From owner-freebsd-questions@FreeBSD.ORG  Wed Mar  3 07:28:28 2004
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 93F2716A4CE; Wed,  3 Mar 2004 07:28:28 -0800 (PST)
Received: from mailout1.informatik.tu-muenchen.de
	(mailout1.informatik.tu-muenchen.de [131.159.0.18])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 04EA343D2F; Wed,  3 Mar 2004 07:28:28 -0800 (PST)
	(envelope-from barner@in.tum.de)
Received: by zi025.glhnet.mhn.de (Postfix, from userid 1000)
	id E835455B4; Wed,  3 Mar 2004 16:28:25 +0100 (CET)
Date: Wed, 3 Mar 2004 16:28:25 +0100
From: Simon Barner <barner@in.tum.de>
To: rfa@msumain.edu.ph
Message-ID: <20040303152825.GA427@zi025.glhnet.mhn.de>
References: <3665.203.177.105.170.1078314472.squirrel@bayok.msumain.edu.ph>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="XsQoSWH+UP9D9v3l"
Content-Disposition: inline
In-Reply-To: <3665.203.177.105.170.1078314472.squirrel@bayok.msumain.edu.ph>
User-Agent: Mutt/1.5.5.1i
X-Virus-Scanned: by amavisd-new at informatik.tu-muenchen.de
cc: ports@FreeBSD.org
cc: freebsd-questions@freebsd.org
Subject: Re: phpnuke forbidden, how to install?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Mar 2004 15:28:28 -0000


--XsQoSWH+UP9D9v3l
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

rfa@msumain.edu.ph wrote:
> i wanted to install phpnuke for content but after cvsuping i found out th=
at
>=20
> =3D=3D=3D>  phpnuke-6.9 is forbidden: SQL injection vulnerability in Php-=
Nuke <=3D
> 7.1.0.

Hi,

I have created a patch that contains the security fixes from the web
site.

It's available here:

http://home.leo.org/~barner/phpnuke-sec-fixes.patch.bz2

Could you please test whether phpnuke works as exspected after applying
the patch?

 cd /usr/ports/www
 cat /path/to/phpnuke-sec-fixes.patch.bz2 | bunzip2 | patch -p
 cd phpnuke
 find . -name "*.orig" -exec rm {} \;
 make build

If your tests are successfull, I will file a PR in order to the the port
updated.

Simon

--XsQoSWH+UP9D9v3l
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)

iD8DBQFARfmZCkn+/eutqCoRAl40AKDHGSINJugCsqSDY8Mtcge4VPOiWwCgqM3w
AJ3Z3NLGPkE4vJ7vrl//clk=
=BJqi
-----END PGP SIGNATURE-----

--XsQoSWH+UP9D9v3l--