[MacPorts] #14140: UPDATE: apache 1.3.37 to 1.3.41
MacPorts
trac at macosforge.org
Sat Feb 2 05:42:46 PST 2008
#14140: UPDATE: apache 1.3.37 to 1.3.41
-------------------------------+--------------------------------------------
Reporter: ebgssth at gmail.com | Owner: macports-tickets at lists.macosforge.org
Type: defect | Status: new
Priority: Normal | Milestone: Port Updates
Component: ports | Version: 1.6.0
Keywords: apache |
-------------------------------+--------------------------------------------
MacPorts provides the latest apache2, but
apache1 is a bit dated (1.3.37)
Unfortunately, 1.3.37 has a minor security flaw.
''
Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP
Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through
1.3.39, when the server-status page is enabled, allows remote attackers to
inject arbitrary web script or HTML via unspecified vectors.''
http://secunia.com/cve_reference/CVE-2007-6388/
Please upgrade apache to the latest 1.3.41
--
Ticket URL: <http://trac.macosforge.org/projects/macports/ticket/14140>
MacPorts </projects/macports>
Ports system for Mac OS
More information about the macports-tickets
mailing list