summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLuca Longinotti <chtekk@gentoo.org>2006-05-30 15:17:33 +0000
committerLuca Longinotti <chtekk@gentoo.org>2006-05-30 15:17:33 +0000
commitbcd5c19be1601f4c25c86e8b79763ab34dae4d0b (patch)
tree8712cae069aebc060128753c64691ad6f3272328 /net-www
parentFix security bug. (diff)
downloadhistorical-bcd5c19be1601f4c25c86e8b79763ab34dae4d0b.tar.gz
historical-bcd5c19be1601f4c25c86e8b79763ab34dae4d0b.tar.bz2
historical-bcd5c19be1601f4c25c86e8b79763ab34dae4d0b.zip
Fix security bug.
Package-Manager: portage-2.1_rc1-r3
Diffstat (limited to 'net-www')
-rw-r--r--net-www/awstats/Manifest58
-rw-r--r--net-www/awstats/awstats-6.3-r2.ebuild134
-rw-r--r--net-www/awstats/files/awstats-6.3-CAN-2005-0363.diff20
-rw-r--r--net-www/awstats/files/digest-awstats-6.3-r22
4 files changed, 23 insertions, 191 deletions
diff --git a/net-www/awstats/Manifest b/net-www/awstats/Manifest
index 5050117b1338..c23fef3c9050 100644
--- a/net-www/awstats/Manifest
+++ b/net-www/awstats/Manifest
@@ -1,63 +1,51 @@
------BEGIN PGP SIGNED MESSAGE-----
-Hash: SHA1
-
-AUX awstats-6.3-CAN-2005-0363.diff 1243 RMD160 8ef54cd0de5368d41036f35b66124d68da0027b5 SHA1 6a621ae5755c60cdc9ca621c29b523f56520c4a7 SHA256 98ef23635eda95886ef00202d4f882acd505dc6d7560b9b8366e40eb12b8bec3 size 1243
-MD5 8f8b0ad336b5066db17452db770ed878 files/awstats-6.3-CAN-2005-0363.diff 1243
-RMD160 8ef54cd0de5368d41036f35b66124d68da0027b5 files/awstats-6.3-CAN-2005-0363.diff 1243
-SHA256 98ef23635eda95886ef00202d4f882acd505dc6d7560b9b8366e40eb12b8bec3 files/awstats-6.3-CAN-2005-0363.diff 1243
AUX awstats-6.3-gentoo.diff 1219 RMD160 8c6ea2a093c231043674f8f14bc4332cfeeee930 SHA1 8a1971c0e710cec05004a7e94461f83f77b2fd1a SHA256 0de073550f021a93d883c307f999b4b6ead1abf3a587118e2e01578907d15814 size 1219
MD5 7a52d3f65ff7220a519056716d460ecd files/awstats-6.3-gentoo.diff 1219
RMD160 8c6ea2a093c231043674f8f14bc4332cfeeee930 files/awstats-6.3-gentoo.diff 1219
SHA256 0de073550f021a93d883c307f999b4b6ead1abf3a587118e2e01578907d15814 files/awstats-6.3-gentoo.diff 1219
+AUX awstats-6.5-CVE-2006-2237-CVE-2006-1945.diff 5768 RMD160 caabac08750825dc78c74a2977aa13673d17b691 SHA1 ed5e5cd94c8aa75335e8eb408c8dc4be0e57ae3e SHA256 5e05aa52338a56068f781c695b3d40c85853a44ef60f2f895f680103a31e26a6 size 5768
+MD5 0adb6df6c9805ff727f95e68b9ecb35f files/awstats-6.5-CVE-2006-2237-CVE-2006-1945.diff 5768
