36804 – portupgrade of apache13+modssl causes cert + /usr/local/www overwrite

Bug 36804 - portupgrade of apache13+modssl causes cert + /usr/local/www overwrite

Summary: portupgrade of apache13+modssl causes cert + /usr/local/www overwrite

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	Normal Affects Only Me
Assignee:	Dirk Meyer

URL:
Keywords:

Depends on:
Blocks:

Reported:	2002-04-05 23:20 UTC by sirmoo
Modified:	2003-06-04 17:33 UTC (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description sirmoo 2002-04-05 23:20:01 UTC

while portupgrading apache13+modssl to fix the latest vuln with overflowing session space (http://archives.neohapsis.com/archives/bugtraq/2002-02/0313.html),
the installation overwrittes the server certs in /usr/local/etc/apache/ssl*/ with the "snake oil" ones.
/usr/local/www/ is overwritten.
/usr/local/etc/apache/httpd.conf is preserved however.

How-To-Repeat: 1. install apache13+modssl. Customize. Portupgrade apache13+modssl.

Comment 1 Patrick Li freebsd_committer

2002-06-22 18:50:31 UTC

State Changed
From-To: open->patched

Fixed www override, SSL certificates still an issue.

Comment 2 Norikatsu Shigemura freebsd_committer

2003-03-19 16:53:50 UTC

Responsible Changed
From-To: freebsd-ports-bugs->pat

Over to volunteer.

Comment 3 Dirk Meyer freebsd_committer

2003-06-04 17:32:42 UTC

State Changed
From-To: patched->closed

I committed a fix.

Comment 4 Dirk Meyer freebsd_committer

2003-06-04 17:32:42 UTC

Responsible Changed
From-To: pat->dinoex

I take care of followups.