diff options
author | dougb <dougb@FreeBSD.org> | 2001-09-25 07:08:47 +0000 |
---|---|---|
committer | dougb <dougb@FreeBSD.org> | 2001-09-25 07:08:47 +0000 |
commit | 97852d550797f153d62e67632e69f777926702c5 (patch) | |
tree | cf67509dc9554c6a56f6b516bce7a5da69229537 /net | |
parent | 819f0aa1c928d1826aac0212c6655639b8382beb (diff) | |
download | FreeBSD-ports-97852d550797f153d62e67632e69f777926702c5.zip FreeBSD-ports-97852d550797f153d62e67632e69f777926702c5.tar.gz |
This patch comes from the ht://Dig maintainers, and fixes a possible
security vulnerability. Quoting from their e-mail announcement:
There is a security vulnerability in all versions of
htsearch between 3.1.0b2 and 3.1.5 . . . The hole can
allow a remote user to pick a file on your system for
the config file that the UID running the webserver
can read.
With a default ports install the httpd user should be nobody, which
makes the vulnerability small.
Diffstat (limited to 'net')
0 files changed, 0 insertions, 0 deletions