FreshPorts -- The Place For Ports If you buy from Amazon USA, please support us by using this link.
Follow us
Blog
Twitter

I am looking for an LTO tape library. Do you have one to spare?
Commit found by message id
Fri, 7 May 2010
[ 01:46:06 pgollucci ] Original commit 
apache22 www files touched by this commit  An older version of this port was marked as vulnerable. Version 2.2.x of Apache web server with prefork MPM.
- Forced commit to note the following CVEs were fixed in 2.2.15
  [from CHANGES file]

  *) SECURITY: CVE-2009-3555 (cve.mitre.org)
     mod_ssl: Comprehensive fix of the TLS renegotiation prefix injection
     attack when compiled against OpenSSL version 0.9.8m or later. Introduces
     the 'SSLInsecureRenegotiation' directive to reopen this vulnerability
     and offer unsafe legacy renegotiation with clients which do not yet
     support the new secure renegotiation protocol, RFC 5746.
     [Joe Orton, and with thanks to the OpenSSL Team]

  *) SECURITY: CVE-2009-3555 (cve.mitre.org)
     mod_ssl: A partial fix for the TLS renegotiation prefix injection attack
     for OpenSSL versions prior to 0.9.8l; reject any client-initiated
     renegotiations. Forcibly disable keepalive for the connection if there
     is any buffered data readable. Any configuration which requires
     renegotiation for per-directory/location access control is still
     vulnerable, unless using openssl 0.9.8l or later.
     [Joe Orton, Ruediger Pluem, Hartmut Keil <Hartmut.Keil adnovum.ch>]

  *) SECURITY: CVE-2010-0408 (cve.mitre.org)
     mod_proxy_ajp: Respond with HTTP_BAD_REQUEST when the body is not sent
     when request headers indicate a request body is incoming; not a case of
     HTTP_INTERNAL_SERVER_ERROR.  [Niku Toivola <niku.toivola sulake.com>]

  *) SECURITY: CVE-2010-0425 (cve.mitre.org)
     mod_isapi: Do not unload an isapi .dll module until the request
     processing is completed, avoiding orphaned callback pointers.
     [Brett Gervasoni <brettg senseofsecurity.com>, Jeff Trawick]

  *) SECURITY: CVE-2010-0434 (cve.mitre.org)
     Ensure each subrequest has a shallow copy of headers_in so that the
     parent request headers are not corrupted.  Eliminates a problematic
     optimization in the case of no request body.  PR 48359.
     [Jake Scott, William Rowe, Ruediger Pluem]

Number of ports [& non-ports] in this commit: 1

Showing files for just one port: www/apache22

show all files

hide all files


1 file found
ActionRevisionLinksFile
modify 1.259 View diff View revision /ports/head/www/apache22/Makefile
Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
mingw32-opensslApr 23
opensslApr 23
py-djangoApr 23
py-django-develApr 23
py-django14Apr 23
py-django15Apr 23
bugzilla40*Apr 18
bugzilla40*Apr 18
bugzilla42*Apr 18
bugzilla42*Apr 18
bugzilla44*Apr 18
bugzilla44*Apr 18
curlApr 11
dbus-glibApr 11
libaudiofileApr 11

14 vulnerabilities affecting 20 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds


Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 24375
Broken 178
Deprecated 91
Ignore 533
Forbidden 6
Restricted 263
No CDROM 108
Vulnerable 29
Expired 24
Set to expire 78
Interactive 22
new 24 hours 5
new 48 hours8
new 7 days18
new fortnight34
new month134


Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2014 Dan Langille. All rights reserved.