rpms/awstats/F-9 awstats-6.8-CVE-2008-3714-debian.patch, NONE, 1.1 awstats.spec, 1.24, 1.25 awstats-6.8-CVE-2008-3714.patch, 1.1, NONE
Aurelien Bompard
abompard at fedoraproject.org
Sat Dec 6 09:32:51 UTC 2008
- Previous message (by thread): rpms/awstats/F-8 awstats-6.8-CVE-2008-3714-debian.patch, NONE, 1.1 awstats.spec, 1.24, 1.25 awstats-6.8-CVE-2008-3714.patch, 1.1, NONE
- Next message (by thread): rpms/awstats/devel awstats-6.8-CVE-2008-3714-debian.patch, NONE, 1.1 awstats.spec, 1.24, 1.25 awstats-6.8-CVE-2008-3714.patch, 1.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: abompard
Update of /cvs/pkgs/rpms/awstats/F-9
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv10122/F-9
Modified Files:
awstats.spec
Added Files:
awstats-6.8-CVE-2008-3714-debian.patch
Removed Files:
awstats-6.8-CVE-2008-3714.patch
Log Message:
* Sat Dec 06 2008 Aurelien Bompard <abompard at fedoraproject.org> 6.8-3
- Use Debian's patch for CVE-2008-3714 (rh#474396)
awstats-6.8-CVE-2008-3714-debian.patch:
--- NEW FILE awstats-6.8-CVE-2008-3714-debian.patch ---
diff -up ./wwwroot/cgi-bin/awstats.pl.CVE-2008-3714 ./wwwroot/cgi-bin/awstats.pl
--- ./wwwroot/cgi-bin/awstats.pl.CVE-2008-3714 2008-12-06 10:19:42.000000000 +0100
+++ ./wwwroot/cgi-bin/awstats.pl 2008-12-06 10:21:01.000000000 +0100
@@ -4407,6 +4407,7 @@ sub DecodeEncodedString {
my $stringtodecode=shift;
$stringtodecode =~ tr/\+/ /s;
$stringtodecode =~ s/%([A-F0-9][A-F0-9])/pack("C", hex($1))/ieg;
+ $stringtodecode =~ s/["']//g;
return $stringtodecode;
}
Index: awstats.spec
===================================================================
RCS file: /cvs/pkgs/rpms/awstats/F-9/awstats.spec,v
retrieving revision 1.24
retrieving revision 1.25
diff -u -r1.24 -r1.25
--- awstats.spec 23 Aug 2008 06:00:04 -0000 1.24
+++ awstats.spec 6 Dec 2008 09:32:21 -0000 1.25
@@ -1,6 +1,6 @@
Name: awstats
Version: 6.8
-Release: 2%{?dist}
+Release: 3%{?dist}
Summary: Advanced Web Statistics
License: GPLv2
Group: Applications/Internet
@@ -8,7 +8,7 @@
Source0: http://dl.sf.net/awstats/awstats-%{version}.tar.gz
#Source0: http://awstats.sourceforge.net/files/awstats-6.6.tar.gz
# http://awstats.cvs.sourceforge.net/awstats/awstats/wwwroot/cgi-bin/awstats.pl?r1=1.910&r2=1.912&view=patch
-Patch0: awstats-6.8-CVE-2008-3714.patch
+Patch0: awstats-6.8-CVE-2008-3714-debian.patch
BuildArch: noarch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -41,9 +41,7 @@
%prep
%setup -q
-pushd wwwroot/cgi-bin/
%patch0 -p0 -b .CVE-2008-3714
-popd
# Fix style sheets.
perl -pi -e 's,/icon,/awstatsicons,g' wwwroot/css/*
# Fix some bad file permissions here for convenience.
@@ -163,6 +161,9 @@
%changelog
+* Sat Dec 06 2008 Aurelien Bompard <abompard at fedoraproject.org> 6.8-3
+- Use Debian's patch for CVE-2008-3714 (rh#474396)
+
* Sat Aug 23 2008 Aurelien Bompard <abompard at fedoraproject.org> 6.8-2
- Add upstream patch for CVE-2008-3714
--- awstats-6.8-CVE-2008-3714.patch DELETED ---
- Previous message (by thread): rpms/awstats/F-8 awstats-6.8-CVE-2008-3714-debian.patch, NONE, 1.1 awstats.spec, 1.24, 1.25 awstats-6.8-CVE-2008-3714.patch, 1.1, NONE
- Next message (by thread): rpms/awstats/devel awstats-6.8-CVE-2008-3714-debian.patch, NONE, 1.1 awstats.spec, 1.24, 1.25 awstats-6.8-CVE-2008-3714.patch, 1.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list