macports apache2 CVE-2009-3555?

Todd Fleisher todd at
Tue Nov 17 12:18:13 PST 2009

I'm wondering if the the macports apache2 port has been patched in any way for CVE-2009-3555?

From the Debian security list:
"As a partial mitigation against this attack, this apache2 update
disables client-initiated renegotiations. This should fix the
vulnerability for the majority of Apache configurations in use."


More information about the macports-users mailing list