Summary: | defective crypt() implementation affects www/apache24, possibly www/apache22 | ||
---|---|---|---|
Product: | Ports & Packages | Reporter: | papowell |
Component: | Individual Port(s) | Assignee: | freebsd-apache (Nobody) <apache> |
Status: | Closed FIXED | ||
Severity: | Affects Many People | CC: | apache, ohauer, pgollucci |
Priority: | --- | Flags: | mva:
maintainer-feedback?
(apache) |
Version: | Latest | ||
Hardware: | Any | ||
OS: | Any |
Description
papowell
2014-09-08 20:15:04 UTC
Assign to apache maintainer group. I can confirm crypt will not work on 9.3, haven't had the time to test on upcoming 10.1. At the moment I don't see an quick and easy way for an fix to support backward compatiblity, Hi Papowell, it seems the crypt() regression was fixed recently by this errata https://www.freebsd.org/security/advisories/FreeBSD-EN-14:11.crypt.asc FreeBSD-10.1 contains the errata fix already. Systems on 9.3/10.0 should run freebsd-update to get the fix. Can you run the test on your site again with an up-to-date system? submitter feedback timeout 309 days. Also the ENs fix this on all supported versions. |