From 8225e716416c96d55a497bdad82ef9150bbb277d Mon Sep 17 00:00:00 2001 From: cvsextras Date: Mon, 8 Nov 2004 04:04:34 +0000 Subject: [PATCH 001/129] auto-import changelog data from awstats-6.1-0.fdr.6.src.rpm Thu May 20 2004 Aurelien Bompard 6.1-0.fdr.6 - remove redundant substitution Thu May 20 2004 Aurelien Bompard 6.1-0.fdr.5 - be closer to upstream default configuration - use the included apache conf file - merge changes from Michael Schwendt (bug 1608) Wed May 19 2004 Aurelien Bompard 6.1-0.fdr.4 - fix cron job for relocated tools Wed May 19 2004 Aurelien Bompard 6.1-0.fdr.3 - keep the tools in the tools subdirectory Wed May 19 2004 Aurelien Bompard 6.1-0.fdr.2 - fix scripts in /usr/bin - rename configure.pl to awstats_configure.pl Sun May 16 2004 Aurelien Bompard 6.1-0.fdr.1 - version 6.1 Wed Mar 03 2004 Aurelien Bompard 6.0.0.fdr.2 - requires perl without version to fix build on rh9 Thu Feb 19 2004 Aurelien Bompard 6.0-0.fdr.1 - version 6.0 Mon Dec 22 2003 Aurelien Bompard 5.9-0.fdr.5 - solve stupid bug in %install - only create the preconfigured config file on install, not on upgrade Mon Dec 22 2003 Aurelien Bompard 5.9-0.fdr.4 - post scriptlet doesn't overwrite user configuration now be careful if you upgrade from 5.9-0.fdr.3 - replace _DATADIR in apache configuration in the install stage (was in the post scriptlet before) - remove 'noreplace' tag from the apache config file - various cleanups in the %install stage - Thanks to Mickael Schwendt. Sun Dec 07 2003 Aurelien Bompard 5.9-0.fdr.3 - %post et %postun now use condrestart instead of restart - only restart apache if we are upgrading - install and cp use the "-p" switch - use %_datadir in /etc/httpd/conf.d/awstats.conf - improve cron job - don't brutally recode HTML pages - the scan is now done hourly instead of daily - *.pm files are not executable any more - tools are in %bindir - various other improvements - many thanks to Michael Schwendt and Dag Wieers. Sat Nov 29 2003 Aurelien Bompard 5.9-0.fdr.2 - Set the hostname in %post (thanks to Michael Koziarski) - Improved customization in %post Sun Nov 16 2003 Aurelien Bompard 5.9-0.fdr.1 - fix /etc/cron.daily/awstats permissions - fix log name in conf file - port to fedora (from Mandrake) --- .cvsignore | 1 + awstats.spec | 213 +++++++++++++++++++++++++++++++++++++++++++++++++++ sources | 1 + 3 files changed, 215 insertions(+) create mode 100644 awstats.spec diff --git a/.cvsignore b/.cvsignore index e69de29..0efd059 100644 --- a/.cvsignore +++ b/.cvsignore @@ -0,0 +1 @@ +awstats-6.1.tgz diff --git a/awstats.spec b/awstats.spec new file mode 100644 index 0000000..5d8875c --- /dev/null +++ b/awstats.spec @@ -0,0 +1,213 @@ +Name: awstats +Version: 6.1 +Release: 0.fdr.6 +Summary: Advanced Web Statistics +License: GPL +Group: Applications/Internet +URL: http://awstats.sourceforge.net +Source0: http://dl.sf.net/awstats/awstats-6.1.tgz +BuildArch: noarch +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) +Requires: httpd +Requires: perl +Requires(post): perl +Requires(postun): /sbin/service + +%description +Advanced Web Statistics is a powerful and featureful tool that generates +advanced web server graphic statistics. This server log analyzer works +from command line or as a CGI and shows you all information your log contains, +in graphical web pages. It can analyze a lot of web/wap/proxy servers like +Apache, IIS, Weblogic, Webstar, Squid, ... but also mail or ftp servers. + +This program can measure visits, unique vistors, authenticated users, pages, +domains/countries, OS busiest times, robot visits, type of files, search +engines/keywords used, visits duration, HTTP errors and more... +Statistics can be updated from a browser or your scheduler. +The program also supports virtual servers, plugins and a lot of features. + +With the default configuration, the statistics are available: +http://localhost/awstats/awstats.pl + +%prep +%setup -q + +# Fix style sheets. +perl -pi -e 's,/icon,/awstatsicons,g' wwwroot/css/* + +# Fix some bad file permissions here for convenience. +chmod -x tools/httpd_conf +find tools/xslt -type f | xargs chmod -x + +# Remove \r in conf file (file written on MS Windows) +perl -pi -e 's/\r//g' tools/httpd_conf + +%install +rm -rf $RPM_BUILD_ROOT + +### Create cron job +%{__cat} <awstats.cron +#!/bin/bash + +if [ -f %{_localstatedir}/log/httpd/access_log ] ; then + exec perl %{_datadir}/awstats/tools/awstats_updateall.pl now \ + -confdir="%{_sysconfdir}/awstats" \ + -awstatsprog="%{_datadir}/awstats/wwwroot/cgi-bin/awstats.pl" >/dev/null +fi +exit 0 +EOF + +### Create folders +mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/{httpd/conf.d,%{name},cron.hourly} +mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/lib/%{name} +mkdir -p $RPM_BUILD_ROOT%{_datadir}/%{name} + +### Install files +cp -pr tools $RPM_BUILD_ROOT%{_datadir}/%{name} +chmod 755 $RPM_BUILD_ROOT%{_datadir}/%{name}/tools/*.pl +chmod 644 $RPM_BUILD_ROOT%{_datadir}/%{name}/tools/httpd_conf +cp -pr wwwroot $RPM_BUILD_ROOT%{_datadir}/%{name} +chmod 755 $RPM_BUILD_ROOT%{_datadir}/%{name}/wwwroot/cgi-bin/*.pl +rm -rf $RPM_BUILD_ROOT%{_datadir}/%{name}/wwwroot/classes/src +### We want these outside CGI path. +rm -rf $RPM_BUILD_ROOT%{_datadir}/%{name}/wwwroot/cgi-bin/{lang,lib,plugins} +cp -pr wwwroot/cgi-bin/{lang,lib,plugins} $RPM_BUILD_ROOT%{_datadir}/%{name} + +rm -f $RPM_BUILD_ROOT%{_datadir}/%{name}/wwwroot/cgi-bin/awstats.model.conf + +### Commit permanent changes to default configuration +install -p -m 644 wwwroot/cgi-bin/awstats.model.conf \ + $RPM_BUILD_ROOT/%{_sysconfdir}/%{name}/%{name}.model.conf +%{__perl} -pi -e ' + s|^LogFile=.