Date: Thu, 29 Mar 2012 23:40:41 GMT From: Efren Yevale <syavne@gmail.com> To: freebsd-gnats-submit@FreeBSD.org Subject: i386/166506: prewikka bug using [auth cgi] Message-ID: <201203292340.q2TNefho072059@red.freebsd.org> Resent-Message-ID: <201203292350.q2TNo98U057821@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 166506 >Category: i386 >Synopsis: prewikka bug using [auth cgi] >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-i386 >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Mar 29 23:50:08 UTC 2012 >Closed-Date: >Last-Modified: >Originator: Efren Yevale >Release: 9.0 >Organization: Personal >Environment: FreeBSD dtimonitor 9.0-RELEASE FreeBSD 9.0-RELEASE #0: Tue Jan 3 07:15:25 UTC 2012 root@obrian.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386 >Description: There is an exception with CGI Authentication and it is documented in the following link: http://permalink.gmane.org/gmane.comp.security.ids.prelude.cvs/8883 >How-To-Repeat: Just install prewikka: cd /usr/ports/www/py-prewikka make install clean And edit the configuration file to rely on webserver for user authentication removing the comment from the following line: # [auth cgi] >Fix: The patch is in the following link, it works: http://permalink.gmane.org/gmane.comp.security.ids.prelude.cvs/8883 >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201203292340.q2TNefho072059>