Florian Smeets abbf32d4b2 - Update backports patch to 20121114 ... - Bump PORTREVISION Changes: - CVE-2006-7243 PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php\0.jpg at the end of the argument to the file_exists function Secuity 3761df02-0f9c-11e0-becc-0022156e8794 fixed by check in fopen functions for strlen(filename) != filename_len - CVE-2012-4388 The sapi_header_op function in main/SAPI.c does not properly determine a pointer during checks for %0D sequences (aka carriage return characters), which allows remote attackers to bypass an HTTP response-splitting protection mechanism via a crafted URL, this vulnerability exists because of an incorrect fix for CVE-2011-1398. - Timezone database updated to version 2012.9 (2012i) PR: ports/173685 Submitted by: Svyatoslav Lempert <svyatoslav.lempert@gmail.com> Approved by: maintainer Feature safe: yes		2012-11-25 15:42:22 +00:00
..
files
distinfo	Update the distinfo as upstream has changed.	2012-10-15 22:31:39 +00:00
Makefile	- update apache22 to version 2.22.23	2012-11-02 18:45:31 +00:00
pkg-descr
pkg-plist
vuln.xml	- Update backports patch to 20121114	2012-11-25 15:42:22 +00:00