www/apache22/Makefile
1.6 +43 -2 ports/www/apache22/files/apache22.sh.in
1.1 +11 -0 ports/www/apache22/files/patch-CVE-2008-2939 (new)
1.89 +3 -2 ports/www/apache22/pkg-plist
More information about the cvs-ports
mailing list