awstats-6.5_1,1 is forbidden: Command Injection Vulnerability.
chevy
quchifeng at gmail.com
Wed Aug 2 10:46:15 UTC 2006
Thank you very much,
thanks for Stanislav.
On 8/2/06, Babak Farrokhi <babak at farrokhi.net> wrote:
>
> Hi,
>
> Awstats-devel (which has solved this security issue) is in GNATS waiting
> for
> submission (PR ports/100162).
>
> -- Babak Farrokhi
>
> > -----Original Message-----
> > From: owner-freebsd-ports at freebsd.org [mailto:owner-freebsd-
> > ports at freebsd.org] On Behalf Of Stanislav Sedov
> > Sent: Wednesday, August 02, 2006 12:57 PM
> > To: freebsd-ports at freebsd.org
> > Subject: Re: awstats-6.5_1,1 is forbidden: Command Injection
> > Vulnerability.
> >
> > On Wed, 2 Aug 2006 17:17:16 +0800
> > chevy <quchifeng at gmail.com> mentioned:
> >
> > > mail# pwd
> > > /usr/ports/www/awstats
> > > mail# make fetch
> > > ===> awstats-6.5_1,1 is forbidden: Command Injection Vulnerability.
> > > *** Error code 1
> > >
> > > Stop in /usr/ports/www/awstats.
> > > please fix !! thank you !
> > >
> >
> > You should for vendor's fix or contact port maintainer - the fix might
> > be already here.
> >
> > Alternately you can comment-out FORBIDDEN line in the port's Makefile
> > and install port anyway if you are understanding what you are doing.
> >
> > --
> > Stanislav Sedov MBSD labs, Inc. <ssedov at mbsd.msk.ru>
> > Россия, Москва http://mbsd.msk.ru
> >
> > --------------------------------------------------------------------
> > If the facts don't fit the theory, change the facts. -- A. Einstein
> > --------------------------------------------------------------------
> > PGP fingerprint: F21E D6CC 5626 9609 6CE2 A385 2BF5 5993 EB26 9581
>
> _______________________________________________
> freebsd-ports at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-ports
> To unsubscribe, send any mail to "freebsd-ports-unsubscribe at freebsd.org"
>
--
Regards.
Chevy
More information about the freebsd-ports
mailing list