non port: www/apache22/files/mpm-itk-perdir-regex |
SVNWeb
|
Number of commits found: 2 |
Sat, 2 Mar 2013
|
[ 19:31 ohauer ] (Only the first 10 of 12 ports in this commit are shown above. )
- update to version 2.2.24
- move mpm itk patches to itk-mpm/files dir
- add sshd to REQUIRE line in the rc script to prevent boot
issues in case a SSL cert is password protected [1]
Changes with Apache 2.2.24
SECURITY: CVE-2012-3499 (cve.mitre.org) Various XSS flaws due to
unescaped hostnames and URIs HTML output in mod_info, mod_status,
mod_imagemap, mod_ldap, and mod_proxy_ftp. [Jim Jagielski, Stefan
Fritsch, Niels Heinen <heinenn google com>]
SECURITY: CVE-2012-4558 (cve.mitre.org)
XSS in mod_proxy_balancer manager interface. [Jim Jagielski,
Niels Heinen <heinenn google com>]
(Only the first 15 lines of the commit message are shown above )
|
Thu, 31 Mar 2011
|
[ 17:00 ohauer ]
- update Apache 2 ITK MPM patch to version 20110321-01 [1]
- add additional patch for mpm-itk [2]
- add mod_substitute to apache22 [3]
- add some documentation into the mpm-itk* patches
- bump portrevision
Changes:
[1] apache2.2-mpm-itk 2.2.17-01, released 2011-03-21:
* Fixed CVE-2011-1176: If NiceValue was set, the default with no
AssignUserID was to run as root:root instead of the default Apache user
and group, due to the configuration merger having an incorrect default
configuration.
* Rebase against Apache 2.2.17.
* Fix an issue where users can sometimes get spurious 403s on persistent
connections, if the .htaccess files are not world readable. (Only the first 15 lines of the commit message are shown above )
|
Number of commits found: 2 |