Navigation:
Browse pkgsrc
(this page)
www apache24
CVSweb ] [ 
Homepage ] [ 
RSS ] [ 
Required by ] [ 
Add to tracker ] 2013-07-30 22:17:50 by Matthias Scheler | Files touched by this commit (8) |  |
Log message:
Pullup ticket #4193 - requested by ryoon
www/apache24: security update
Revisions pulled up:
- www/apache24/Makefile 1.21 via patch
- www/apache24/PLIST 1.11
- www/apache24/distinfo 1.10
- www/apache24/patches/patch-support_htdbm.c deleted
- www/apache24/patches/patch-support_htdigest.c deleted
- www/apache24/patches/patch-support_htpasswd.c deleted
- www/apache24/patches/patch-support_passwd__common.c deleted
- www/apache24/patches/patch-support_passwd__common.h deleted
---
Module Name: pkgsrc
Committed By: ryoon
Date: Tue Jul 30 12:51:29 UTC 2013
Modified Files:
pkgsrc/www/apache24: Makefile PLIST distinfo
Removed Files:
pkgsrc/www/apache24/patches: patch-support_htdbm.c
patch-support_htdigest.c patch-support_htpasswd.c
patch-support_passwd__common.c patch-support_passwd__common.h
Log message:
Update to 2.4.6
Changelog:
Security buxfixes.
SECURITY: CVE-2013-1896 (cve.mitre.org) Sending a MERGE request against a \
URI handled by mod_dav_svn with the source href (sent as part of the request \
body as XML) pointing to a URI that is not configured for DAV will trigger a \
segfault.
SECURITY: CVE-2013-2249 (cve.mitre.org) mod_session_dbd: Make sure that \
dirty flag is respected when saving sessions, and ensure the session ID is \
changed each time the session changes. This changes the format of the \
updatesession SQL statement. Existing configurations must be changed.
And feature enhancement and bugfixes.
|
New packages: