CVSROOT: /cvs
Module name: ports
Changes by: [email protected] 2017/07/14 12:31:32
Modified files:
www/apache-httpd: Tag: OPENBSD_6_1 Makefile distinfo
www/apache-httpd/patches: Tag: OPENBSD_6_1 patch-configure
patch-docs_man_httpd_8
www/apache-httpd/pkg: Tag: OPENBSD_6_1 PLIST-main
Log message:
MFC security update to Apache httpd-2.4.27
fixed in 2.4.26:
ap_get_basic_auth_pw() Authentication Bypass CVE-2017-3167
mod_ssl Null Pointer Dereference CVE-2017-3169
mod_http2 Null Pointer Dereference CVE-2017-7659
ap_find_token() Buffer Overread CVE-2017-7668
mod_mime Buffer Overread CVE-2017-7679
fixed in 2.4.27:
Read after free in mod_http2 CVE-2017-9789
Uninitialized memory reflection in mod_auth_digest CVE-2017-9788