*$|LogFile="%{_localstatedir}/log/httpd/access_log"|; + s|^DirData=.*$|DirData="%{_localstatedir}/lib/awstats"|; + s|^DirCgi=.*$|DirCgi="/awstats"|; + s|^DirIcons=.*$|DirIcons="/awstatsicons"|; + s|^SiteDomain=.*$|SiteDomain="localhost.localdomain"|; + s|^HostAliases=.*$|HostAliases="localhost 127.0.0.1"|; + s|^EnableLockForUpdate=.*$|EnableLockForUpdate=1|; + s|^SaveDatabaseFilesWithPermissionsForEveryone=.*$|SaveDatabaseFilesWithPermissionsForEveryone=0|; + s|^SkipHosts=.*$|SkipHosts="127.0.0.1"|; + s|^Expires=.*$|Expires=3600|; + ' $RPM_BUILD_ROOT/%{_sysconfdir}/%{name}/%{name}.model.conf +install -p -m 644 $RPM_BUILD_ROOT/%{_sysconfdir}/%{name}/%{name}.{model,localhost.localdomain}.conf + +# Fix scripts +%{__perl} -pi -e 's|/usr/local/awstats|%{_datadir}/awstats|g' \ + $RPM_BUILD_ROOT%{_datadir}/%{name}/tools/{*.pl,httpd_conf} + +# Apache configuration +install -p -m 644 tools/httpd_conf $RPM_BUILD_ROOT/%{_sysconfdir}/httpd/conf.d/%{name}.conf +%{__perl} -pi -e 's|/usr/local|%{_datadir}|g' $RPM_BUILD_ROOT/%{_sysconfdir}/httpd/conf.d/%{name}.conf +echo "# Additional Perl modules + + SetEnv PERL5LIB %{_datadir}/awstats/lib:%{_datadir}/awstats/plugins +" >> $RPM_BUILD_ROOT/%{_sysconfdir}/httpd/conf.d/%{name}.conf + +# Cron job +install -m 0755 awstats.cron $RPM_BUILD_ROOT%{_sysconfdir}/cron.hourly/%{name} + + +%clean +rm -rf $RPM_BUILD_ROOT + +%post +if [ $1 -eq 1 ]; then + if [ ! -f %{_sysconfdir}/%{name}/%{name}.`hostname`.conf ]; then + %{__cat} %{_sysconfdir}/%{name}/%{name}.model.conf | \ + %{__perl} -p -e 's|^SiteDomain=.*$|SiteDomain="'`hostname`'"|; + s|^HostAliases=.*$|HostAliases="REGEX[^.*'${HOSTNAME//./\\\\.}'\$]"|; + ' > %{_sysconfdir}/%{name}/%{name}.`hostname`.conf || : + fi +fi + +%postun +if [ $1 -ne 0 ]; then + /sbin/service httpd condrestart >/dev/null 2>&1 +fi + + +%files +%defattr(-,root,root,755) +# Apache configuration file +%config %{_sysconfdir}/httpd/conf.d/%{name}.conf +%config(noreplace) %attr(755,root,root) %{_sysconfdir}/cron.hourly/%{name} +%config(noreplace) %{_sysconfdir}/%{name}/ +%{_localstatedir}/lib/%{name} +%dir %{_datadir}/%{name} +%dir %{_datadir}/%{name}/wwwroot +%{_datadir}/%{name}/tools +%{_datadir}/%{name}/wwwroot/cgi-bin +# Different defattr to fix lots of files which should not be +x. +%defattr(644,root,root,755) +%doc README.TXT docs/* +%{_datadir}/%{name}/lang +%{_datadir}/%{name}/lib +%{_datadir}/%{name}/plugins +%{_datadir}/%{name}/wwwroot/classes +%{_datadir}/%{name}/wwwroot/css +%{_datadir}/%{name}/wwwroot/icon +%{_datadir}/%{name}/wwwroot/js + +%changelog +* Thu May 20 2004 Aurelien Bompard 6.1-0.fdr.6 +- remove redundant substitution + +* Thu May 20 2004 Aurelien Bompard 6.1-0.fdr.5 +- be closer to upstream default configuration +- use the included apache conf file +- merge changes from Michael Schwendt (bug 1608) + +* Wed May 19 2004 Aurelien Bompard 6.1-0.fdr.4 +- fix cron job for relocated tools + +* Wed May 19 2004 Aurelien Bompard 6.1-0.fdr.3 +- keep the tools in the tools subdirectory + +* Wed May 19 2004 Aurelien Bompard 6.1-0.fdr.2 +- fix scripts in /usr/bin +- rename configure.pl to awstats_configure.pl + +* Sun May 16 2004 Aurelien Bompard 6.1-0.fdr.1 +- version 6.1 + +* Wed Mar 03 2004 Aurelien Bompard 6.0.0.fdr.2 +- requires perl without version to fix build on rh9 + +* Tue Feb 19 2004 Aurelien Bompard 6.0-0.fdr.1 +- version 6.0 + +* Mon Dec 22 2003 Aurelien Bompard 5.9-0.fdr.5 +- solve stupid bug in %%install +- only create the preconfigured config file on install, not on upgrade + +* Mon Dec 22 2003 Aurelien Bompard 5.9-0.fdr.4 +- post scriptlet doesn't overwrite user configuration now + be careful if you upgrade from 5.9-0.fdr.3 +- replace _DATADIR in apache configuration in the install stage + (was in the post scriptlet before) +- remove 'noreplace' tag from the apache config file +- various cleanups in the %%install stage +- Thanks to Mickael Schwendt. + +* Sun Dec 07 2003 Aurelien Bompard 5.9-0.fdr.3 +- %%post et %%postun now use condrestart instead of restart +- only restart apache if we are upgrading +- install and cp use the "-p" switch +- use %%_datadir in /etc/httpd/conf.d/awstats.conf +- improve cron job +- don't brutally recode HTML pages +- the scan is now done hourly instead of daily +- *.pm files are not executable any more +- tools are in %%bindir +- various other improvements +- many thanks to Michael Schwendt and Dag Wieers. + +* Sat Nov 29 2003 Aurelien Bompard 5.9-0.fdr.2 +- Set the hostname in %%post (thanks to Michael Koziarski) +- Improved customization in %%post + +* Sun Nov 16 2003 Aurelien Bompard 5.9-0.fdr.1 +- fix /etc/cron.daily/awstats permissions +- fix log name in conf file +- port to fedora (from Mandrake) diff --git a/sources b/sources index e69de29..eb54580 100644 --- a/sources +++ b/sources @@ -0,0 +1 @@ +4f02c0fc4f1a0f946fcae3b3768bf113 awstats-6.1.tgz From e9ea5c8d5840a16a17e140740247859b0abdb0f1 Mon Sep 17 00:00:00 2001 From: gafton Date: Wed, 24 Nov 2004 03:09:57 +0000 Subject: [PATCH 002/129] Fix braindead import typo artifact in the default generated Makefile. Oh well, the fedora extras commits list needs a workout anyway... --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 3a4d010..63c5a86 100644 --- a/Makefile +++ b/Makefile @@ -12,7 +12,7 @@ MAKEFILE_COMMON := $(shell $(find-makefile-common)) ifeq ($(MAKEFILE_COMMON),) # attept a checkout define checkout-makefile-common -test -f CVS/Rootx && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2 +test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2 endef MAKEFILE_COMMON := $(shell $(checkout-makefile-common)) From 926490b55a7428acd1f211be2110cb874a019f98 Mon Sep 17 00:00:00 2001 From: Michael Schwendt Date: Fri, 10 Dec 2004 22:03:01 +0000 Subject: [PATCH 003/129] Bump release, strip off fedora.us prefix and dist tag. --- awstats.