From 95626ac7dbdd037c2c437c5e7a29eb62bd046d37 Mon Sep 17 00:00:00 2001 From: tron Date: Sat, 31 Jan 2009 21:28:41 +0000 Subject: Pullup ticket #2674 - requested by taca awstats: security update Revisions pulled up: - www/awstats/Makefile 1.40 - www/awstats/PLIST 1.14 - www/awstats/distinfo 1.23 - www/awstats/options.mk 1.2 - www/awstats/patches/patch-aa 1.9 - www/awstats/patches/patch-ab 1.6 - www/awstats/patches/patch-ac delete --- Module Name: pkgsrc Committed By: adam Date: Thu Jan 15 12:12:04 UTC 2009 Modified Files: pkgsrc/www/awstats: Makefile PLIST distinfo options.mk pkgsrc/www/awstats/patches: patch-aa patch-ab Log Message: Changes 6.9: * With postfix that support DSN (Delivery Status Notifications) we exclude some lines to avoid counting mails twice in maillogconvert.pl script. * Logresolvemerge.pl support FreeRADIUS logs or anything else using (the fixed length!) ctime format timestamp. * Add option stoponfirsteof in logresolvemerge tool. * Add patch to support host_proxy tag in LogFormat (for Apache LogFormat containing %{X-Forwarded-For}i) * Renamed Add to favourites on "Hit on favicon". * Increase robots, search engines database (Added Google Chrome browser, better Vista, WII, detection, ...) * Update languages files. * Added a lot of patch from sourceforge. * Bug fixes. --- Module Name: pkgsrc Committed By: adam Date: Thu Jan 15 12:12:20 UTC 2009 Removed Files: pkgsrc/www/awstats/patches: patch-ac Log Message: Changes 6.9: * With postfix that support DSN (Delivery Status Notifications) we exclude some lines to avoid counting mails twice in maillogconvert.pl script. * Logresolvemerge.pl support FreeRADIUS logs or anything else using (the fixed length!) ctime format timestamp. * Add option stoponfirsteof in logresolvemerge tool. * Add patch to support host_proxy tag in LogFormat (for Apache LogFormat containing %{X-Forwarded-For}i) * Renamed Add to favourites on "Hit on favicon". * Increase robots, search engines database (Added Google Chrome browser, better Vista, WII, detection, ...) * Update languages files. * Added a lot of patch from sourceforge. * Bug fixes. --- www/awstats/Makefile | 6 +++--- www/awstats/PLIST | 8 +++++++- www/awstats/distinfo | 13 ++++++------- www/awstats/options.mk | 6 +++--- www/awstats/patches/patch-aa | 20 ++++++++++---------- www/awstats/patches/patch-ab | 10 +++++----- www/awstats/patches/patch-ac | 27 --------------------------- 7 files changed, 34 insertions(+), 56 deletions(-) delete mode 100644 www/awstats/patches/patch-ac (limited to 'www') diff --git a/www/awstats/Makefile b/www/awstats/Makefile index 612bbe20216..8ceed6415ba 100644 --- a/www/awstats/Makefile +++ b/www/awstats/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.39 2008/09/11 10:37:11 adam Exp $ +# $NetBSD: Makefile,v 1.39.6.1 2009/01/31 21:28:41 tron Exp $ -DISTNAME= awstats-6.8 +DISTNAME= awstats-6.9 CATEGORIES= www MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=awstats/} @@ -25,7 +25,7 @@ APACHE_USER?= www APACHE_GROUP?