[MacPorts] #38452: PHP code disclosure vulnerability with apache2 and other web servers (was: Apache on HFS Critical Security Issue)
Bradley Giesbrecht
pixilla at macports.org
Fri Mar 22 13:03:36 PDT 2013
On Mar 22, 2013, at 7:08 AM, Daniel J. Luke wrote:
> On Mar 21, 2013, at 6:14 PM, Ryan Schmidt <ryandesign at macports.org> wrote:
>> On Mar 21, 2013, at 11:53, Bradley Giesbrecht wrote:
>>> Compiling and installing mod_hfs_apple.so from here did not work for me:
>>> http://opensource.apple.com/source/apache_mod_hfs_apple/apache_mod_hfs_apple-11/
>>>
>>> However, copying Apples mod_hfs_apple.so from a Mac OS X Server does appear to solve the problem.
>>
>> I'm not surprised, since the vulnerability was reported this year, and the above code was last modified in 2011.
>>
>> https://trac.macports.org/ticket/38452#comment:11
>
>
> Can we maybe find out if a newer version of mod_hfs_apple is in the process of being posted to opensource.apple.com? (and then get a portfile written for it?)
+1
Regards,
Bradley Giesbrecht (pixilla)
More information about the macports-dev
mailing list