Summary: | www/apache24 2.4.23 requires security update per listed CVEs | ||
---|---|---|---|
Product: | Ports & Packages | Reporter: | dewayne |
Component: | Individual Port(s) | Assignee: | Olli Hauer <ohauer> |
Status: | Closed FIXED | ||
Severity: | Affects Many People | CC: | ohauer |
Priority: | --- | Flags: | bugzilla:
maintainer-feedback?
(apache) ohauer: merge-quarterly? |
Version: | Latest | ||
Hardware: | Any | ||
OS: | Any |
Description
dewayne
2016-12-21 00:42:42 UTC
A commit references this bug: Author: ohauer Date: Wed Dec 21 10:41:10 UTC 2016 New revision: 429063 URL: https://svnweb.freebsd.org/changeset/ports/429063 Log: - update to 2.4.25 PR: 215457 Reported by: Apache Software Foundation MFH: 2016Q4 Security: vid 862d6ab3-c75e-11e6-9f98-20cf30e32f6d CVE-2016-8743 CVE-2016-2161 CVE-2016-0736 CVE-2016-8740 CVE-2016-5387 Changes: head/www/apache24/Makefile head/www/apache24/distinfo head/www/apache24/files/patch-CVE-2016-8740 head/www/apache24/files/patch-httpoxy An update to 2.4.25 was committed, (I don't know doctor@, but there are several sec. lists subscribed to the Apache Foundation announcements) A commit references this bug: Author: ohauer Date: Thu Dec 22 06:27:09 UTC 2016 New revision: 429144 URL: https://svnweb.freebsd.org/changeset/ports/429144 Log: MFH: r425421 r429063 - Add LICENSE - update to 2.4.25 PR: 215457 Reported by: Apache Software Foundation Security: vid 862d6ab3-c75e-11e6-9f98-20cf30e32f6d CVE-2016-8743 CVE-2016-2161 CVE-2016-0736 CVE-2016-8740 CVE-2016-5387 Approved by: ports-secteam (junovitch) Changes: _U branches/2016Q4/ branches/2016Q4/www/apache24/Makefile branches/2016Q4/www/apache24/distinfo branches/2016Q4/www/apache24/files/patch-CVE-2016-8740 branches/2016Q4/www/apache24/files/patch-httpoxy |