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index 5d8875c..9c2f771 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 6.1 -Release: 0.fdr.6 +Release: 6 Summary: Advanced Web Statistics License: GPL Group: Applications/Internet From 96a1c44c779cf802c354a698a3963290cd7312d0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ville=20Skytt=C3=A4?= Date: Sat, 29 Jan 2005 23:30:42 +0000 Subject: [PATCH 004/129] auto-import awstats-6.3-0.1.20050122 on branch devel from awstats-6.3-0.1.20050122.src.rpm --- .cvsignore | 2 +- awstats.spec | 13 ++++++++++--- sources | 2 +- 3 files changed, 12 insertions(+), 5 deletions(-) diff --git a/.cvsignore b/.cvsignore index 0efd059..039d887 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1 +1 @@ -awstats-6.1.tgz +awstats-6.3.tgz diff --git a/awstats.spec b/awstats.spec index 9c2f771..68c2a1a 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,11 +1,12 @@ Name: awstats -Version: 6.1 -Release: 6 +Version: 6.3 +Release: 0.1.20050122 Summary: Advanced Web Statistics License: GPL Group: Applications/Internet URL: http://awstats.sourceforge.net -Source0: http://dl.sf.net/awstats/awstats-6.1.tgz +Source0: http://awstats.sourceforge.net/files/awstats-6.3.tgz +#Source0: http://dl.sf.net/awstats/awstats-6.3.tgz BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Requires: httpd @@ -150,6 +151,12 @@ fi %{_datadir}/%{name}/wwwroot/js %changelog +* Thu Jan 27 2005 Aurelien Bompard 6.3-0.1.20050122 +- update to 6.3pre to fix vulnerability + +* Sun Nov 28 2004 Aurelien Bompard 6.2-0.fdr.1 +- version 6.2 + * Thu May 20 2004 Aurelien Bompard 6.1-0.fdr.6 - remove redundant substitution diff --git a/sources b/sources index eb54580..80156b0 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -4f02c0fc4f1a0f946fcae3b3768bf113 awstats-6.1.tgz +4335067362c3033ca2c03e08abc67d73 awstats-6.3.tgz From cdae59d220153b2fccc16b191a0c5c1ae9015fd8 Mon Sep 17 00:00:00 2001 From: Aurelien Bompard Date: Thu, 10 Feb 2005 22:03:00 +0000 Subject: [PATCH 005/129] - version 6.3 final --- awstats.spec | 8 +++++--- sources | 2 +- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/awstats.spec b/awstats.spec index 68c2a1a..4f8dbf9 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,12 +1,11 @@ Name: awstats Version: 6.3 -Release: 0.1.20050122 +Release: 1 Summary: Advanced Web Statistics License: GPL Group: Applications/Internet URL: http://awstats.sourceforge.net -Source0: http://awstats.sourceforge.net/files/awstats-6.3.tgz -#Source0: http://dl.sf.net/awstats/awstats-6.3.tgz +Source0: http://dl.sf.net/awstats/awstats-6.3.tgz BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Requires: httpd @@ -151,6 +150,9 @@ fi %{_datadir}/%{name}/wwwroot/js %changelog +* Thu Feb 10 2005 Aurelien Bompard 6.3-1 +- version 6.3 final + * Thu Jan 27 2005 Aurelien Bompard 6.3-0.1.20050122 - update to 6.3pre to fix vulnerability diff --git a/sources b/sources index 80156b0..193bc2e 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -4335067362c3033ca2c03e08abc67d73 awstats-6.3.tgz +edb73007530a5800d53b9f1f90c88053 awstats-6.3.tgz From 648b6d0cfd5e85f888c5990592e59b9b97e7b7e2 Mon Sep 17 00:00:00 2001 From: Aurelien Bompard Date: Tue, 15 Feb 2005 17:35:38 +0000 Subject: [PATCH 006/129] - update to 6.4pre to fix vulnerability --- .cvsignore | 2 +- awstats.spec | 10 +++++++--- sources | 2 +- 3 files changed, 9 insertions(+), 5 deletions(-) diff --git a/.cvsignore b/.cvsignore index 039d887..2cc7c7f 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1 +1 @@ -awstats-6.3.tgz +awstats-6.4.tgz diff --git a/awstats.spec b/awstats.spec index 4f8dbf9..c09d041 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,11 +1,12 @@ Name: awstats -Version: 6.3 -Release: 1 +Version: 6.4 +Release: 0.1.pre Summary: Advanced Web Statistics License: GPL Group: Applications/Internet URL: http://awstats.sourceforge.net -Source0: http://dl.sf.net/awstats/awstats-6.3.tgz +#Source0: http://dl.sf.net/awstats/awstats-6.3.tgz +Source0: http://awstats.sourceforge.net/files/awstats-6.4.tgz BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Requires: httpd @@ -150,6 +151,9 @@ fi %{_datadir}/%{name}/wwwroot/js %changelog +* Tue Feb 15 2005 Aurelien Bompard 6.4-0.1.pre +- update to 6.4pre to fix a vulnerability + * Thu Feb 10 2005 Aurelien Bompard 6.3-1 - version 6.3 final diff --git a/sources b/sources index 193bc2e..e466828 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -edb73007530a5800d53b9f1f90c88053 awstats-6.3.tgz +f4e236d2ab4c71933cb476b20172a68e awstats-6.4.tgz From 2e3b6bdafb6bdb875313ecd259c233b18961c133 Mon Sep 17 00:00:00 2001 From: Matthias Saou Date: Sat, 5 Mar 2005 21:10:20 +0000 Subject: [PATCH 007/129] Further mass cleanup. One or more apply : - Remove (hopefully) all zero epoch remains. - Remove trailing spaces and tabs. - Keep consistency between tabs and spaces. - Clean up summary. --- awstats.spec | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/awstats.spec b/awstats.spec index c09d041..a19d408 100644 --- a/awstats.spec +++ b/awstats.spec @@ -11,8 +11,8 @@ BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Requires: httpd Requires: perl -Requires(post): perl -Requires(postun): /sbin/service +Requires(post): perl +Requires(postun): /sbin/service %description Advanced Web Statistics is a powerful and featureful tool that generates @@ -91,7 +91,7 @@ install -p -m 644 wwwroot/cgi-bin/awstats.model.conf \ s|^SkipHosts=.