Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 15 Nov 2006 15:57:45 +0800
From:      LI Xin <delphij@delphij.net>
To:        "Simon L. Nielsen" <simon@FreeBSD.ORG>
Cc:        cvs-ports@FreeBSD.ORG, Xin LI <delphij@FreeBSD.ORG>, cvs-all@FreeBSD.ORG, ports-committers@FreeBSD.ORG
Subject:   Re: cvs commit: ports/security/vuxml vuln.xml
Message-ID:  <455AC879.1040505@delphij.net>
In-Reply-To: <20061114171000.GA1014@zaphod.nitro.dk>
References:  <200611141657.kAEGvI60088666@repoman.freebsd.org> <20061114171000.GA1014@zaphod.nitro.dk>
next in thread | previous in thread | raw e-mail | index | archive | help 
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig0FAAB35255DFEF84B725EF17
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

Simon L. Nielsen wrote:
> On 2006.11.14 16:57:17 +0000, Xin LI wrote:
>> delphij     2006-11-14 16:57:17 UTC
>>
>>   FreeBSD ports repository
>>
>>   Modified files:
>>     security/vuxml       vuln.xml=20
>>   Log:
>>   The Command Injection Vulnerability was corrected by awstats 6.5_2,1=
=2E
>>  =20
>>   Submitted by:   Alex Samorukov
>>   PR:             ports/105233
>=20
> Have you checked that the issues have really been fixed?

I believe that the problem documented as
2df297a2-dc74-11da-a22b-000c6ec775d9 is fixed, and the patch provided in
the ports tree should have fixed Hole #2 and #3 listed on the official
site, where hole #3 is beyond the scope of
2df297a2-dc74-11da-a22b-000c6ec775d9.

Cheers,
--=20
Xin LI <delphij@delphij.net>	http://www.delphij.net/
FreeBSD - The Power to Serve!


--------------enig0FAAB35255DFEF84B725EF17
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFWsh5OfuToMruuMARAxP2AJ0XJOpcIjOxd4lPFUBFSwx3qubX5wCfUGb2
0sz31RZsB14BY0xWP4qc6iA=
=cZl+
-----END PGP SIGNATURE-----

--------------enig0FAAB35255DFEF84B725EF17--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?455AC879.1040505>