CVSROOT: /cvs Module name: ports Changes by: [email protected] 2025/08/19 05:16:17
Modified files:
www/nginx : Makefile
Added files:
www/nginx/patches: patch-src_mail_ngx_mail_handler_c
Log message:
patch nginx for CVE-2025-53859 (an unauth'd attacker can possibly over-read
SMTP auth process memory. this only affects the mailproxy subpackage, when
the smtp_auth directive is configured with method "none", and the auth server
returns an "Auth-Wait" response header)
from Sergey A. Osokin
