rpms/awstats/F-10 awstats-6.8-CVE-2008-3714-debian.patch, NONE, 1.1 awstats.spec, 1.24, 1.25 awstats-6.8-CVE-2008-3714.patch, 1.1, NONE

Aurelien Bompard abompard at fedoraproject.org
Sat Dec 6 09:32:50 UTC 2008 

Author: abompard

Update of /cvs/pkgs/rpms/awstats/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv10122/F-10

Modified Files:
	awstats.spec 
Added Files:
	awstats-6.8-CVE-2008-3714-debian.patch 
Removed Files:
	awstats-6.8-CVE-2008-3714.patch 
Log Message:
* Sat Dec 06 2008 Aurelien Bompard <abompard at fedoraproject.org> 6.8-3
- Use Debian's patch for CVE-2008-3714 (rh#474396)


awstats-6.8-CVE-2008-3714-debian.patch:

--- NEW FILE awstats-6.8-CVE-2008-3714-debian.patch ---
diff -up ./wwwroot/cgi-bin/awstats.pl.CVE-2008-3714 ./wwwroot/cgi-bin/awstats.pl
--- ./wwwroot/cgi-bin/awstats.pl.CVE-2008-3714	2008-12-06 10:19:42.000000000 +0100
+++ ./wwwroot/cgi-bin/awstats.pl	2008-12-06 10:21:01.000000000 +0100
@@ -4407,6 +4407,7 @@ sub DecodeEncodedString {
 	my $stringtodecode=shift;
 	$stringtodecode =~ tr/\+/ /s;
 	$stringtodecode =~ s/%([A-F0-9][A-F0-9])/pack("C", hex($1))/ieg;
+	$stringtodecode =~ s/["']//g;
 	return $stringtodecode;
 }
 


Index: awstats.spec
===================================================================
RCS file: /cvs/pkgs/rpms/awstats/F-10/awstats.spec,v
retrieving revision 1.24
retrieving revision 1.25
diff -u -r1.24 -r1.25
--- awstats.spec	23 Aug 2008 06:00:04 -0000	1.24
+++ awstats.spec	6 Dec 2008 09:32:20 -0000	1.25
@@ -1,6 +1,6 @@
 Name:       awstats
 Version:    6.8
-Release:    2%{?dist}
+Release:    3%{?dist}
 Summary:    Advanced Web Statistics
 License:    GPLv2
 Group:      Applications/Internet
@@ -8,7 +8,7 @@
 Source0:    http://dl.sf.net/awstats/awstats-%{version}.tar.gz
 #Source0:    http://awstats.sourceforge.net/files/awstats-6.6.tar.gz
 # http://awstats.cvs.sourceforge.net/awstats/awstats/wwwroot/cgi-bin/awstats.pl?r1=1.910&r2=1.912&view=patch
-Patch0:     awstats-6.8-CVE-2008-3714.patch
+Patch0:     awstats-6.8-CVE-2008-3714-debian.patch
 
 BuildArch:  noarch
 BuildRoot:  %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -41,9 +41,7 @@
 
 %prep
 %setup -q
-pushd wwwroot/cgi-bin/
 %patch0 -p0 -b .CVE-2008-3714
-popd
 # Fix style sheets.
 perl -pi -e 's,/icon,/awstatsicons,g' wwwroot/css/*
 # Fix some bad file permissions here for convenience.
@@ -163,6 +161,9 @@
 
 
 %changelog
+* Sat Dec 06 2008 Aurelien Bompard <abompard at fedoraproject.org> 6.8-3
+- Use Debian's patch for CVE-2008-3714 (rh#474396)
+
 * Sat Aug 23 2008 Aurelien Bompard <abompard at fedoraproject.org> 6.8-2
 - Add upstream patch for CVE-2008-3714
 


--- awstats-6.8-CVE-2008-3714.patch DELETED ---

More information about the fedora-extras-commits mailing list