From owner-freebsd-ports@FreeBSD.ORG  Thu Sep 16 13:59:46 2010
Return-Path: <owner-freebsd-ports@FreeBSD.ORG>
Delivered-To: freebsd-ports@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 7C311106566C
	for <freebsd-ports@freebsd.org>; Thu, 16 Sep 2010 13:59:46 +0000 (UTC)
	(envelope-from dan@langille.org)
Received: from nyi.unixathome.org (nyi.unixathome.org [64.147.113.42])
	by mx1.freebsd.org (Postfix) with ESMTP id 507348FC15
	for <freebsd-ports@freebsd.org>; Thu, 16 Sep 2010 13:59:46 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by nyi.unixathome.org (Postfix) with ESMTP id C4E72508AD;
	Thu, 16 Sep 2010 14:59:45 +0100 (BST)
X-Virus-Scanned: amavisd-new at unixathome.org
Received: from nyi.unixathome.org ([127.0.0.1])
	by localhost (nyi.unixathome.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id xwY9njhL8nbL; Thu, 16 Sep 2010 14:59:44 +0100 (BST)
Received: from nyi.unixathome.org (localhost [127.0.0.1])
	by nyi.unixathome.org (Postfix) with ESMTP id 1514B50869;
	Thu, 16 Sep 2010 14:59:44 +0100 (BST)
Received: from 68.64.144.221 (SquirrelMail authenticated user dan)
	by nyi.unixathome.org with HTTP; Thu, 16 Sep 2010 09:59:44 -0400
Message-ID: <afbcc6497518577c28219c95c1e86ab4.squirrel@nyi.unixathome.org>
In-Reply-To: <4C91A6A2.90602@yandex.ru>
References: <4C9176BD.3020903@langille.org> <4C91A6A2.90602@yandex.ru>
Date: Thu, 16 Sep 2010 09:59:44 -0400
From: "Dan Langille" <dan@langille.org>
To: "Ruslan Mahmatkhanov" <cvs-src@yandex.ru>
User-Agent: SquirrelMail/1.4.20-RC2
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
Cc: Dan Langille <dan@langille.org>, freebsd-ports@freebsd.org
Subject: Re: www/openx vuln
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
	<mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
	<mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Sep 2010 13:59:46 -0000


On Thu, September 16, 2010 1:09 am, Ruslan Mahmatkhanov wrote:
> 16.09.2010 05:45, Dan Langille пишет:
>> This came in last night: http://blog.openx.org/09/security-update/
>>
>> Port needs to be upgraded to 2.8.8 and a vuln entry created.... Sorry,
>> bags not me.
>>
>
> Until update is not come up, user can apply this workaround:
>
> echo "RemoveType .php" > www/images/.htaccess

Do you have a reference for this fix? A URL we can refer people to?

-- 
Dan Langille -- http://langille.org/