Date: Wed, 15 Nov 2006 15:57:45 +0800 From: LI Xin <delphij@delphij.net> To: "Simon L. Nielsen" <simon@FreeBSD.ORG> Cc: cvs-ports@FreeBSD.ORG, Xin LI <delphij@FreeBSD.ORG>, cvs-all@FreeBSD.ORG, ports-committers@FreeBSD.ORG Subject: Re: cvs commit: ports/security/vuxml vuln.xml Message-ID: <455AC879.1040505@delphij.net> In-Reply-To: <20061114171000.GA1014@zaphod.nitro.dk> References: <200611141657.kAEGvI60088666@repoman.freebsd.org> <20061114171000.GA1014@zaphod.nitro.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] Simon L. Nielsen wrote: > On 2006.11.14 16:57:17 +0000, Xin LI wrote: >> delphij 2006-11-14 16:57:17 UTC >> >> FreeBSD ports repository >> >> Modified files: >> security/vuxml vuln.xml >> Log: >> The Command Injection Vulnerability was corrected by awstats 6.5_2,1. >> >> Submitted by: Alex Samorukov >> PR: ports/105233 > > Have you checked that the issues have really been fixed? I believe that the problem documented as 2df297a2-dc74-11da-a22b-000c6ec775d9 is fixed, and the patch provided in the ports tree should have fixed Hole #2 and #3 listed on the official site, where hole #3 is beyond the scope of 2df297a2-dc74-11da-a22b-000c6ec775d9. Cheers, -- Xin LI <delphij@delphij.net> http://www.delphij.net/ FreeBSD - The Power to Serve! [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFWsh5OfuToMruuMARAxP2AJ0XJOpcIjOxd4lPFUBFSwx3qubX5wCfUGb2 0sz31RZsB14BY0xWP4qc6iA= =cZl+ -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?455AC879.1040505>