Bug 104784 - www/awstats - fix for the security problems
Summary: www/awstats - fix for the security problems
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: freebsd-ports-bugs (Nobody)
Depends on:
Reported: 2006-10-25 07:30 UTC by Oleksii Samorukov
Modified: 2006-11-02 09:30 UTC (History)
1 user (show)

See Also:

file.diff (7.32 KB, patch)
2006-10-25 07:30 UTC, Oleksii Samorukov
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Oleksii Samorukov freebsd_committer 2006-10-25 07:30:19 UTC

Awstats 5.5 is known have a command injection vulnerability. I backported fix for this problems from cvs version and put it as patch file. I`m sure that this fix security problems with awstats so port can be unbroken. Also i decided to maintain this port, because i`m using awstats and can support it.
Comment 1 dfilter service freebsd_committer 2006-11-02 09:22:32 UTC
thierry     2006-11-02 09:22:26 UTC

  FreeBSD ports repository

  Modified files:
    www/awstats          Makefile 
  Added files:
    www/awstats/files    patch-awstats.pl-security 
  - Fix patch-awstats.pl-security.orig;
  - Take maintainership.
  PR:             ports/104784
  Submitted by:   Alex Samorukov <samm (at) os2.kiev.ua>
  Security:       VuXML ID e86fbb5f-0d04-11da-bc08-0001020eed82
  Revision  Changes    Path
  1.35      +2 -6      ports/www/awstats/Makefile
  1.1       +91 -0     ports/www/awstats/files/patch-awstats.pl-security (new)
cvs-all@freebsd.org mailing list
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
Comment 2 Thierry Thomas freebsd_committer 2006-11-02 09:23:02 UTC
State Changed
From-To: open->closed

Committed, thanks!