From owner-freebsd-ports@FreeBSD.ORG Wed Aug 2 09:27:35 2006 Return-Path: X-Original-To: freebsd-ports@freebsd.org Delivered-To: freebsd-ports@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 47BEC16A4DD for ; Wed, 2 Aug 2006 09:27:35 +0000 (UTC) (envelope-from ssedov@mbsd.msk.ru) Received: from com1.ht-systems.ru (com1.ht-systems.ru [83.97.104.204]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4880543D4C for ; Wed, 2 Aug 2006 09:27:31 +0000 (GMT) (envelope-from ssedov@mbsd.msk.ru) Received: from [217.118.83.1] (helo=fonon.realnet) by com1.ht-systems.ru with esmtpa (Exim 4.62) (envelope-from ) id 1G8D8Y-0002r5-QM for freebsd-ports@freebsd.org; Wed, 02 Aug 2006 13:35:36 +0400 Received: from localhost (localhost [127.0.0.1]) by fonon.realnet (Postfix) with ESMTP id 2642311F64 for ; Wed, 2 Aug 2006 13:27:07 +0400 (MSD) Date: Wed, 2 Aug 2006 13:27:05 +0400 From: Stanislav Sedov To: freebsd-ports@freebsd.org Message-ID: <20060802132705.375bab36@localhost> In-Reply-To: <56729ea90608020217k750a12e3h3f35c8c6caf136cf@mail.gmail.com> References: <56729ea90608020217k750a12e3h3f35c8c6caf136cf@mail.gmail.com> Organization: MBSD labs, Inc. X-Operating-System: FreeBSD X-Mailer: carrier-pigeon Mime-Version: 1.0 Content-Type: multipart/signed; boundary=Sig_TW8HIM.Q99gQebmTceXqm9z; protocol="application/pgp-signature"; micalg=PGP-SHA1 X-Spam-Flag: SKIP X-Spam-Yversion: Spamooborona 1.6.0 Subject: Re: awstats-6.5_1,1 is forbidden: Command Injection Vulnerability. X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Aug 2006 09:27:35 -0000 --Sig_TW8HIM.Q99gQebmTceXqm9z Content-Type: text/plain; charset=KOI8-R Content-Transfer-Encoding: quoted-printable On Wed, 2 Aug 2006 17:17:16 +0800 chevy mentioned: > mail# pwd > /usr/ports/www/awstats > mail# make fetch > =3D=3D=3D> awstats-6.5_1,1 is forbidden: Command Injection Vulnerability. > *** Error code 1 >=20 > Stop in /usr/ports/www/awstats. > please fix !! thank you ! >=20 You should for vendor's fix or contact port maintainer - the fix might be already here. Alternately you can comment-out FORBIDDEN line in the port's Makefile and install port anyway if you are understanding what you are doing. --=20 Stanislav Sedov MBSD labs, Inc. =F2=CF=D3=D3=C9=D1, =ED=CF=D3=CB=D7=C1 http://mbsd.msk.ru -------------------------------------------------------------------- If the facts don't fit the theory, change the facts. -- A. Einstein -------------------------------------------------------------------- PGP fingerprint: F21E D6CC 5626 9609 6CE2 A385 2BF5 5993 EB26 9581 --Sig_TW8HIM.Q99gQebmTceXqm9z Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (FreeBSD) iD8DBQFE0G/qK/VZk+smlYERArovAJ9KQZ/qrQuZJjDUpYs62IwjuBwljQCfcHeg WN4uuaF+Gd8Fqoh8q1edBmo= =thCx -----END PGP SIGNATURE----- --Sig_TW8HIM.Q99gQebmTceXqm9z--