= www PKG_GROUPS_VARS+= APACHE_GROUP -PKG_USERS_VARS+= APACHE_USER +PKG_USERS_VARS= APACHE_USER BUILD_DEFS+= VARBASE # OWN_DIRS= ${VARBASE}/awstats diff --git a/www/awstats/PLIST b/www/awstats/PLIST index d9855a0e625..621e9eb5865 100644 --- a/www/awstats/PLIST +++ b/www/awstats/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.13 2008/09/11 10:37:11 adam Exp $ +@comment $NetBSD: PLIST,v 1.13.6.1 2009/01/31 21:28:41 tron Exp $ awstats/bin/awstats_buildstaticpages.pl awstats/bin/awstats_configure.pl awstats/bin/awstats_exportlib.pl @@ -112,6 +112,7 @@ awstats/cgi-bin/lib/status_smtp.pm awstats/cgi-bin/lib/worms.pm awstats/cgi-bin/plugins/clusterinfo.pm awstats/cgi-bin/plugins/decodeutfkeys.pm +awstats/cgi-bin/plugins/export_to_csv.pm awstats/cgi-bin/plugins/geoip.pm awstats/cgi-bin/plugins/geoip_city_maxmind.pm awstats/cgi-bin/plugins/geoip_isp_maxmind.pm @@ -146,6 +147,7 @@ awstats/icon/browser/aweb.png awstats/icon/browser/bpftp.png awstats/icon/browser/bytel.png awstats/icon/browser/chimera.png +awstats/icon/browser/chrome.png awstats/icon/browser/cyberdog.png awstats/icon/browser/da.png awstats/icon/browser/dillo.png @@ -459,6 +461,7 @@ awstats/icon/flags/ps.png awstats/icon/flags/pt.png awstats/icon/flags/py.png awstats/icon/flags/qa.png +awstats/icon/flags/re.png awstats/icon/flags/ro.png awstats/icon/flags/ru.png awstats/icon/flags/rw.png @@ -520,6 +523,7 @@ awstats/icon/flags/zw.png awstats/icon/mime/ai.png awstats/icon/mime/archive.png awstats/icon/mime/audio.png +awstats/icon/mime/css.png awstats/icon/mime/doc.png awstats/icon/mime/flash.png awstats/icon/mime/glasses.png @@ -573,6 +577,7 @@ awstats/icon/os/linux.png awstats/icon/os/linuxcentos.png awstats/icon/os/linuxdebian.png awstats/icon/os/linuxfedora.png +awstats/icon/os/linuxgentoo.png awstats/icon/os/linuxmandr.png awstats/icon/os/linuxredhat.png awstats/icon/os/linuxsuse.png @@ -606,6 +611,7 @@ awstats/icon/os/wince.png awstats/icon/os/winlong.png awstats/icon/os/winme.png awstats/icon/os/winnt.png +awstats/icon/os/winunknown.png awstats/icon/os/winxbox.png awstats/icon/os/winxp.png awstats/icon/other/awstats_logo1.png diff --git a/www/awstats/distinfo b/www/awstats/distinfo index ce0af7921b0..a88361b8a4e 100644 --- a/www/awstats/distinfo +++ b/www/awstats/distinfo @@ -1,8 +1,7 @@ -$NetBSD: distinfo,v 1.22 2008/09/11 10:37:11 adam Exp $ +$NetBSD: distinfo,v 1.22.6.1 2009/01/31 21:28:41 tron Exp $ -SHA1 (awstats-6.8.tar.gz) = cd0ab93ca28e5a194401232931d8f4521af10ae9 -RMD160 (awstats-6.8.tar.gz) = b03f382b19bc057598fb231d58afefdfb91c07bb -Size (awstats-6.8.tar.gz) = 1101851 bytes -SHA1 (patch-aa) = 78b3a3100d687f07e0bed7b677abc52b767b8598 -SHA1 (patch-ab) = df8961949160d172ab40569a414b52eb4a8b1f06 -SHA1 (patch-ac) = 2c4f26e5cdd3550f20450c3484bc1d91000bdd63 +SHA1 (awstats-6.9.tar.gz) = 5ad8485eab04147b20adf5e8a7bdd5b6d3e2468b +RMD160 (awstats-6.9.tar.gz) = 339af2df9c44713d632b4d1ae3d733132f7b0bab +Size (awstats-6.9.tar.gz) = 1125906 bytes +SHA1 (patch-aa) = 1897d739b38b9c830f9af2211aa9fcb5e15a6795 +SHA1 (patch-ab) = 9ae474058a1803c1132b36448c1a6987c58e8823 diff --git a/www/awstats/options.mk b/www/awstats/options.mk index 57b27eb879a..5bb907703c8 100644 --- a/www/awstats/options.mk +++ b/www/awstats/options.mk @@ -1,14 +1,14 @@ -# $NetBSD: options.mk,v 1.1 2008/01/03 12:37:06 adrianp Exp $ +# $NetBSD: options.mk,v 1.1.12.1 2009/01/31 21:28:41 tron Exp $ PKG_OPTIONS_VAR= PKG_OPTIONS.awstats -PKG_SUPPORTED_OPTIONS= awstats-geoipfree +PKG_SUPPORTED_OPTIONS= geoip .include "../../mk/bsd.options.mk" ### ### Use the Geo IP Free module ### -.if !empty(PKG_OPTIONS:Mawstats-geoipfree) +.if !empty(PKG_OPTIONS:Mgeoip) DEPENDS+= p5-Geo-IPfree-[0-9]*:../../net/p5-Geo-IPfree .endif diff --git a/www/awstats/patches/patch-aa b/www/awstats/patches/patch-aa index ea9674a42ca..ea845bbd9ee 100644 --- a/www/awstats/patches/patch-aa +++ b/www/awstats/patches/patch-aa @@ -1,13 +1,13 @@ -$NetBSD: patch-aa,v 1.8 2008/04/07 07:21:00 adam Exp $ +$NetBSD: patch-aa,v 1.8.10.1 2009/01/31 21:28:41 tron Exp $ ---- wwwroot/cgi-bin/awstats.pl.orig 2007-07-07 13:00:06.000000000 +0200 +--- wwwroot/cgi-bin/awstats.pl.orig 2008-11-30 16:42:46.000000000 +0100 +++ wwwroot/cgi-bin/awstats.pl -@@ -1141,7 +1141,7 @@ sub Read_Config { - my $configdir=shift; - my @PossibleConfigDir=(); +@@ -1627,7 +1627,7 @@ sub Read_Config { + my $configdir = shift; + my @PossibleConfigDir = (); -- if ($configdir) -+ if ($configdir && $ENV{"AWSTATS_ENABLE_CONFIG_DIR"}) - { - # If from CGI, overwriting of configdir is only possible if AWSTATS_ENABLE_CONFIG_DIR defined - #if ($ENV{'GATEWAY_INTERFACE'} && ! $ENV{"AWSTATS_ENABLE_CONFIG_DIR"}) +- if ($configdir) { ++ if ($configdir && $ENV{"AWSTATS_ENABLE_CONFIG_DIR"}) { + + # If from CGI, overwriting of configdir is only possible if AWSTATS_ENABLE_CONFIG_DIR defined + #if ($ENV{'GATEWAY_INTERFACE'} && ! $ENV{"AWSTATS_ENABLE_CONFIG_DIR"}) diff --git a/www/awstats/patches/patch-ab b/www/awstats/patches/patch-ab index 2c83bf2758b..6a0a66a3805 100644 --- a/www/awstats/patches/patch-ab +++ b/www/awstats/patches/patch-ab @@ -1,6 +1,6 @@ -$NetBSD: patch-ab,v 1.5 2008/04/07 07:21:00 adam Exp $ +$NetBSD: patch-ab,v 1.5.10.1 2009/01/31 21:28:41 tron Exp $ ---- tools/awstats_configure.pl.orig 2007-04-02 20:30:52.000000000 +0200 +--- tools/awstats_configure.pl.orig 2008-04-06 15:45:24.000000000 +0200 +++ tools/awstats_configure.pl @@ -29,12 +29,12 @@ $AWSTATS_MODEL_CONFIG $AWSTATS_DIRDATA_PATH @@ -100,7 +100,7 @@ $NetBSD: patch-ab,v 1.5 2008/04/07 07:21:00 adam Exp $ print "Example: c:\\Program files\\apache group\\apache\\conf\\httpd.conf\n"; $bidon=''; while ($bidon ne 'none' && ! -f "$bidon") { -@@ -545,8 +547,8 @@ EOF +@@ -546,8 +548,8 @@ EOF # ----------------------------- my $modelfile=''; if ($OS eq 'linux') { @@ -111,7 +111,7 @@ $NetBSD: patch-ab,v 1.5 2008/04/07 07:21:00 adam Exp $ } else { $modelfile="$AWSTATS_MODEL_CONFIG"; -@@ -554,7 +556,7 @@ if ($OS eq 'linux') { +@@ -555,7 +557,7 @@ if ($OS eq 'linux') { } } elsif ($OS eq "macosx") { @@ -120,7 +120,7 @@ $NetBSD: patch-ab,v 1.5 2008/04/07 07:21:00 adam Exp $ } elsif ($OS eq 'windows') { $modelfile="$AWSTATS_PATH\\wwwroot\\cgi-bin\\awstats.model.conf"; } else { $modelfile="$AWSTATS_PATH\\wwwroot\\cgi-bin\\awstats.model.conf"; } -@@ -607,11 +609,11 @@ if ($bidon =~ /^y/i) { +@@ -608,11 +610,11 @@ if ($bidon =~ /^y/i) { if ($OS eq 'linux') { print "\n-----> Define config file path\n"; print "In which directory do you plan to store your config file(s) ?\n"; diff --git a/www/awstats/patches/patch-ac b/www/awstats/patches/patch-ac deleted file mode 100644 index f9567e28f95..00000000000 --- a/www/awstats/patches/patch-ac +++ /dev/null @@ -1,27 +0,0 @@ -$NetBSD: patch-ac,v 1.1 2008/08/20 21:20:33 minskim Exp $ - -XSS (http://secunia.com/advisories/31519/) fix. Not needed in 6.9. - ---- wwwroot/cgi-bin/awstats.pl.orig 2008-08-20 14:17:04.000000000 -0700 -+++ wwwroot/cgi-bin/awstats.pl -@@ -4380,6 +4380,7 @@ sub EncodeString { - sub DecodeEncodedString { - my $stringtodecode=shift; - $stringtodecode =~ tr/\+/ /s; -+ $stringtodecode =~ s/%22//g; - $stringtodecode =~ s/%([A-F0-9][A-F0-9])/pack("C", hex($1))/ieg; - return $stringtodecode; - } -@@ -4432,9 +4433,12 @@ sub Sanitize { - #------------------------------------------------------------------------------ - sub CleanXSS { - my $stringtoclean=shift; -+ # To avoid html tags and javascript - $stringtoclean =~ s//>/g; - $stringtoclean =~ s/|//g; -+ # To avoid onload=" -+ $stringtoclean =~ s/onload//g; - return $stringtoclean; - } - -- cgit v1.2.3