cvs commit: ports/www/apache2 Makefile ports/www/apache2/files
patch-secfix-modules:ssl:ssl_engine_io.c
Clement Laforet
clement at FreeBSD.org
Wed Aug 18 12:40:08 PDT 2004
clement 2004-08-18 19:40:07 UTC
FreeBSD ports repository
Modified files:
www/apache2 Makefile
Added files:
www/apache2/files patch-secfix-modules:ssl:ssl_engine_io.c
Log:
- Backport security fixes in ssl_engine_io.c
* [SECURITY] mod_ssl: Fix potential input filter segfaults in
SPECULATIVE mode. (rollback handling for AP_MODE_SPECULATIVE)
"This issue has possible security implications; it's been assigned CVE
CAN-2004-0751 (cve.mitre.org)."
http://issues.apache.org/bugzilla/show_bug.cgi?id=30134
* [SECURITY] mod_ssl: Fix potential infinite loop.
(potential infinite loop in ssl_io_input_getline if connection is
aborted without inctx->rc being set.)
http://issues.apache.org/bugzilla/show_bug.cgi?id=27945
http://issues.apache.org/bugzilla/show_bug.cgi?id=29690
Obtained from: Apache CVS (httpd-2.0 HEAD)
Revision Changes Path
1.197 +1 -1 ports/www/apache2/Makefile
1.1 +34 -0 ports/www/apache2/files/patch-secfix-modules:ssl:ssl_engine_io.c (new)
More information about the cvs-all
mailing list