Apache 2.2.22 vuln

Wesley Shields wxs at FreeBSD.org
Thu Aug 2 02:28:21 UTC 2012


On Wed, Aug 01, 2012 at 11:48:02AM -0400, Dan Langille wrote:
> This post to apache@ seems to indicate that Apache 2.2.22 is vulnerable
> 
>    
> http://lists.freebsd.org/pipermail/freebsd-apache/2012-June/002778.html

Would someone from apache@ please commit the patch at [1] to
www/apache22. I will be committing a VuXML about this. I will also be
marking www/apache20 as vulnerable because AFAIK it is but there's no
official patch for it. If I don't see it committed by Friday evening
(GMT-5) I will just do it myself.

[1]:
http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/support/envvars-std.in?r1=421103&r2=1341651

-- WXS


More information about the freebsd-apache mailing list