295042 – www/apache24: security update 2.4.66 -> 2.4.67

Bug 295042 - www/apache24: security update 2.4.66 -> 2.4.67

Summary: www/apache24: security update 2.4.66 -> 2.4.67

Status:	New

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	--- Affects Only Me
Assignee:	freebsd-apache (Nobody)

URL:	https://downloads.apache.org/httpd/An...
Keywords:

Depends on:
Blocks:

Reported:	2026-05-06 00:13 UTC by Kurt Jaeger
Modified:	2026-05-06 09:47 UTC (History)
CC List:	5 users (show)

See Also:

Flags:	bugzilla: maintainer-feedback? (apache)

Attachments
patch (831 bytes, patch) 2026-05-06 00:13 UTC, Kurt Jaeger	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Kurt Jaeger freebsd_committer

2026-05-06 00:13:26 UTC

Created attachment 270448 [details]
patch

Testbuilds@work

Comment 1 Kurt Jaeger freebsd_committer

2026-05-06 00:19:55 UTC

CVE-2026-23918

Comment 2 Vladimir Druzenko freebsd_committer

2026-05-06 03:50:54 UTC

Total 11:
CVE-2026-23918
CVE-2026-24072
CVE-2026-28780
CVE-2026-33523
CVE-2026-33006
CVE-2026-29168
CVE-2026-29169
CVE-2026-33007
CVE-2026-33857
CVE-2026-34032
CVE-2026-34059

I updated the port yesterday with the same patch - the build and work smoothly on a dozen hosts in the production.

Comment 3 commit-hook freebsd_committer

2026-05-06 08:19:46 UTC

A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=af429502c471a40c21d55adaa2af2cea0ee0efc8

commit af429502c471a40c21d55adaa2af2cea0ee0efc8
Author:     Bernard Spil <brnrd@FreeBSD.org>
AuthorDate: 2026-05-06 08:17:40 +0000
Commit:     Bernard Spil <brnrd@FreeBSD.org>
CommitDate: 2026-05-06 08:17:40 +0000

    www/apache24: Security update to 2.4.67

    PR:             295042
    Security:       1ccc383b-486a-11f1-8b62-8447094a420f
    MFH:            2026Q2

 www/apache24/Makefile | 4 +---
 www/apache24/distinfo | 6 +++---
 2 files changed, 4 insertions(+), 6 deletions(-)

Comment 4 commit-hook freebsd_committer

2026-05-06 08:29:49 UTC

A commit in branch 2026Q2 references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=70af49f4ed699089cc8285379054acf50e719731

commit 70af49f4ed699089cc8285379054acf50e719731
Author:     Bernard Spil <brnrd@FreeBSD.org>
AuthorDate: 2026-05-06 08:17:40 +0000
Commit:     Bernard Spil <brnrd@FreeBSD.org>
CommitDate: 2026-05-06 08:29:28 +0000

    www/apache24: Security update to 2.4.67

    PR:             295042
    Security:       1ccc383b-486a-11f1-8b62-8447094a420f
    MFH:            2026Q2
    (cherry picked from commit af429502c471a40c21d55adaa2af2cea0ee0efc8)

 www/apache24/Makefile | 4 +---
 www/apache24/distinfo | 6 +++---
 2 files changed, 4 insertions(+), 6 deletions(-)