Created attachment 190356 [details] thttpd-2.28.patch New in version 2.28: Improvements to the FreeBSD startup script. (Craig Leres) Minor portability tweak in mmc.c. Fix to buffer overrun bug in htpasswd. Reported by Alessio Santoru as CVE-2017-17663.
A commit references this bug: Author: danfe Date: Thu Feb 8 14:26:28 UTC 2018 New revision: 461240 URL: https://svnweb.freebsd.org/changeset/ports/461240 Log: Update `www/thttpd' to version 2.28, which features: - Improvements to the FreeBSD startup script (Craig Leres) - Minor portability tweak in mmc.c - Fix a potential buffer overrun bug in htpasswd (reported by Alessio Santoru as CVE-2017-17663), no-op on FreeBSD due to our custom patches from Red Hat since r377324 PR: 225701 Changes: head/www/thttpd/Makefile head/www/thttpd/distinfo head/www/thttpd/files/patch-extras_htpasswd.c head/www/thttpd/files/patch-mmc.c
Port was updated as of ports r461240, thanks!