+RMD160 caabac08750825dc78c74a2977aa13673d17b691 files/awstats-6.5-CVE-2006-2237-CVE-2006-1945.diff 5768
+SHA256 5e05aa52338a56068f781c695b3d40c85853a44ef60f2f895f680103a31e26a6 files/awstats-6.5-CVE-2006-2237-CVE-2006-1945.diff 5768
AUX postinst-en.txt 5049 RMD160 e95456f3254699bb14a27d20ae766fbd46147507 SHA1 fcce691131df0316a2ad1dc4c33e30a2dd82bfd7 SHA256 95bbc8d3ef9d7376fe743de4d8cb7aae3206550811a9ea4ea47513f34d578c1f size 5049
MD5 f881494a979cdea82d58e31b589d9a97 files/postinst-en.txt 5049
RMD160 e95456f3254699bb14a27d20ae766fbd46147507 files/postinst-en.txt 5049
SHA256 95bbc8d3ef9d7376fe743de4d8cb7aae3206550811a9ea4ea47513f34d578c1f files/postinst-en.txt 5049
-DIST awstats-6.3-6.4-bugfixes.diff.gz 6321 size 6321
-DIST awstats-6.3.tgz 938794 size 938794
-DIST awstats-6.4.tgz 918435 size 918435
+DIST awstats-6.4.tgz 918435 RMD160 318b34afcb7f7e8a4d26d46344e37bcbe3a8460a SHA256 94ec0963dd88a4995ae63be675936da9d3dfaed0c0b0155c5c0400c989b6d294 size 918435
DIST awstats-6.5.tar.gz 972275 RMD160 f5bac64fe43a0629474203f4846a863a439416cf SHA256 2d536fac86e97b4ba22fc811753536a0081823136b3a337f5833a6ad04b6f7f1 size 972275
DIST awstats-6.6.tar.gz 1059148 RMD160 0b5e4e2ff718943065cdff81577ae9ca4f50a74d SHA256 34776a2f487049e2909a399fb03b79ca10e720623fc24ec9051904315efad8ca size 1059148
-EBUILD awstats-6.3-r2.ebuild 4045 RMD160 fb6d43f1ee8ea2f771c896bcc92a658245a27d2a SHA1 69a9540362c4609ac0f5e0975087c6cd85394fe2 SHA256 caa8332ab8c5adc65da772e2d7b4588d69128e05867c1459b39aa408f80ae4eb size 4045
-MD5 502c1c8521002d68b51c0f284f502004 awstats-6.3-r2.ebuild 4045
-RMD160 fb6d43f1ee8ea2f771c896bcc92a658245a27d2a awstats-6.3-r2.ebuild 4045
-SHA256 caa8332ab8c5adc65da772e2d7b4588d69128e05867c1459b39aa408f80ae4eb awstats-6.3-r2.ebuild 4045
EBUILD awstats-6.4.ebuild 3902 RMD160 13cb91db4cf5560be5c7f56cec048289172ff4b5 SHA1 212cbfb14aa817155b4c9bace0574812fe5aa861 SHA256 d7bf5f7c930d93bbe708a072a7086150c09f946aae4dd7d5cb3d7a825001cc93 size 3902
MD5 20f62215bbd9198ebf2a2cf3e51f2b19 awstats-6.4.ebuild 3902
RMD160 13cb91db4cf5560be5c7f56cec048289172ff4b5 awstats-6.4.ebuild 3902
SHA256 d7bf5f7c930d93bbe708a072a7086150c09f946aae4dd7d5cb3d7a825001cc93 awstats-6.4.ebuild 3902
+EBUILD awstats-6.5-r1.ebuild 4124 RMD160 15386f093b58947c8f2e850d84612aa33b8f1c4d SHA1 a62bf33b6479b375934f3ed4d1129a8136d2237e SHA256 8d4267f3e8e929c771358d47979094bd5981a4141a38ca3cf96ff2e04bbae960 size 4124
+MD5 52cf19eebb7313ec26f337c15a15ac3d awstats-6.5-r1.ebuild 4124
