Bug 97364 - [update] www/awstats to 6.6
Summary: [update] www/awstats to 6.6
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: Michael Landin
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2006-05-16 21:10 UTC by Greg Armer
Modified: 2006-06-02 16:36 UTC (History)
1 user (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Greg Armer 2006-05-16 21:10:12 UTC
	Update released by AWStats fixing current command injection vulnerability.

	http://awstats.sourceforge.net/awstats_security_news.php

Fix: 

Update Port. Thanks.
Comment 1 Edwin Groothuis freebsd_committer 2006-05-16 21:12:16 UTC
State Changed
From-To: open->feedback

Awaiting maintainers feedback
Comment 2 takefu 2006-05-22 03:29:30 UTC
>Submitter-Id:  current-users
>Originator:    Takefu Kenji
>Organization:
>Confidential:  no
>Synopsis:      [PATCH] www/awstats: update to 6.6
>Severity:      non-critical
>Priority:      low
>Category:      ports
>Class:         update
>Release:       FreeBSD 6.1-RELEASE i386
>Environment:
System: FreeBSD portstest 6.1-RELEASE FreeBSD 6.1-RELEASE #0: Thu May 11 10:13:37 JST 2006
>Description:
- Update to 6.6

Generated with FreeBSD Port Tools 0.77
>How-To-Repeat:
>Fix:

--- awstats-6.6.patch begins here ---
diff -ruN --exclude=CVS /usr/ports/www/awstats/Makefile /usr/ports/www/awstats66/Makefile
--- /usr/ports/www/awstats/Makefile     Wed May 10 09:37:38 2006
+++ /usr/ports/www/awstats66/Makefile   Fri May 19 16:59:16 2006
@@ -6,16 +6,17 @@
 #

 PORTNAME=      awstats
-PORTVERSION=   6.5
-PORTREVISION=  1
+PORTVERSION=   6.6
 CATEGORIES=    www
-MASTER_SITES=  ${MASTER_SITE_SOURCEFORGE}
+MASTER_SITES=  http://awstats.sourceforge.net/files/ \
+               ${MASTER_SITE_SOURCEFORGE}
 MASTER_SITE_SUBDIR=    ${PORTNAME}

 MAINTAINER=    webmaster@shopcusa.com
 COMMENT=       Free real-time logfile analyzer to get advanced web statistics

-FORBIDDEN=     Command Injection Vulnerability

 RUN_DEPENDS=   ${SITE_PERL}/Net/XWhois.pm:${PORTSDIR}/net/p5-Net-XWhois

@@ -73,7 +74,7 @@
        ${INSTALL_SCRIPT} ${WRKSRC}/tools/logresolvemerge.pl ${PREFIX}/www/awstats/tools
        ${INSTALL_SCRIPT} ${WRKSRC}/tools/maillogconvert.pl ${PREFIX}/www/awstats/tools
        ${INSTALL_SCRIPT} ${WRKSRC}/tools/urlaliasbuilder.pl ${PREFIX}/www/awstats/tools
-       ${INSTALL_SCRIPT} ${WRKSRC}/tools/webmin/awstats-1.6.wbm ${PREFIX}/www/awstats/tools/webmin
+       ${INSTALL_SCRIPT} ${WRKSRC}/tools/webmin/awstats-1.7.wbm ${PREFIX}/www/awstats/tools/webmin
        ${INSTALL_SCRIPT} ${WRKSRC}/wwwroot/cgi-bin/awredir.pl ${PREFIX}/www/awstats/cgi-bin
        ${INSTALL_DATA} ${WRKSRC}/wwwroot/cgi-bin/awstats.model.conf ${PREFIX}/www/awstats/cgi-bin
        ${INSTALL_SCRIPT} ${WRKSRC}/wwwroot/cgi-bin/awstats.pl ${PREFIX}/www/awstats/cgi-bin
diff -ruN --exclude=CVS /usr/ports/www/awstats/distinfo /usr/ports/www/awstats66/distinfo
--- /usr/ports/www/awstats/distinfo     Tue Feb  7 10:31:19 2006
+++ /usr/ports/www/awstats66/distinfo   Fri May 19 16:52:44 2006
@@ -1,3 +1,3 @@
-MD5 (awstats-6.5.tar.gz) = aef00b2ff5c5413bd2a868299cabd69a
-SHA256 (awstats-6.5.tar.gz) = 08a63a30c5be698a164c957b3d68e8bacafc0c86ab72458382584d9f8b45bd2c
-SIZE (awstats-6.5.tar.gz) = 1051780
+MD5 (awstats-6.6.tar.gz) = c9b65c5a58011fdb4ec611feec17eee4
+SHA256 (awstats-6.6.tar.gz) = 34776a2f487049e2909a399fb03b79ca10e720623fc24ec9051904315efad8ca
+SIZE (awstats-6.6.tar.gz) = 1059148
diff -ruN --exclude=CVS /usr/ports/www/awstats/pkg-plist /usr/ports/www/awstats66/pkg-plist
--- /usr/ports/www/awstats/pkg-plist    Thu Feb 23 11:11:29 2006
+++ /usr/ports/www/awstats66/pkg-plist  Fri May 19 17:15:20 2006
@@ -650,7 +650,7 @@
 www/awstats/tools/logresolvemerge.pl
 www/awstats/tools/maillogconvert.pl
 www/awstats/tools/urlaliasbuilder.pl
-www/awstats/tools/webmin/awstats-1.6.wbm
+www/awstats/tools/webmin/awstats-1.7.wbm
 @dirrm www/awstats/tools/webmin
 @dirrm www/awstats/tools
 @dirrm www/awstats/js
--- awstats-6.6.patch ends here ---
Comment 3 Matthew Seaman 2006-06-02 12:58:09 UTC
Edwin Groothuis wrote:
> Synopsis: [update] www/awstats to 6.6
> 
> State-Changed-From-To: open->feedback
> State-Changed-By: edwin
> State-Changed-When: Tue May 16 20:12:16 UTC 2006
> State-Changed-Why: 
> Awaiting maintainers feedback
> 
> http://www.freebsd.org/cgi/query-pr.cgi?pr=97364
> _______________________________________________
> freebsd-ports-bugs@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs
> To unsubscribe, send any mail to "freebsd-ports-bugs-unsubscribe@freebsd.org"


Given the nature of the security vulnerability in awstats-6.5 can I petition
for this to be considered a Maintainer Timeout and to have this update committed
please?  It's been more than the two weeks prescribed in the Porter's Handbook.

	Cheers,

	Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.                       Flat 3
                                                      7 Priory Courtyard
PGP: http://www.infracaninophile.co.uk/pgpkey         Ramsgate
                                                      Kent, CT11 9PW, UK
Comment 4 Michael Landin freebsd_committer 2006-06-02 14:04:30 UTC
Responsible Changed
From-To: freebsd-ports-bugs->mich

Grab!
Comment 5 Michael Landin freebsd_committer 2006-06-02 16:36:39 UTC
State Changed
From-To: feedback->closed

Committed, thanks !