FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  374986
Date:      2014-12-20
Time:      00:21:30Z
Committer: delphij

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
91ecb546-b1e6-11e3-980f-20cf30e32f6dapache -- several vulnerabilities

Apache HTTP SERVER PROJECT reports:

Clean up cookie logging with fewer redundant string parsing passes. Log only cookies with a value assignment. Prevents segfaults when logging truncated cookies.

mod_dav: Keep track of length of cdata properly when removing leading spaces. Eliminates a potential denial of service from specifically crafted DAV WRITE requests.


Discovery 2014-02-25
Entry 2014-03-22
apache24
gt 2.4.0 lt 2.4.9

apache22
gt 2.2.0 lt 2.2.27

apache22-event-mpm
gt 2.2.0 lt 2.2.27

apache22-itk-mpm
gt 2.2.0 lt 2.2.27

apache22-peruser-mpm
gt 2.2.0 lt 2.2.27

apache22-worker-mpm
gt 2.2.0 lt 2.2.27

CVE-2014-0098
CVE-2013-6438
ca4d63fb-f15c-11e2-b183-20cf30e32f6dapache24 -- several vulnerabilities

Apache HTTP SERVER PROJECT reports:

mod_dav: Sending a MERGE request against a URI handled by mod_dav_svn with the source href (sent as part of the request body as XML) pointing to a URI that is not configured for DAV will trigger a segfault.

mod_session_dbd: Make sure that dirty flag is respected when saving sessions, and ensure the session ID is changed each time the session changes. This changes the format of the updatesession SQL statement. Existing configurations must be changed.


Discovery 2013-07-11
Entry 2013-07-20
Modified 2013-07-21
apache24
lt 2.4.6

CVE-2013-1896
CVE-2013-2249
http://www.apache.org/dist/httpd/Announcement2.4.html