+RMD160 15386f093b58947c8f2e850d84612aa33b8f1c4d awstats-6.5-r1.ebuild 4124
+SHA256 8d4267f3e8e929c771358d47979094bd5981a4141a38ca3cf96ff2e04bbae960 awstats-6.5-r1.ebuild 4124
EBUILD awstats-6.5.ebuild 3979 RMD160 33fd9c204264a9f8a888de252a7da2bdc9d3c3c0 SHA1 772e54c36be37498921199c0505e69db0f192244 SHA256 6debe2aa768cb90b16d5c55afa54675032c9bd1543076430427fdfa45861b330 size 3979
MD5 100af87d4d2dc28d585f1a44561d6df6 awstats-6.5.ebuild 3979
RMD160 33fd9c204264a9f8a888de252a7da2bdc9d3c3c0 awstats-6.5.ebuild 3979
SHA256 6debe2aa768cb90b16d5c55afa54675032c9bd1543076430427fdfa45861b330 awstats-6.5.ebuild 3979
-EBUILD awstats-6.6.ebuild 4012 RMD160 a3b18d6b17bd6eb2f0a3bf34022ea25cf448f502 SHA1 898a84d309fdb8248e219386c04ddb550cab5c3b SHA256 ce7d01791f5f420e76f30b5028e48ef9969c50113061ad6a020a387391d1ad6e size 4012
-MD5 90907ea3aa64bcbb1cb471d0bc3b6bc9 awstats-6.6.ebuild 4012
-RMD160 a3b18d6b17bd6eb2f0a3bf34022ea25cf448f502 awstats-6.6.ebuild 4012
-SHA256 ce7d01791f5f420e76f30b5028e48ef9969c50113061ad6a020a387391d1ad6e awstats-6.6.ebuild 4012
-MISC ChangeLog 4930 RMD160 ef1a6c393cee0fc166779765d06eb8dca7f6a5f4 SHA1 31c3feb27c6e36da2b1673bff2d115b84927cffc SHA256 2d3b9113033573874fcf6d9efc2cc54bbd72577b203b44eca4bfb9ef7f9f02a4 size 4930
-MD5 1d58e6838242d5b0c7cd3cb72cd199c7 ChangeLog 4930
-RMD160 ef1a6c393cee0fc166779765d06eb8dca7f6a5f4 ChangeLog 4930
-SHA256 2d3b9113033573874fcf6d9efc2cc54bbd72577b203b44eca4bfb9ef7f9f02a4 ChangeLog 4930
+EBUILD awstats-6.6.ebuild 4029 RMD160 5b137cafc66a08c68034d697bf170c312dd9da73 SHA1 9e1aa2a00ee94313c337d2167f4a9f6ebbedcfcd SHA256 feca6dc5f535c30d5b3bd3d258cc92aaa2cce03406c1067cf1f36587021dcc80 size 4029
+MD5 1002fdc26c89d456b8a18c40f7560286 awstats-6.6.ebuild 4029
+RMD160 5b137cafc66a08c68034d697bf170c312dd9da73 awstats-6.6.ebuild 4029
+SHA256 feca6dc5f535c30d5b3bd3d258cc92aaa2cce03406c1067cf1f36587021dcc80 awstats-6.6.ebuild 4029
+MISC ChangeLog 5450 RMD160 dc1e3686bbf0cd2eef94a07877cfbbfdb867e42a SHA1 c1a617e9ecf49ed7e25e38756722df2bc5e868ab SHA256 aad9c2bc35588457fe6c333a499e8e1c458db0e8ba8ae32235f5d519ea8ba569 size 5450
+MD5 8d9b724981e132fc3066809a7dcba54e ChangeLog 5450
+RMD160 dc1e3686bbf0cd2eef94a07877cfbbfdb867e42a ChangeLog 5450
+SHA256 aad9c2bc35588457fe6c333a499e8e1c458db0e8ba8ae32235f5d519ea8ba569 ChangeLog 5450
MISC metadata.xml 255 RMD160 2110d243ad1031f4c62dd2693795205158d8aaf0 SHA1 906a9beb4201080eeb68c4663c55a48a2476c8a9 SHA256 fa1e1d64d93dcf37a9b736a9df5e8055e35229ef40a6be62d7e4ece99693b204 size 255
