svn commit: r418744 - head/security/vuxml
Bernard Spil
brnrd at FreeBSD.org
Mon Jul 18 20:15:18 UTC 2016
Author: brnrd
Date: Mon Jul 18 20:15:17 2016
New Revision: 418744
URL: https://svnweb.freebsd.org/changeset/ports/418744
Log:
www/apache24: Fix httpoxy vulnerability (+2.2)
- Mark new Apache revisions not vulnerable
- Add apache22-mpm-* ports
- Add Apache CVE-number
Security: cf0b5668-4d1b-11e6-b2ec-b499baebfeaf
Security: CVE-2016-5387
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Mon Jul 18 20:14:19 2016 (r418743)
+++ head/security/vuxml/vuln.xml Mon Jul 18 20:15:17 2016 (r418744)
@@ -63,11 +63,15 @@ Notes:
<affects>
<package>
<name>apache22</name>
- <range><ge>0</ge></range>
+ <name>apache22-event-mpm</name>
+ <name>apache22-itk-mpm</name>
+ <name>apache22-peruser-mpm</name>
+ <name>apache22-worker-mpm</name>
+ <range><lt>2.2.31_1</lt></range>
</package>
<package>
<name>apache24</name>
- <range><ge>0</ge></range>
+ <range><lt>2.4.23_1</lt></range>
</package>
<package>
<name>tomcat6</name>
@@ -142,12 +146,14 @@ Notes:
<url>https://www.kb.cert.org/vuls/id/797896</url>
<url>CVE-2016-5385</url>
<url>CVE-2016-5386</url>
+ <url>CVE-2016-5387</url>
<url>CVE-2016-5388</url>
<url>CVE-2016-1000110</url>
</references>
<dates>
<discovery>2016-07-18</discovery>
<entry>2016-07-18</entry>
+ <modified>2016-07-18</modified>
</dates>
</vuln>
More information about the svn-ports-all
mailing list