www/openx: CVE-2013-7149 no patch available?
arcade at b1t.name
Thu May 15 13:11:11 UTC 2014
07.05.2014 11:56, Alan Hicks wrote:
> On 06/05/2014 20:26, Volodymyr Kostyrko wrote:
>> Hi all.
>> In case anyone is still using www/openx.
>> Does anyone know about any patches for this issue? Had anyone patched
>> openx by himself?
> The project has moved to https://github.com/revive-adserver
> Although I have patched my copy of OpenX for both the vulnerability and
> PostgreSQL support, there was no interest from the people at
> revive-adserver, though they have since patched the vulnerability.
> Having almost completed the removal of OpenX from my servers there is
> little interest in supporting it. Original patch attached for reference.
Thanks, I'll try to move to revive-adserver. Already filed a PR with a
Sphinx of black quartz, judge my vow.
More information about the freebsd-ports