awstats-6.5_1,1 is forbidden: Command Injection Vulnerability.
Babak Farrokhi
babak at farrokhi.net
Wed Aug 2 10:16:08 UTC 2006
Hi,
Awstats-devel (which has solved this security issue) is in GNATS waiting for
submission (PR ports/100162).
-- Babak Farrokhi
> -----Original Message-----
> From: owner-freebsd-ports at freebsd.org [mailto:owner-freebsd-
> ports at freebsd.org] On Behalf Of Stanislav Sedov
> Sent: Wednesday, August 02, 2006 12:57 PM
> To: freebsd-ports at freebsd.org
> Subject: Re: awstats-6.5_1,1 is forbidden: Command Injection
> Vulnerability.
>
> On Wed, 2 Aug 2006 17:17:16 +0800
> chevy <quchifeng at gmail.com> mentioned:
>
> > mail# pwd
> > /usr/ports/www/awstats
> > mail# make fetch
> > ===> awstats-6.5_1,1 is forbidden: Command Injection Vulnerability.
> > *** Error code 1
> >
> > Stop in /usr/ports/www/awstats.
> > please fix !! thank you !
> >
>
> You should for vendor's fix or contact port maintainer - the fix might
> be already here.
>
> Alternately you can comment-out FORBIDDEN line in the port's Makefile
> and install port anyway if you are understanding what you are doing.
>
> --
> Stanislav Sedov MBSD labs, Inc. <ssedov at mbsd.msk.ru>
> Россия, Москва http://mbsd.msk.ru
>
> --------------------------------------------------------------------
> If the facts don't fit the theory, change the facts. -- A. Einstein
> --------------------------------------------------------------------
> PGP fingerprint: F21E D6CC 5626 9609 6CE2 A385 2BF5 5993 EB26 9581
More information about the freebsd-ports
mailing list