MD5 6bc2db5b1e135821863e91fa8658ad48 metadata.xml 255
RMD160 2110d243ad1031f4c62dd2693795205158d8aaf0 metadata.xml 255
SHA256 fa1e1d64d93dcf37a9b736a9df5e8055e35229ef40a6be62d7e4ece99693b204 metadata.xml 255
-MD5 70a086a2f452243a500aa67b1df7f26f files/digest-awstats-6.3-r2 135
-RMD160 0bb0707adf20821608361ca89dbc7c3a70e5003a files/digest-awstats-6.3-r2 135
-SHA256 0c1a3b6e0a7358c0f730819ff91e6cc897148813455930c8dd82fe86f233a749 files/digest-awstats-6.3-r2 135
-MD5 803faa3640a7aadd2fadbbd05968a45e files/digest-awstats-6.4 60
-RMD160 a5cb4431c5c6f6f162bee73832be0102a936af6e files/digest-awstats-6.4 60
-SHA256 a8b23337999b69851c96884afb2bc0b1037d17d2577bef0d7f385bb107a6f70e files/digest-awstats-6.4 60
+MD5 6c5c669daafc4ed45b8e2f8590c8693e files/digest-awstats-6.4 226
+RMD160 d7709add1cb0800245cc2b0e7e55986a84d92c2c files/digest-awstats-6.4 226
+SHA256 ca2c698be052cbd3b5d14f4758ef7fa23c80bd36df3d525227534fd527187890 files/digest-awstats-6.4 226
MD5 1203937f6de452d6ae4ba8465234ad36 files/digest-awstats-6.5 235
RMD160 90bdedc189c5aed52a424d277f85e6d233ac1082 files/digest-awstats-6.5 235
SHA256 1439cd174fa0bd63e3aa15cb6dc5e88beb6d126707730253d4dee65d948898dc files/digest-awstats-6.5 235
+MD5 1203937f6de452d6ae4ba8465234ad36 files/digest-awstats-6.5-r1 235
+RMD160 90bdedc189c5aed52a424d277f85e6d233ac1082 files/digest-awstats-6.5-r1 235
+SHA256 1439cd174fa0bd63e3aa15cb6dc5e88beb6d126707730253d4dee65d948898dc files/digest-awstats-6.5-r1 235
MD5 b633ea6035ee897e203aa48f2e167fba files/digest-awstats-6.6 238
RMD160 deaa6887542a8d0af85315176f2ab676a2e76813 files/digest-awstats-6.6 238
SHA256 02336412b5abcd4d831be5e2d6e580fb491f015f862ab5ad3f31c616fc08560b files/digest-awstats-6.6 238
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1.4.3 (GNU/Linux)
-
-iD8DBQFEb/FhCRZPokWLroQRApRwAKDfHSUv23mKmbiWBufpTNU5SMotfQCdEaU2
-T8b20MIVo4PjIdd95Kbyi/U=
-=6pC4
------END PGP SIGNATURE-----
diff --git a/net-www/awstats/awstats-6.3-r2.ebuild b/net-www/awstats/awstats-6.3-r2.ebuild
deleted file mode 100644
index f8139cce798f..000000000000
--- a/net-www/awstats/awstats-6.3-r2.ebuild
+++ /dev/null
@@ -1,134 +0,0 @@
-# Copyright 1999-2006 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-www/awstats/awstats-6.3-r2.ebuild,v 1.6 2006/02/13 15:03:17 mcummings Exp $
-
-inherit eutils webapp versionator
-
-DESCRIPTION="AWStats is a short for Advanced Web Statistics."
