Subject: CVS commit: [pkgsrc-2004Q3] pkgsrc
To: None <pkgsrc-changes@NetBSD.org>
From: Alistair G. Crooks <agc@netbsd.org>
List: pkgsrc-changes
Date: 10/24/2004 11:52:09
Module Name: pkgsrc
Committed By: agc
Date: Sun Oct 24 11:52:09 UTC 2004
Modified Files:
pkgsrc/doc [pkgsrc-2004Q3]: CHANGES-pkgsrc-2004Q3
pkgsrc/www/ap-ssl [pkgsrc-2004Q3]: Makefile distinfo
Log Message:
Security Pullup - requested by Matthias Scheler
security fix for ap-ssl
Modified Files:
pkgsrc/www/ap-ssl: Makefile distinfo
Log Message:
Update "ap-ssl" package to version 2.8.20. Changes since version 2.8.19:
- With OpenSSL 0.9.7, prevent session resumption during a
renegotiation to force the client to negotiate a new (and
acceptable to mod_ssl) cipher suite. Additionally, ensure
that a correct cipher suite has been negotiated afterwards
(CAN-2004-0885).
- Fixed more printf(3) style format string bugs (not security
related) which could crash the server if mod_ssl's trace
or debug log level is enabled.
To generate a diff of this commit:
cvs rdiff -r1.83 -r1.84 pkgsrc/www/ap-ssl/Makefile
cvs rdiff -r1.22 -r1.23 pkgsrc/www/ap-ssl/distinfo
To generate a diff of this commit:
cvs rdiff -r1.1.2.9 -r1.1.2.10 pkgsrc/doc/CHANGES-pkgsrc-2004Q3
cvs rdiff -r1.82 -r1.82.2.1 pkgsrc/www/ap-ssl/Makefile
cvs rdiff -r1.22 -r1.22.2.1 pkgsrc/www/ap-ssl/distinfo
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.