[MacPorts] #38452: Information disclosure vulnerability with apache2 and other web servers

MacPorts noreply at macports.org
Wed Mar 20 14:38:19 PDT 2013


#38452: Information disclosure vulnerability with apache2 and other web servers
-------------------------+--------------------------------
  Reporter:  vikingjs@…  |      Owner:  macports-tickets@…
      Type:  defect      |     Status:  new
  Priority:  High        |  Milestone:
 Component:  ports       |    Version:  2.1.3
Resolution:              |   Keywords:
      Port:  apache2     |
-------------------------+--------------------------------

Comment (by ryandesign@…):

 Replying to [comment:1 dluke@…]:
 > I would be nice to have a macports port of mod_hfs_apple (probably from
 here http://opensource.apple.com/source/apache_mod_hfs_apple/) I'm not
 sure if the latest version there (11) has the fix for CVE-2013-0966,
 though.

 I doubt it since it was last modified in 2011.

 Replying to [comment:10 egall@…]:
 > I agree that Apache should provide a secure web server out of the box
 but I think we should port mod_hfs_apple anyway, regardless of this issue.

 Let's have a separate ticket for that.

-- 
Ticket URL: <https://trac.macports.org/ticket/38452#comment:11>
MacPorts <http://www.macports.org/>
Ports system for OS X


More information about the macports-tickets mailing list