-HOMEPAGE="http://awstats.sourceforge.net/"
-SRC_URI="mirror://sourceforge/${PN}/${P}.tgz
- mirror://gentoo/${P}-6.4-bugfixes.diff.gz"
-RESTRICT="nomirror"
-
-LICENSE="GPL-2"
-KEYWORDS="~alpha ppc ~mips ~sparc x86 ~amd64"
-IUSE=""
-
-RDEPEND=">=dev-lang/perl-5.6.1
- >=media-libs/libpng-1.2
- virtual/perl-Time-Local
- net-www/apache"
-DEPEND="${RDEPEND}
- >=sys-apps/sed-4"
-
-src_unpack() {
- unpack ${A}
- cd ${S}
-
- # security bug 81775
- epatch ${FILESDIR}/${P}-CAN-2005-0363.diff
- epatch ${WORKDIR}/${P}-6.4-bugfixes.diff
-
- epatch ${FILESDIR}/${P}-gentoo.diff
-
- # change AWStats default installation directory to installation directory of Gentoo
- for file in tools/* wwwroot/cgi-bin/*; do
- if [[ -f "$file" ]]; then
- sed -i -e "s#/usr/local/awstats/wwwroot/cgi-bin#${MY_CGIBINDIR}#g" \
- -e "s#/usr/local/awstats/wwwroot/icon#${MY_HTDOCSDIR}/icon#g" \
- -e "s#/usr/local/awstats/wwwroot/plugins#${MY_HOSTROOTDIR}/plugins#g" \
- -e "s#/usr/local/awstats/wwwroot/classes#${MY_HTDOCSDIR}/classes#g" \
- -e "s#/usr/local/awstats/wwwroot#${MY_HTDOCSDIR}#g" \
- $file || die "sed $file failed"
- fi
- done
-
- local apachever=$(best_version net-www/apache)
- apachever="$(get_major_version ${apachever#*/*-})"
- [[ ${apachever} == "1" ]] && apachever=""
-
- # set default values for directories
- sed -i -e "s|^\(LogFile=\).*$|\1\"/var/log/apache${apachever}/access_log\"|" \
- -e "s|^\(SiteDomain=\).*$|\1\"localhost\"|" \
- -e "s|^\(DirIcons=\).*$|\1\"/awstats/icons\"|" \
- -e "s|^\(DirCgi=\).*$|\1\"/cgi-bin/awstats\"|" \
- ${S}/wwwroot/cgi-bin/awstats.model.conf || die "sed failed"
-
- # set version in postinst-en.txt
- sed -e "s/PVR/${PVR}/g" \
- ${FILESDIR}/postinst-en.txt > ${WORKDIR}/postinst-en.txt || die
-}
-
-src_install() {
- webapp_src_preinst
-
- # handle documentation files
- #
- # NOTE that doc files go into /usr/share/doc as normal; they do NOT
- # get installed per vhost!
-
- dohtml -r docs/*.html docs/*.xml docs/*.css docs/*.js docs/images
- dodoc README.TXT docs/COPYING.TXT docs/LICENSE.TXT
- newdoc wwwroot/cgi-bin/plugins/example/example.pm example_plugin.pm
- docinto xslt
- dodoc tools/xslt/*
-
- webapp_postinst_txt en ${WORKDIR}/postinst-en.txt
-
- keepdir /var/lib/awstats
-
- # Copy the app's main files
- exeinto ${MY_CGIBINDIR}
- doexe ${S}/wwwroot/cgi-bin/*.pl
-
- exeinto ${MY_HTDOCSDIR}/classes
- doexe ${S}/wwwroot/classes/*.jar
-
- # install language files, libraries and plugins
- mkdir -p ${D}${MY_CGIBINDIR}
- for dir in lang lib plugins; do
- cp -R ${S}/wwwroot/cgi-bin/${dir} ${D}${MY_CGIBINDIR}
- chmod 0755 ${D}${MY_CGIBINDIR}/${dir}
- done
-
- # install the app's www files
- mkdir -p ${D}${MY_HTDOCSDIR}
- for dir in icon css js; do
- cp -R ${S}/wwwroot/${dir} ${D}${MY_HTDOCSDIR}
- chmod 0755 ${D}${MY_HTDOCSDIR}/${dir}
- done
-
- # copy configuration file
- insinto /etc/awstats
- doins ${S}/wwwroot/cgi-bin/awstats.model.conf
-
- # create the data directory for awstats
- mkdir -p ${D}/${MY_HOSTROOTDIR}/datadir
-
- # install command line tools
- cd ${S}/tools
- dobin awstats_buildstaticpages.pl awstats_exportlib.pl \
- awstats_updateall.pl logresolvemerge.pl \
- maillogconvert.pl awstats_configure.pl
- newbin urlaliasbuilder.pl awstats_urlaliasbuilder.pl
-
- # all done
- #
- # now we let the eclass strut its stuff ;-)
-
- webapp_src_install
-}
-
-pkg_postinst() {
- einfo
- einfo "The AWStats-Manual is available either inside"
- einfo " the /usr/share/doc/${PF} - folder, or at"
- einfo " http://awstats.sourceforge.net/docs/index.html ."
