robert delius royar <[EMAIL PROTECTED]> on Sunday, April 29, 2007 at 7:58 AM -0800 wrote: >% port info mod_perl >mod_perl 1.29, Revision 2, www/mod_perl (Variants: universal, darwin_6) >http://perl.apache.org/ > >{Embeds a Perl interpreter in the Apache 1.3 server} > >Library Dependencies: perl5.8, apache >Platforms: darwin freebsd >Maintainers: [EMAIL PROTECTED] > >Note that mod_perl 1.29 is susceptable to a moderately critical DoS >attack as is mod_perl 2.0.2. See >http://search.cpan.org/~gozer/mod_perl-1.30/Changes >SECURITY: CVE-2007-1349 (cve.mitre.org) fix unescaped variable >interpolation in Apache::PerlRun regular expression to prevent regex >engine tampering. reported by Alex Solovey [Randal L. Schwartz ><[EMAIL PROTECTED]>, Fred Moyer <[EMAIL PROTECTED]>] > >Both have been upgraded to versions greater than are found in macports. >The upgrade from MP 1.29 to 1.30 is trivial--requiring a checksum change >and the version change.
I just upgraded them to 1.30 and 2.0.3. They had outstanding tickets that I closed also so the maintainer is not listening anymore. Mark _______________________________________________ macports-users mailing list [email protected] http://lists.macosforge.org/mailman/listinfo/macports-users
