ports/146393: www/apache20: apache-2.0.63_8 can't start
Benno Overeinder
benno at NLnetLabs.nl
Wed May 12 22:00:15 UTC 2010
The following reply was made to PR ports/146393; it has been noted by GNATS.
From: Benno Overeinder <benno at NLnetLabs.nl>
To: bug-followup at FreeBSD.org, stb at lassitu.de
Cc:
Subject: Re: ports/146393: www/apache20: apache-2.0.63_8 can't start
Date: Wed, 12 May 2010 23:53:21 +0200
Same problem here. After some searchig after mySrvFromConn, and
checking with the original Apache 2.0.63 sources, I figured out it must
be in the patches of the port. Indeed, in
www/apache20/files/patch-CVE-2009-3555 there is the code injecting the
line "s = mySrvFromConn(c);".
According to the header, it is:
"Modified patch from
http://www.apache.org/dist/httpd/patches/apply_to_2.2.14/CVE-2009-3555-2.2.patch".
In the original apache2.0.63 code there is no reference to
mySrvFromConn, and in the other port patches I cannot find any line
defining mySrvFromConn. Is this a partial backport of CVE-2009-3555?
Cheers,
-- Benno
More information about the freebsd-apache
mailing list