From owner-freebsd-questions@FreeBSD.ORG  Wed Mar  3 08:42:09 2004
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id B6D8A16A4CE; Wed,  3 Mar 2004 08:42:09 -0800 (PST)
Received: from mailout1.informatik.tu-muenchen.de
	(mailout1.informatik.tu-muenchen.de [131.159.0.18])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 296B443D2F; Wed,  3 Mar 2004 08:42:09 -0800 (PST)
	(envelope-from barner@in.tum.de)
Received: by zi025.glhnet.mhn.de (Postfix, from userid 1000)
	id 66D0C5627; Wed,  3 Mar 2004 17:41:32 +0100 (CET)
Date: Wed, 3 Mar 2004 17:41:32 +0100
From: Simon Barner <barner@in.tum.de>
To: ports@FreeBSD.org
Message-ID: <20040303164132.GC427@zi025.glhnet.mhn.de>
References: <3665.203.177.105.170.1078314472.squirrel@bayok.msumain.edu.ph>
	<40460606.6000805@fillmore-labs.com>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="lMM8JwqTlfDpEaS6"
Content-Disposition: inline
In-Reply-To: <40460606.6000805@fillmore-labs.com>
User-Agent: Mutt/1.5.5.1i
X-Virus-Scanned: by amavisd-new at informatik.tu-muenchen.de
cc: rfa@msumain.edu.ph
cc: freebsd-questions@FreeBSD.org
Subject: Re: phpnuke forbidden, how to install?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Mar 2004 16:42:09 -0000


--lMM8JwqTlfDpEaS6
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Oliver Eikemeier wrote:
> rfa@msumain.edu.ph wrote:
>=20
> >i wanted to install phpnuke for content but after cvsuping i found out t=
hat
> >
> >=3D=3D=3D>  phpnuke-6.9 is forbidden: SQL injection vulnerability in Php=
-Nuke <=3D
> >7.1.0.
> >
> >and i checked the phpnuke website, they have a patched version of phpnuk=
e.
>=20
> Where did you find that? I can't even find a security link.
>=20

He probably refers to the following two fixes from 2003 (from which I
produced my bad patch :((

http://www.phpnuke.org/modules.php?name=3DDownloads&d_op=3Dsearch&query=3Ds=
ecurity

Security Fixes for PHP-Nuke 6.0 (1+2).

Simon

--lMM8JwqTlfDpEaS6
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)

iD8DBQFARgq7Ckn+/eutqCoRAlKIAJ9PzSkiGHGqmz9JrufG2o3v2lxxuwCeOEx5
W7Dl732AUbqJDTZ5N+ZnT84=
=iON4
-----END PGP SIGNATURE-----

--lMM8JwqTlfDpEaS6--