[56572] trunk/dports/www/apache2
ryandesign at macports.org
ryandesign at macports.org
Sun Aug 30 03:38:27 PDT 2009
Revision: 56572
http://trac.macports.org/changeset/56572
Author: ryandesign at macports.org
Date: 2009-08-30 03:38:23 -0700 (Sun, 30 Aug 2009)
Log Message:
-----------
apache2: fix security issue: protect .htaccess, .htpasswd and .DS_Store files; see #7277
Modified Paths:
--------------
trunk/dports/www/apache2/Portfile
trunk/dports/www/apache2/files/patch-httpd.conf.in-sensitive-files.diff
Modified: trunk/dports/www/apache2/Portfile
===================================================================
--- trunk/dports/www/apache2/Portfile 2009-08-30 09:53:59 UTC (rev 56571)
+++ trunk/dports/www/apache2/Portfile 2009-08-30 10:38:23 UTC (rev 56572)
@@ -4,6 +4,7 @@
name apache2
version 2.2.13
+revision 1
categories www
maintainers imajes
description The extremely popular second version of the Apache http server
Modified: trunk/dports/www/apache2/files/patch-httpd.conf.in-sensitive-files.diff
===================================================================
--- trunk/dports/www/apache2/files/patch-httpd.conf.in-sensitive-files.diff 2009-08-30 09:53:59 UTC (rev 56571)
+++ trunk/dports/www/apache2/files/patch-httpd.conf.in-sensitive-files.diff 2009-08-30 10:38:23 UTC (rev 56572)
@@ -16,7 +16,7 @@
+# Also, folks tend to use names such as .htpasswd for password
+# files, so this will protect those as well.
+#
-+<Files ~ "^<.([Hh][Tt]|[Dd][Ss]_[Ss])">
++<Files ~ "^\.([Hh][Tt]|[Dd][Ss]_[Ss])">
+ Order allow,deny
+ Deny from all
+ Satisfy All
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/macports-changes/attachments/20090830/a41395c7/attachment.html>
More information about the macports-changes
mailing list