freebsd-ports

History

Doug Barton b2b3b4bb73 This patch comes from the ht://Dig maintainers, and fixes a possible security vulnerability. Quoting from their e-mail announcement: There is a security vulnerability in all versions of htsearch between 3.1.0b2 and 3.1.5 . . . The hole can allow a remote user to pick a file on your system for the config file that the UID running the webserver can read. With a default ports install the httpd user should be nobody, which makes the vulnerability small.	2001-09-25 07:08:47 +00:00
..
patch-ab
patch-htsearch_cc	This patch comes from the ht://Dig maintainers, and fixes a possible	2001-09-25 07:08:47 +00:00

Doug Barton b2b3b4bb73 This patch comes from the ht://Dig maintainers, and fixes a possible

security vulnerability. Quoting from their e-mail announcement:

	There is a security vulnerability in all versions of
	htsearch between 3.1.0b2 and 3.1.5 . . . The hole can
	allow a remote user to pick a file on your system for
	the config file that the UID running the webserver
	can read.

With a default ports install the httpd user should be nobody, which
makes the vulnerability small.

2001-09-25 07:08:47 +00:00

patch-ab

patch-htsearch_cc

This patch comes from the ht://Dig maintainers, and fixes a possible

2001-09-25 07:08:47 +00:00