Date: Sat, 03 Jan 2015 08:21:30 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 196458] spampd and perl5.18 Message-ID: <bug-196458-13@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=196458 Bug ID: 196458 Summary: spampd and perl5.18 Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Many People Priority: --- Component: Individual Port(s) Assignee: freebsd-ports-bugs@FreeBSD.org Reporter: vfx9as@gmail.com Error log Insecure dependency in open while running with -T switch at /usr/local/lib/perl5/site_perl/Net/Server/Daemonize.pm line 75. at line 179 in file /usr/local/lib/perl5/site_perl/Net/Server.pm patch --- spampd.org 2015-01-03 16:30:31.000000000 +0900 +++ spampd 2015-01-03 17:17:23.000000000 +0900 @@ -819,6 +819,22 @@ usage(0) if $options{help}; +# Untaint some options provided by admin command line. +$pidfile =~ /^(.*)$/; +$pidfile = $1; + +$relayhost =~ /^(.*)$/; +$relayhost = $1; + +$relayport =~ /^(.*)$/; +$relayport = $1; + +$host =~ /^(.*)$/; +$host = $1; + +$port =~ /^(.*)$/; +$port = $1; + if ( $logsock !~ /^(unix|inet)$/ ) { print "--logsock parameter needs to be either unix or inet\n\n"; usage(0); -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-196458-13>