- einfo
- ewarn "Copy the /etc/awstats/awstats.model.conf to"
- ewarn "/etc/awstats/awstats.<yourdomain>.conf and edit."
- ewarn "use the command"
- ewarn " webapp-config"
- ewarn "to install awstats for each virtual host. See proper man page."
-}
-
diff --git a/net-www/awstats/files/awstats-6.3-CAN-2005-0363.diff b/net-www/awstats/files/awstats-6.3-CAN-2005-0363.diff
deleted file mode 100644
index 9d00f6beb342..000000000000
--- a/net-www/awstats/files/awstats-6.3-CAN-2005-0363.diff
+++ /dev/null
@@ -1,20 +0,0 @@
---- awstats-6.3.orig/wwwroot/cgi-bin/awstats.pl 2005-01-22 11:34:38.000000000 -0500
-+++ awstats-6.3/wwwroot/cgi-bin/awstats.pl 2005-02-12 16:48:13.446660569 -0500
-@@ -5368,7 +5368,7 @@
- # No update but report by default when run from a browser
- $UpdateStats=($QueryString=~/update=1/i?1:0);
-
-- if ($QueryString =~ /config=([^&]+)/i) { $SiteConfig=&DecodeEncodedString("$1"); }
-+ if ($QueryString =~ /config=([^&]+)/i) { $SiteConfig=&Sanitize(&DecodeEncodedString("$1")); }
- if ($QueryString =~ /diricons=([^&]+)/i) { $DirIcons=&DecodeEncodedString("$1"); }
- if ($QueryString =~ /pluginmode=([^&]+)/i) { $PluginMode=&Sanitize(&DecodeEncodedString("$1")); }
- if ($QueryString =~ /configdir=([^&]+)/i) { $DirConfig=&Sanitize(&DecodeEncodedString("$1")); }
-@@ -5416,7 +5416,7 @@
- # Update with no report by default when run from command line
- $UpdateStats=1;
-
-- if ($QueryString =~ /config=([^&]+)/i) { $SiteConfig="$1"; }
-+ if ($QueryString =~ /config=([^&]+)/i) { $SiteConfig=&Sanitize("$1"); }
- if ($QueryString =~ /diricons=([^&]+)/i) { $DirIcons="$1"; }
- if ($QueryString =~ /pluginmode=([^&]+)/i) { $PluginMode=&Sanitize("$1"); }
- if ($QueryString =~ /configdir=([^&]+)/i) { $DirConfig=&Sanitize("$1"); }
diff --git a/net-www/awstats/files/digest-awstats-6.3-r2 b/net-www/awstats/files/digest-awstats-6.3-r2
deleted file mode 100644
index 66bc196d7de4..000000000000
--- a/net-www/awstats/files/digest-awstats-6.3-r2
+++ /dev/null
@@ -1,2 +0,0 @@
-MD5 edb73007530a5800d53b9f1f90c88053 awstats-6.3.tgz 938794
-MD5 0ca57aa572818f59b5809c43c4df56f5 awstats-6.3-6.4-bugfixes.diff.gz 6321