ohauer 2011-09-15 05:00:28 UTC
FreeBSD ports repository
Modified files:
www/apache22 Makefile distinfo
Log:
- update to version 2.2.21
Addresses:
* SECURITY: CVE-2011-3348 (cve.mitre.org)
mod_proxy_ajp when combined with mod_proxy_balancer: Prevents
unrecognized HTTP methods from marking ajp: balancer members
in an error state, avoiding denial of service.
* SECURITY: CVE-2011-3192 (cve.mitre.org)
core: Further fixes to the handling of byte-range requests to use
less memory, to avoid denial of service. This patch includes fixes
to the patch introduced in release 2.2.20 for protocol compliance,
as well as the MaxRanges directive.
PR: ports/160743
Submitted by: Jason Helfman <jhelf...@experts-exchange.com>
Revision Changes Path
1.293 +2 -2 ports/www/apache22/Makefile
1.86 +2 -2 ports/www/apache22/distinfo
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscr...@freebsd.org"
