commit 9e2a7d88fb2def5cf9960a433f482ddc49a4f970
Author: Florin Braescu <florin at lunar-linux.org>
Date: Sat Jan 19 12:09:44 2008 +0200
apache: version bumped to 1.3.41.
This version of Apache is a security fix release only.
CVE-2007-6388: mod_status: Ensure refresh parameter is numeric to
prevent a possible XSS attack caused by redirecting to other URLs.
CVE-2007-5000: mod_imap: Fix cross-site scripting issue.
CVE-2007-3847: mod_proxy: Prevent reading past the end of a buffer
when parsing date-related headers. PR 41144. With Apache 1.3, the
denial of service vulnerability applies only to the Windows and
NetWare platforms.
Please note that ability to exploit this issue is dependent on
running untrusted 3rd party modules or untrusted server-side code.
---
web/apache/DETAILS | 6 +++---
1 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/web/apache/DETAILS b/web/apache/DETAILS
index c48ae0c..0a5d889 100644
--- a/web/apache/DETAILS
+++ b/web/apache/DETAILS
@@ -1,12 +1,12 @@
MODULE=apache
- VERSION=1.3.39
+ VERSION=1.3.41
SOURCE=${MODULE}_$VERSION.tar.gz
SOURCE_DIRECTORY=$BUILD_DIRECTORY/${MODULE}_$VERSION
SOURCE_URL=http://www.apache.org/dist/httpd/
- SOURCE_VFY=sha1:004a6358129d2e839dfe35e1fcf2f1aff5cb24ed
+ SOURCE_VFY=sha1:3bbd4c4bc648e6ad5b696bb83420533f4d23daf8
WEB_SITE=http://www.apache.org
ENTERED=20010922
- UPDATED=20070907
+ UPDATED=20080119
SHORT="A popular HTTP server"
cat << EOF