CVSROOT: /cvs
Module name: ports
Changes by: [email protected] 2019/08/19 09:21:34
Modified files:
www/apache-httpd: Tag: OPENBSD_6_5 Makefile distinfo
www/apache-httpd/patches: Tag: OPENBSD_6_5 patch-Makefile_in
patch-config_layout patch-configure
patch-docs_conf_httpd_conf_in
patch-docs_man_htpasswd_1
patch-docs_man_httpd_8
patch-modules_ssl_ssl_engine_init_c
patch-modules_ssl_ssl_private_h
patch-server_mpm_unix_c
patch-support_apachectl_in
patch-support_apxs_in
patch-support_rotatelogs_c
www/apache-httpd/pkg: Tag: OPENBSD_6_5 PLIST
Log message:
MFC update to apache-httpd 2.4.41;
CVE-2019-10081: mod_http2, memory corruption on early pushes
CVE-2019-10082: mod_http2, read-after-free in h2 connection shutdown
CVE-2019-10092: Limited cross-site scripting in mod_proxy
CVE-2019-10097: mod_remoteip stack buffer overflow and NULL pointer dereference
CVE-2019-10098: mod_rewrite configurations vulnerable to open redirect
CVE-2019-9517: mod_http2, DoS attack by exhausting h2 workers
