[MacPorts] #14140: UPDATE: apache 1.3.37 to 1.3.41

MacPorts trac at macosforge.org
Sat Feb 2 05:42:46 PST 2008


#14140: UPDATE: apache 1.3.37 to 1.3.41
-------------------------------+--------------------------------------------
 Reporter:  ebgssth at gmail.com  |       Owner:  macports-tickets at lists.macosforge.org
     Type:  defect             |      Status:  new                                  
 Priority:  Normal             |   Milestone:  Port Updates                         
Component:  ports              |     Version:  1.6.0                                
 Keywords:  apache             |  
-------------------------------+--------------------------------------------
 MacPorts provides the latest apache2, but
 apache1 is a bit dated (1.3.37)
 Unfortunately, 1.3.37 has a minor security flaw.

 ''
  Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP
 Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through
 1.3.39, when the server-status page is enabled, allows remote attackers to
 inject arbitrary web script or HTML via unspecified vectors.''
 http://secunia.com/cve_reference/CVE-2007-6388/

 Please upgrade apache to the latest 1.3.41

-- 
Ticket URL: <http://trac.macosforge.org/projects/macports/ticket/14140>
MacPorts </projects/macports>
Ports system for Mac OS


More information about the macports-tickets mailing list