cvs commit: ports/www/apache21 Makefile ports/www/apache21/files patch-secfix-CAN-2005-3352 ports/www/apache22 Makefile ports/www/apache22/files patch-secfix-CAN-2005-3352

Mon Dec 12 12:55:16 PST 2005

clement     2005-12-12 20:55:14 UTC

  FreeBSD ports repository

  Modified files:
    www/apache21         Makefile 
    www/apache22         Makefile 
  Added files:
    www/apache21/files   patch-secfix-CAN-2005-3352 
    www/apache22/files   patch-secfix-CAN-2005-3352 
  Log:
  SECURITY: CVE-2005-3352 (cve.mitre.org)
       mod_imap: Escape untrusted referer header before outputting in HTML
       to avoid potential cross-site scripting.  Change also made to
       ap_escape_html so we escape quotes.  Reported by JPCERT.
       [Mark Cox]
  
  Reported by:    simon
  
  Revision  Changes    Path
  1.180     +1 -1      ports/www/apache21/Makefile
  1.1       +34 -0     ports/www/apache21/files/patch-secfix-CAN-2005-3352 (new)
  1.181     +1 -1      ports/www/apache22/Makefile
  1.1       +35 -0     ports/www/apache22/files/patch-secfix-CAN-2005-3352 (new)