*$|SkipHosts="127.0.0.1"|; s|^Expires=.*$|Expires=3600|; ' $RPM_BUILD_ROOT/%{_sysconfdir}/%{name}/%{name}.model.conf -install -p -m 644 $RPM_BUILD_ROOT/%{_sysconfdir}/%{name}/%{name}.{model,localhost.localdomain}.conf +install -p -m 644 $RPM_BUILD_ROOT/%{_sysconfdir}/%{name}/%{name}.{model,localhost.localdomain}.conf # Fix scripts %{__perl} -pi -e 's|/usr/local/awstats|%{_datadir}/awstats|g' \ @@ -208,7 +208,7 @@ fi - only restart apache if we are upgrading - install and cp use the "-p" switch - use %%_datadir in /etc/httpd/conf.d/awstats.conf -- improve cron job +- improve cron job - don't brutally recode HTML pages - the scan is now done hourly instead of daily - *.pm files are not executable any more From 1dfed0a09387b958ab752a06175208660c89c9c3 Mon Sep 17 00:00:00 2001 From: Aurelien Bompard Date: Mon, 21 Mar 2005 11:58:55 +0000 Subject: [PATCH 008/129] - version 6.4 final - change release tag for FC3/FC4 (following Owen's scheme: https://www.redhat.com/archives/fedora-extras-list/2005-March/msg00633. html) - convert tabs into spaces --- awstats.spec | 39 ++++++++++++++++++++++----------------- sources | 2 +- 2 files changed, 23 insertions(+), 18 deletions(-) diff --git a/awstats.spec b/awstats.spec index a19d408..8d3f032 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,18 +1,18 @@ -Name: awstats -Version: 6.4 -Release: 0.1.pre -Summary: Advanced Web Statistics -License: GPL -Group: Applications/Internet -URL: http://awstats.sourceforge.net -#Source0: http://dl.sf.net/awstats/awstats-6.3.tgz -Source0: http://awstats.sourceforge.net/files/awstats-6.4.tgz -BuildArch: noarch -BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) -Requires: httpd -Requires: perl -Requires(post): perl -Requires(postun): /sbin/service +Name: awstats +Version: 6.4 +Release: 1.fc4 +Summary: Advanced Web Statistics +License: GPL +Group: Applications/Internet +URL: http://awstats.sourceforge.net +Source0: http://dl.sf.net/awstats/awstats-6.4.tgz +#Source0: http://awstats.sourceforge.net/files/awstats-6.4.tgz +BuildArch: noarch +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) +Requires: httpd +Requires: perl +Requires(post): perl +Requires(postun): /sbin/service %description Advanced Web Statistics is a powerful and featureful tool that generates @@ -91,7 +91,7 @@ install -p -m 644 wwwroot/cgi-bin/awstats.model.conf \ s|^SkipHosts=.*$|SkipHosts="127.0.0.1"|; s|^Expires=.*$|Expires=3600|; ' $RPM_BUILD_ROOT/%{_sysconfdir}/%{name}/%{name}.model.conf -install -p -m 644 $RPM_BUILD_ROOT/%{_sysconfdir}/%{name}/%{name}.{model,localhost.localdomain}.conf +install -p -m 644 $RPM_BUILD_ROOT/%{_sysconfdir}/%{name}/%{name}.{model,localhost.localdomain}.conf # Fix scripts %{__perl} -pi -e 's|/usr/local/awstats|%{_datadir}/awstats|g' \ @@ -151,6 +151,11 @@ fi %{_datadir}/%{name}/wwwroot/js %changelog +* Mon Mar 21 2005 Aurelien Bompard 6.4-1.fc4 +- version 6.4 final +- change release tag for FC4 (following Owen's scheme) +- convert tabs into spaces + * Tue Feb 15 2005 Aurelien Bompard 6.4-0.1.pre - update to 6.4pre to fix a vulnerability @@ -208,7 +213,7 @@ fi - only restart apache if we are upgrading - install and cp use the "-p" switch - use %%_datadir in /etc/httpd/conf.d/awstats.conf -- improve cron job +- improve cron job - don't brutally recode HTML pages - the scan is now done hourly instead of daily - *.pm files are not executable any more diff --git a/sources b/sources index e466828..45bd2b7 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -f4e236d2ab4c71933cb476b20172a68e awstats-6.4.tgz +056e6fb0c7351b17fe5bbbe0aa1297b1 awstats-6.4.tgz From 8d828a58a19a26124fe1800413b91d25ff6512e1 Mon Sep 17 00:00:00 2001 From: Aurelien Bompard Date: Mon, 22 Aug 2005 10:18:17 +0000 Subject: [PATCH 009/129] update to 6.5 beta, fixes CAN-2005-1527 --- .cvsignore | 2 +- awstats.spec | 15 +++++++++------ sources | 2 +- 3 files changed, 11 insertions(+), 8 deletions(-) diff --git a/.cvsignore b/.cvsignore index 2cc7c7f..87126cf 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1 +1 @@ -awstats-6.4.tgz +awstats-6.5.tar.gz diff --git a/awstats.spec b/awstats.spec index 8d3f032..f16ee27 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,12 +1,12 @@ Name: awstats -Version: 6.4 -Release: 1.fc4 +Version: 6.5 +Release: 0.1.050822%{?dist} Summary: Advanced Web Statistics License: GPL Group: Applications/Internet URL: http://awstats.sourceforge.net -Source0: http://dl.sf.net/awstats/awstats-6.4.tgz -#Source0: http://awstats.sourceforge.net/files/awstats-6.4.tgz +#Source0: http://dl.sf.net/awstats/awstats-6.5.tgz +Source0: http://awstats.sourceforge.net/files/awstats-6.5.tar.gz BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Requires: httpd @@ -151,9 +151,12 @@ fi %{_datadir}/%{name}/wwwroot/js %changelog -* Mon Mar 21 2005 Aurelien Bompard 6.4-1.fc4 +* Mon Aug 22 2005 Aurelien Bompard 6.5-1 +- version 6.5 (beta), fixes CAN-2005-1527 + +* Mon Mar 21 2005 Aurelien Bompard 6.4-1 - version 6.4 final -- change release tag for FC4 (following Owen's scheme) +- change release tag (following Owen's scheme) - convert tabs into spaces * Tue Feb 15 2005 Aurelien Bompard 6.4-0.1.pre diff --git a/sources b/sources index 45bd2b7..2ecfda0 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -056e6fb0c7351b17fe5bbbe0aa1297b1 awstats-6.4.tgz +a990f9dcdf26e585a326b316a79e5436 awstats-6.5.tar.gz From 4510fee846dc7600c983f9d055a33eb5315ff53c Mon Sep 17 00:00:00 2001 From: Aurelien Bompard Date: Wed, 11 Jan 2006 15:07:29 +0000 Subject: [PATCH 010/129] - version 6.5 final --- awstats.spec | 9 ++++++--- sources | 2 +- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/awstats.spec b/awstats.spec index f16ee27..395305f 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,12 +1,12 @@ Name: awstats Version: 6.5 -Release: 0.1.050822%{?dist} +Release: 1%{?dist} Summary: Advanced Web Statistics License: GPL Group: Applications/Internet URL: http://awstats.sourceforge.net -#Source0: http://dl.sf.net/awstats/awstats-6.5.tgz -Source0: http://awstats.sourceforge.net/files/awstats-6.5.tar.gz +Source0: http://dl.sf.net/awstats/awstats-6.5.tar.gz +#Source0: http://awstats.sourceforge.net/files/awstats-6.5.tar.gz BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Requires: httpd @@ -151,6 +151,9 @@ fi %{_datadir}/%{name}/wwwroot/js %changelog +* Wed Jan 11 2006 Aurelien Bompard 6.5-1 +- version 6.5 final + * Mon Aug 22 2005 Aurelien Bompard 6.5-1 - version 6.5 (beta), fixes CAN-2005-1527 diff --git a/sources b/sources index 2ecfda0..ed6e1ab 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -a990f9dcdf26e585a326b316a79e5436 awstats-6.5.tar.gz +aef00b2ff5c5413bd2a868299cabd69a awstats-6.5.tar.gz From aa0910236163080a1bf45bb8c62998c2dcc4bfd9 Mon Sep 17 00:00:00 2001 From: Aurelien Bompard Date: Thu, 23 Feb 2006 10:17:11 +0000 Subject: [PATCH 011/129] rebuild for FC5 --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index 395305f..daacad8 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 6.5 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Advanced Web Statistics License: GPL Group: Applications/Internet @@ -151,6 +151,9 @@ fi %{_datadir}/%{name}/wwwroot/js %changelog +* Thu Feb 23 2006 Aurelien Bompard 6.5-2 +- rebuild for FC5 + * Wed Jan 11 2006 Aurelien Bompard 6.5-1 - version 6.5 final From 441792cbfaf1dc4a5e2f0fecf664d4222b318363 Mon Sep 17 00:00:00 2001 From: Aurelien Bompard Date: Sun, 9 Apr 2006 15:30:31 +0000 Subject: [PATCH 012/129] selinux support --- awstats.spec | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index daacad8..1b82561 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 6.5 -Release: 2%{?dist} +Release: 3%{?dist} Summary: Advanced Web Statistics License: GPL Group: Applications/Internet @@ -13,6 +13,7 @@ Requires: httpd Requires: perl Requires(post): perl Requires(postun): /sbin/service +Requires(pre): policycoreutils %description Advanced Web Statistics is a powerful and featureful tool that generates @@ -112,6 +113,14 @@ install -m 0755 awstats.cron $RPM_BUILD_ROOT%{_sysconfdir}/cron.hourly/%{name} %clean rm -rf $RPM_BUILD_ROOT + +%pre +# Set SELinux types +semanage fcontext -a -t httpd_sys_script_exec_t \ + '/usr/share/awstats/wwwroot/cgi-bin(/.*)?' 2>/dev/null || : +semanage fcontext -a -t httpd_sys_script_rw_t '/var/lib/awstats(/.*)?' 2>/dev/null || : + + %post if [ $1 -eq 1 ]; then if [ ! -f %{_sysconfdir}/%{name}/%{name}.`hostname`.conf ]; then @@ -122,10 +131,15 @@ if [ $1 -eq 1 ]; then fi fi + %postun if [ $1 -ne 0 ]; then /sbin/service httpd condrestart >/dev/null 2>&1 fi +if [ $1 -eq 0 ]; then + semanage fcontext -d -t httpd_sys_script_exec_t \ + '/usr/share/awstats/wwwroot/cgi-bin(/.*)?' 2>/dev/null || : +fi %files @@ -151,6 +165,9 @@ fi %{_datadir}/%{name}/wwwroot/js %changelog +* Sun Apr 09 2006 Aurelien Bompard 6.5-3 +- SELinux support: use semanage to label the cgi and the database files + * Thu Feb 23 2006 Aurelien Bompard 6.5-2 - rebuild for FC5 From 8da1b759fcdc0c85ede7ea9f16ba87eda90ca731 Mon Sep 17 00:00:00 2001 From: Aurelien Bompard Date: Wed, 12 Apr 2006 19:16:45 +0000 Subject: [PATCH 013/129] add selinux support --- awstats.README.SELinux | 35 +++++++++++++++++++++++++++++++++ awstats.spec | 44 +++++++++++++++++++++++++----------------- 2 files changed, 61 insertions(+), 18 deletions(-) create mode 100644 awstats.README.SELinux diff --git a/awstats.README.SELinux b/awstats.README.SELinux new file mode 100644 index 0000000..2d29be3 --- /dev/null +++ b/awstats.README.SELinux @@ -0,0 +1,35 @@ +========================== +SELinux support in AWStats +========================== + + +What is the problem ? +--------------------- + +AWStats is a CGI script, and needs to be labelled correctly to be called +from Apache. +The files in ``/usr/share/awstats/wwwroot/cgi-bin`` need to have the +``httpd_sys_script_exec_t`` type, and the databases files in +``/var/lib/awstats`` need to have the ``httpd_sys_script_rw_t`` type. + + +How do we solve it ? +-------------------- + +You can change the type with the ``chcon`` command:: + + chcon -R -t httpd_sys_script_exec_t /usr/share/awstats/wwwroot/cgi-bin + chcon -R -t httpd_sys_script_rw_t /var/lib/awstats + +But these modifications will be lost if the system is relabeled (you can +request a relabel with the system-config-security tool). + +To make these changes permanent, this package sets the contexts by running +the following commands:: + + semanage fcontext -a -t httpd_sys_script_exec_t \ + '/usr/share/awstats/wwwroot/cgi-bin(/.