cvs commit: ports/www/apache22 Makefile distinfo

Philip M. Gollucci pgollucci at
Wed Dec 9 23:48:01 UTC 2009

pgollucci    2009-12-09 23:48:01 UTC

  FreeBSD ports repository

  Modified files:
    www/apache22         Makefile distinfo 
  - Update to 2.2.14
  - With hat apache@
  Note: The 3 CVE's are a no-op for the FreeBSD port --
  date: 2009/08/25 05:33:03;  author: kuriyama;  state: Exp;  lines: +0 -0
  (Forced commit)
  - 2.2.13 (acutally 2.2.12) includes fixes for several CVEs. [1]
    but in our ports tree, APR related ones (CVE-2009-0023,
    CVE-2009-1955, CVE-2009-1956) were already backported in 2.2.11_5.
  References: [1]
    *) SECURITY: CVE-2009-2699 (
       Fixed in APR 1.3.9.  Faulty error handling in the Solaris pollset support
       (Event Port backend) which could trigger hangs in the prefork and event
       MPMs on that platform.  PR 47645.  [Jeff Trawick]
    *) SECURITY: CVE-2009-3095 (
       mod_proxy_ftp: sanity check authn credentials.
       [Stefan Fritsch <sf>, Joe Orton]
    *) SECURITY: CVE-2009-3094 (
       mod_proxy_ftp: NULL pointer dereference on error paths.
       [Stefan Fritsch <sf>, Joe Orton]
    *) mod_proxy_scgi: Backport from trunk. [André Malo]
    *) mod_ldap: Don't try to resolve file-based user ids to a DN when AuthLDAPURL
       has been defined at a very high level.  PR 45946.  [Eric Covener]
    *) htcacheclean: 19 ways to fail, 1 error message. Fixed. [Graham Leggett]
    *) mod_ldap: Bring the LDAPCacheEntries and LDAPOpCacheEntries
       usage() in synch with the manual and the implementation (0 and -1
       both disable the cache). [Eric Covener]
    *) mod_ssl: The error message when SSLCertificateFile is missing should
       at least give the name or position of the problematic virtual host
       definition. [Stefan Fritsch sf]
    *) htdbm: Fix possible buffer overflow if dbm database has very
       long values.  PR 30586 [Dan Poirier]
    *) Add support for HTTP PUT to ab. [Jeff Barnes <jbarnesweb>]
    *) mod_ssl: Fix SSL_*_DN_UID variables to use the 'userID' attribute
       type.  PR 45107.  [Michael Ströder <michael>,
       Peter Sylvester <peter.sylvester>]
    *) mod_cache: Add CacheIgnoreURLSessionIdentifiers directive to ignore
       defined session identifiers encoded in the URL when caching.
       [Ruediger Pluem]
    *) mod_mem_cache: fix seg fault under load due to pool concurrency problem
       PR: 47672 [Dan Poirier <poirier>]
    *) mod_autoindex: Correctly create an empty cell if the description
       for a file is missing. PR 47682 [Peter Poeml <poeml>]
  Revision  Changes    Path
  1.244     +1 -1      ports/www/apache22/Makefile
  1.78      +3 -3      ports/www/apache22/distinfo

More information about the cvs-ports mailing list