Awstats 5.5 is known have a command injection vulnerability. I backported fix for this problems from cvs version and put it as patch file. I`m sure that this fix security problems with awstats so port can be unbroken. Also i decided to maintain this port, because i`m using awstats and can support it.
thierry 2006-11-02 09:22:26 UTC FreeBSD ports repository Modified files: www/awstats Makefile Added files: www/awstats/files patch-awstats.pl-security Log: - Fix patch-awstats.pl-security.orig; - Take maintainership. PR: ports/104784 Submitted by: Alex Samorukov <samm (at) os2.kiev.ua> Security: VuXML ID e86fbb5f-0d04-11da-bc08-0001020eed82 Revision Changes Path 1.35 +2 -6 ports/www/awstats/Makefile 1.1 +91 -0 ports/www/awstats/files/patch-awstats.pl-security (new) _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
State Changed From-To: open->closed Committed, thanks!