cvs commit: ports/www/apache13-modperl Makefile
ports/www/apache13-modperl/files
patch-secfix-CAN-2005-3352 ports/www/apache13-ssl Makefile
ports/www/apache13-ssl/files patch-secfix-CAN-2005-3352
Clement Laforet
clement at FreeBSD.org
Mon Dec 12 12:32:08 PST 2005
clement 2005-12-12 20:31:53 UTC
FreeBSD ports repository
Modified files:
www/apache13-modperl Makefile
www/apache13-ssl Makefile
Added files:
www/apache13-modperl/files patch-secfix-CAN-2005-3352
www/apache13-ssl/files patch-secfix-CAN-2005-3352
Log:
SECURITY: CVE-2005-3352 (cve.mitre.org)
mod_imap: Escape untrusted referer header before outputting in HTML
to avoid potential cross-site scripting. Change also made to
ap_escape_html so we escape quotes. Reported by JPCERT.
[Mark Cox]
Reported by: simon
Revision Changes Path
1.11 +1 -0 ports/www/apache13-modperl/Makefile
1.1 +35 -0 ports/www/apache13-modperl/files/patch-secfix-CAN-2005-3352 (new)
1.116 +1 -1 ports/www/apache13-ssl/Makefile
1.1 +35 -0 ports/www/apache13-ssl/files/patch-secfix-CAN-2005-3352 (new)
More information about the cvs-ports
mailing list