Bug 104784 - www/awstats - fix for the security problems
Summary: www/awstats - fix for the security problems
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: freebsd-ports-bugs (Nobody)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2006-10-25 07:30 UTC by Oleksii Samorukov
Modified: 2006-11-02 09:30 UTC (History)
1 user (show)

See Also:


Attachments
file.diff (7.32 KB, patch)
2006-10-25 07:30 UTC, Oleksii Samorukov
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Oleksii Samorukov freebsd_committer freebsd_triage 2006-10-25 07:30:19 UTC

Awstats 5.5 is known have a command injection vulnerability. I backported fix for this problems from cvs version and put it as patch file. I`m sure that this fix security problems with awstats so port can be unbroken. Also i decided to maintain this port, because i`m using awstats and can support it.
Comment 1 dfilter service freebsd_committer freebsd_triage 2006-11-02 09:22:32 UTC
thierry     2006-11-02 09:22:26 UTC

  FreeBSD ports repository

  Modified files:
    www/awstats          Makefile 
  Added files:
    www/awstats/files    patch-awstats.pl-security 
  Log:
  - Fix patch-awstats.pl-security.orig;
  
  - Take maintainership.
  
  PR:             ports/104784
  Submitted by:   Alex Samorukov <samm (at) os2.kiev.ua>
  Security:       VuXML ID e86fbb5f-0d04-11da-bc08-0001020eed82
  
  Revision  Changes    Path
  1.35      +2 -6      ports/www/awstats/Makefile
  1.1       +91 -0     ports/www/awstats/files/patch-awstats.pl-security (new)
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
Comment 2 Thierry Thomas freebsd_committer freebsd_triage 2006-11-02 09:23:02 UTC
State Changed
From-To: open->closed


Committed, thanks!