Simon L. Nielsen wrote: > On 2006.11.14 16:57:17 +0000, Xin LI wrote: >> delphij 2006-11-14 16:57:17 UTC >> >> FreeBSD ports repository >> >> Modified files: >> security/vuxml vuln.xml >> Log: >> The Command Injection Vulnerability was corrected by awstats 6.5_2,1. >> >> Submitted by: Alex Samorukov >> PR: ports/105233 > > Have you checked that the issues have really been fixed?
I believe that the problem documented as 2df297a2-dc74-11da-a22b-000c6ec775d9 is fixed, and the patch provided in the ports tree should have fixed Hole #2 and #3 listed on the official site, where hole #3 is beyond the scope of 2df297a2-dc74-11da-a22b-000c6ec775d9. Cheers, -- Xin LI <[EMAIL PROTECTED]> http://www.delphij.net/ FreeBSD - The Power to Serve!
signature.asc
Description: OpenPGP digital signature