*)?' + semanage fcontext -a -t httpd_sys_script_rw_t '/var/lib/awstats(/.*)?' + + +Please send your bug reports (if any ;) ) to https://bugzilla.redhat.com diff --git a/awstats.spec b/awstats.spec index 1b82561..9b21b99 100644 --- a/awstats.spec +++ b/awstats.spec @@ -7,13 +7,13 @@ Group: Applications/Internet URL: http://awstats.sourceforge.net Source0: http://dl.sf.net/awstats/awstats-6.5.tar.gz #Source0: http://awstats.sourceforge.net/files/awstats-6.5.tar.gz +Source1: awstats.README.SELinux BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Requires: httpd Requires: perl -Requires(post): perl -Requires(postun): /sbin/service -Requires(pre): policycoreutils +Requires(post): perl, policycoreutils +Requires(postun): /sbin/service, policycoreutils %description Advanced Web Statistics is a powerful and featureful tool that generates @@ -31,18 +31,19 @@ The program also supports virtual servers, plugins and a lot of features. With the default configuration, the statistics are available: http://localhost/awstats/awstats.pl + %prep %setup -q - # Fix style sheets. perl -pi -e 's,/icon,/awstatsicons,g' wwwroot/css/* - # Fix some bad file permissions here for convenience. chmod -x tools/httpd_conf find tools/xslt -type f | xargs chmod -x - # Remove \r in conf file (file written on MS Windows) perl -pi -e 's/\r//g' tools/httpd_conf +# SELinux README +cp -a %{SOURCE1} README.SELinux + %install rm -rf $RPM_BUILD_ROOT @@ -80,7 +81,7 @@ rm -f $RPM_BUILD_ROOT%{_datadir}/%{name}/wwwroot/cgi-bin/awstats.model.conf ### Commit permanent changes to default configuration install -p -m 644 wwwroot/cgi-bin/awstats.model.conf \ $RPM_BUILD_ROOT/%{_sysconfdir}/%{name}/%{name}.model.conf -%{__perl} -pi -e ' +perl -pi -e ' s|^LogFile=.*$|LogFile="%{_localstatedir}/log/httpd/access_log"|; s|^DirData=.*$|DirData="%{_localstatedir}/lib/awstats"|; s|^DirCgi=.*$|DirCgi="/awstats"|; @@ -91,16 +92,17 @@ install -p -m 644 wwwroot/cgi-bin/awstats.model.conf \ s|^SaveDatabaseFilesWithPermissionsForEveryone=.*$|SaveDatabaseFilesWithPermissionsForEveryone=0|; s|^SkipHosts=.*$|SkipHosts="127.0.0.1"|; s|^Expires=.*$|Expires=3600|; - ' $RPM_BUILD_ROOT/%{_sysconfdir}/%{name}/%{name}.model.conf + ' $RPM_BUILD_ROOT/%{_sysconfdir}/%{name}/%{name}.model.conf install -p -m 644 $RPM_BUILD_ROOT/%{_sysconfdir}/%{name}/%{name}.{model,localhost.localdomain}.conf # Fix scripts -%{__perl} -pi -e 's|/usr/local/awstats|%{_datadir}/awstats|g' \ +perl -pi -e 's|/usr/local/awstats|%{_datadir}/awstats|g' \ $RPM_BUILD_ROOT%{_datadir}/%{name}/tools/{*.pl,httpd_conf} # Apache configuration install -p -m 644 tools/httpd_conf $RPM_BUILD_ROOT/%{_sysconfdir}/httpd/conf.d/%{name}.conf -%{__perl} -pi -e 's|/usr/local|%{_datadir}|g' $RPM_BUILD_ROOT/%{_sysconfdir}/httpd/conf.d/%{name}.conf +perl -pi -e 's|/usr/local|%{_datadir}|g;s|Allow from all|Allow from 127.0.0.1|g' \ + $RPM_BUILD_ROOT/%{_sysconfdir}/httpd/conf.d/%{name}.conf echo "# Additional Perl modules SetEnv PERL5LIB %{_datadir}/awstats/lib:%{_datadir}/awstats/plugins @@ -114,13 +116,6 @@ install -m 0755 awstats.cron $RPM_BUILD_ROOT%{_sysconfdir}/cron.hourly/%{name} rm -rf $RPM_BUILD_ROOT -%pre -# Set SELinux types -semanage fcontext -a -t httpd_sys_script_exec_t \ - '/usr/share/awstats/wwwroot/cgi-bin(/.*)?' 2>/dev/null || : -semanage fcontext -a -t httpd_sys_script_rw_t '/var/lib/awstats(/.*)?' 2>/dev/null || : - - %post if [ $1 -eq 1 ]; then if [ ! -f %{_sysconfdir}/%{name}/%{name}.`hostname`.conf ]; then @@ -130,18 +125,28 @@ if [ $1 -eq 1 ]; then ' > %{_sysconfdir}/%{name}/%{name}.`hostname`.conf || : fi fi +### SELinux support ### +# Set SELinux file_context +semanage fcontext -a -t httpd_sys_script_exec_t \ + '%{_datadir}/awstats/wwwroot/cgi-bin(/.*)?' 2>/dev/null || : +semanage fcontext -a -t httpd_sys_script_rw_t '%{_localstatedir}/lib/awstats(/.*)?' 2>/dev/null || : +# Actually change the context +chcon -R -t httpd_sys_script_exec_t %{_datadir}/awstats/wwwroot/cgi-bin +chcon -R -t httpd_sys_script_rw_t %{_localstatedir}/lib/awstats %postun if [ $1 -ne 0 ]; then /sbin/service httpd condrestart >/dev/null 2>&1 fi +# SELinux support if [ $1 -eq 0 ]; then semanage fcontext -d -t httpd_sys_script_exec_t \ '/usr/share/awstats/wwwroot/cgi-bin(/.*)?' 2>/dev/null || : fi + %files %defattr(-,root,root,755) # Apache configuration file @@ -155,7 +160,7 @@ fi %{_datadir}/%{name}/wwwroot/cgi-bin # Different defattr to fix lots of files which should not be +x. %defattr(644,root,root,755) -%doc README.TXT docs/* +%doc README.TXT docs/* README.SELinux %{_datadir}/%{name}/lang %{_datadir}/%{name}/lib %{_datadir}/%{name}/plugins @@ -164,9 +169,12 @@ fi %{_datadir}/%{name}/wwwroot/icon %{_datadir}/%{name}/wwwroot/js + + %changelog * Sun Apr 09 2006 Aurelien Bompard 6.5-3 - SELinux support: use semanage to label the cgi and the database files +- Only allow access from localhost by default (this app has a security history) * Thu Feb 23 2006 Aurelien Bompard 6.5-2 - rebuild for FC5 From 2b78b3a54bf99576bad14aba7859bf8732c7e87b Mon Sep 17 00:00:00 2001 From: Aurelien Bompard Date: Sun, 7 May 2006 08:17:10 +0000 Subject: [PATCH 014/129] version 6.6 (beta), fixes CVE-2005-2732 (bug 190921, 190922, and 190923) --- .cvsignore | 2 +- awstats.spec | 18 +++++++++++------- sources | 2 +- 3 files changed, 13 insertions(+), 9 deletions(-) diff --git a/.cvsignore b/.cvsignore index 87126cf..7c5881f 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1 +1 @@ -awstats-6.5.tar.gz +awstats-6.6.tar.gz diff --git a/awstats.spec b/awstats.spec index 9b21b99..fe368ec 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,12 +1,12 @@ Name: awstats -Version: 6.5 -Release: 3%{?dist} +Version: 6.6 +Release: 0.1.beta%{?dist} Summary: Advanced Web Statistics License: GPL Group: Applications/Internet URL: http://awstats.sourceforge.net -Source0: http://dl.sf.net/awstats/awstats-6.5.tar.gz -#Source0: http://awstats.sourceforge.net/files/awstats-6.5.tar.gz +#Source0: http://dl.sf.net/awstats/awstats-6.6.tar.gz +Source0: http://awstats.sourceforge.net/files/awstats-6.6.tar.gz Source1: awstats.README.SELinux BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -131,8 +131,8 @@ semanage fcontext -a -t httpd_sys_script_exec_t \ '%{_datadir}/awstats/wwwroot/cgi-bin(/.*)?' 2>/dev/null || : semanage fcontext -a -t httpd_sys_script_rw_t '%{_localstatedir}/lib/awstats(/.*)?' 2>/dev/null || : # Actually change the context -chcon -R -t httpd_sys_script_exec_t %{_datadir}/awstats/wwwroot/cgi-bin -chcon -R -t httpd_sys_script_rw_t %{_localstatedir}/lib/awstats +chcon -R -t httpd_sys_script_exec_t %{_datadir}/awstats/wwwroot/cgi-bin || : +chcon -R -t httpd_sys_script_rw_t %{_localstatedir}/lib/awstats || : %postun @@ -142,7 +142,8 @@ fi # SELinux support if [ $1 -eq 0 ]; then semanage fcontext -d -t httpd_sys_script_exec_t \ - '/usr/share/awstats/wwwroot/cgi-bin(/.*)?' 2>/dev/null || : + '%{_datadir}/awstats/wwwroot/cgi-bin(/.*)?' 2>/dev/null || : + semanage fcontext -d -t httpd_sys_script_rw_t '%{_localstatedir}/lib/awstats(/.*)?' 2>/dev/null || : fi @@ -172,6 +173,9 @@ fi %changelog +* Sun May 07 2006 Aurelien Bompard 6.6-0.1.beta +- version 6.6 (beta), fixes CVE-2005-2732 (bug 190921, 190922, and 190923) + * Sun Apr 09 2006 Aurelien Bompard 6.5-3 - SELinux support: use semanage to label the cgi and the database files - Only allow access from localhost by default (this app has a security history) diff --git a/sources b/sources index ed6e1ab..1725bff 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -aef00b2ff5c5413bd2a868299cabd69a awstats-6.5.tar.gz +c9b65c5a58011fdb4ec611feec17eee4 awstats-6.6.tar.gz From 57e26338d5046dd07badbe78e691e5b0223b253b Mon Sep 17 00:00:00 2001 From: Aurelien Bompard Date: Sun, 7 May 2006 23:40:35 +0000 Subject: [PATCH 015/129] revert to version 6.5 (build failed for FC-4 and 5 anyway) and backport the fix for the vulnerability --- awstats.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index fe368ec..28377fe 100644 --- a/awstats.spec +++ b/awstats.spec @@ -49,7 +49,7 @@ cp -a %{SOURCE1} README.SELinux rm -rf $RPM_BUILD_ROOT ### Create cron job -%{__cat} <awstats.cron +cat <awstats.cron #!/bin/bash if [ -f %{_localstatedir}/log/httpd/access_log ] ; then From f12e5ac2784265ca225eb3fa155265e44311afb9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ville=20Skytt=C3=A4?= Date: Sun, 27 Aug 2006 20:16:03 +0000 Subject: [PATCH 016/129] http://fedoraproject.org/wiki/Extras/Schedule/FC6MassRebuild --- needs.rebuild | 1 + 1 file changed, 1 insertion(+) create mode 100644 needs.rebuild diff --git a/needs.rebuild b/needs.rebuild new file mode 100644 index 0000000..815fd29 --- /dev/null +++ b/needs.rebuild @@ -0,0 +1 @@ +http://fedoraproject.org/wiki/Extras/Schedule/FC6MassRebuild From 95b4e6ba149198b65b6002eb24fcffa837371d02 Mon Sep 17 00:00:00 2001 From: Aurelien Bompard Date: Wed, 30 Aug 2006 14:29:10 +0000 Subject: [PATCH 017/129] rebuild --- awstats.spec | 5 ++++- needs.rebuild | 1 - 2 files changed, 4 insertions(+), 2 deletions(-) delete mode 100644 needs.rebuild diff --git a/awstats.spec b/awstats.spec index 28377fe..4074413 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 6.6 -Release: 0.1.beta%{?dist} +Release: 0.2.beta%{?dist} Summary: Advanced Web Statistics License: GPL Group: Applications/Internet @@ -173,6 +173,9 @@ fi %changelog +* Wed Aug 30 2006 Aurelien Bompard 6.6-0.2.beta +- rebuild + * Sun May 07 2006 Aurelien Bompard 6.6-0.1.beta - version 6.6 (beta), fixes CVE-2005-2732 (bug 190921, 190922, and 190923) diff --git a/needs.rebuild b/needs.rebuild deleted file mode 100644 index 815fd29..0000000 --- a/needs.rebuild +++ /dev/null @@ -1 +0,0 @@ -http://fedoraproject.org/wiki/Extras/Schedule/FC6MassRebuild From 2c2048432d17095d399ff87e5a1cf413f9ab133e Mon Sep 17 00:00:00 2001 From: Aurelien Bompard Date: Mon, 30 Oct 2006 14:05:09 +0000 Subject: [PATCH 018/129] fix dos encoding on logresolvemerge.pl (bug 212965) --- awstats.spec | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/awstats.spec b/awstats.spec index 4074413..f9c1257 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 6.6 -Release: 0.2.beta%{?dist} +Release: 0.3.beta%{?dist} Summary: Advanced Web Statistics License: GPL Group: Applications/Internet @@ -40,7 +40,7 @@ perl -pi -e 's,/icon,/awstatsicons,g' wwwroot/css/* chmod -x tools/httpd_conf find tools/xslt -type f | xargs chmod -x # Remove \r in conf file (file written on MS Windows) -perl -pi -e 's/\r//g' tools/httpd_conf +perl -pi -e 's/\r//g' tools/httpd_conf tools/logresolvemerge.pl # SELinux README cp -a %{SOURCE1} README.SELinux @@ -173,6 +173,9 @@ fi %changelog +* Mon Oct 30 2006 Aurelien Bompard 6.6-0.3.beta +- fix DOS encoding on logresolvemerge.pl + * Wed Aug 30 2006 Aurelien Bompard 6.6-0.2.beta - rebuild From 0f887237691a4a0b1a04c6c1e2516922034102d7 Mon Sep 17 00:00:00 2001 From: Aurelien Bompard Date: Fri, 3 Nov 2006 07:27:53 +0000 Subject: [PATCH 019/129] fix bug 213803 --- awstats.spec | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/awstats.spec b/awstats.spec index f9c1257..3aa9283 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 6.6 -Release: 0.3.beta%{?dist} +Release: 0.4.beta%{?dist} Summary: Advanced Web Statistics License: GPL Group: Applications/Internet @@ -54,7 +54,7 @@ cat <awstats.cron if [ -f %{_localstatedir}/log/httpd/access_log ] ; then exec perl %{_datadir}/awstats/tools/awstats_updateall.pl now \ - -confdir="%{_sysconfdir}/awstats" \ + -configdir="%{_sysconfdir}/awstats" \ -awstatsprog="%{_datadir}/awstats/wwwroot/cgi-bin/awstats.pl" >/dev/null fi exit 0 @@ -173,6 +173,9 @@ fi %changelog +* Fri Nov 03 2006 Aurelien Bompard 6.6-0.4.beta +- fix typo in the cron job (bug 213803) + * Mon Oct 30 2006 Aurelien Bompard 6.6-0.3.beta - fix DOS encoding on logresolvemerge.pl From 398ab943577c28189cb887c55817cd2a574dc84e Mon Sep 17 00:00:00 2001 From: Aurelien Bompard Date: Sun, 7 Jan 2007 21:24:42 +0000 Subject: [PATCH 020/129] version 6.6 final --- awstats.spec | 9 ++++++--- sources | 2 +- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/awstats.spec b/awstats.spec index 3aa9283..725b7a9 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,12 +1,12 @@ Name: awstats Version: 6.6 -Release: 0.4.beta%{?dist} +Release: 1%{?dist} Summary: Advanced Web Statistics License: GPL Group: Applications/Internet URL: http://awstats.sourceforge.net -#Source0: http://dl.sf.net/awstats/awstats-6.6.tar.gz -Source0: http://awstats.sourceforge.net/files/awstats-6.6.tar.gz +Source0: http://dl.sf.net/awstats/awstats-6.6.tar.gz +#Source0: http://awstats.sourceforge.net/files/awstats-6.6.tar.gz Source1: awstats.README.SELinux BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -173,6 +173,9 @@ fi %changelog +* Sun Jan 07 2007 Aurelien Bompard 6.6-1 +- version 6.6 final + * Fri Nov 03 2006 Aurelien Bompard 6.6-0.4.beta - fix typo in the cron job (bug 213803) diff --git a/sources b/sources index 1725bff..b661447 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -c9b65c5a58011fdb4ec611feec17eee4 awstats-6.6.tar.gz +38e393edb530d409fdf7f79127a7548e awstats-6.6.tar.gz From 101f160a6fe223540b56349d13159a9dba88dc2e Mon Sep 17 00:00:00 2001 From: Aurelien Bompard Date: Mon, 13 Aug 2007 11:47:07 +0000 Subject: [PATCH 021/129] - split SElinux bits in the -selinux package (bug 250637) - use an SElinux module instead of semanage - update to version 6.7 --- .cvsignore | 2 +- awstats-6.7-xmlhistory.patch | 325 +++++++++++++++++++++++++++++++++++ awstats.spec | 80 +++++++-- sources | 2 +- 4 files changed, 388 insertions(+), 21 deletions(-) create mode 100644 awstats-6.7-xmlhistory.patch diff --git a/.cvsignore b/.cvsignore index 7c5881f..20be2b7 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1 +1 @@ -awstats-6.6.tar.gz +awstats-6.7.tar.gz diff --git a/awstats-6.7-xmlhistory.patch b/awstats-6.7-xmlhistory.patch new file mode 100644 index 0000000..a73750c --- /dev/null +++ b/awstats-6.7-xmlhistory.patch @@ -0,0 +1,325 @@ +--- wwwroot/cgi-bin/awstats.pl 2007/07/07 11:00:05 1.892 ++++ wwwroot/cgi-bin/awstats.pl 2007/07/12 21:38:20 1.894 +@@ -2211,7 +2211,7 @@ + } + + # Analyze fields +- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); ++ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); + if (! $field[0]) { next; } + + # Here version MUST be defined +@@ -2282,7 +2282,7 @@ + } + $_=; + chomp $_; s/\r//; +- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; ++ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; + } + until ($field[0] eq 'END_MISC' || $field[0] eq "${xmleb}END_MISC" || ! $_); + if ($field[0] ne 'END_MISC' && $field[0] ne "${xmleb}END_MISC") { error("History file \"$filetoread\" is corrupted (End of section MISC not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } +@@ -2313,7 +2313,7 @@ + } + $_=; + chomp $_; s/\r//; +- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; ++ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; + } + until ($field[0] eq 'END_CLUSTER' || $field[0] eq "${xmleb}END_CLUSTER" || ! $_); + if ($field[0] ne 'END_CLUSTER' && $field[0] ne "${xmleb}END_CLUSTER") { error("History file \"$filetoread\" is corrupted (End of section CLUSTER not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } +@@ -2357,7 +2357,7 @@ + } + $_=; + chomp $_; s/\r//; +- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; ++ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; + } + until ($field[0] eq 'END_TIME' || $field[0] eq "${xmleb}END_TIME" || ! $_); + if ($field[0] ne 'END_TIME' && $field[0] ne "${xmleb}END_TIME") { error("History file \"$filetoread\" is corrupted (End of section TIME not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } +@@ -2396,7 +2396,7 @@ + } + $_=; + chomp $_; s/\r//; +- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; ++ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; + } + until ($field[0] eq 'END_ORIGIN' || $field[0] eq "${xmleb}END_ORIGIN" || ! $_); + if ($field[0] ne 'END_ORIGIN' && $field[0] ne "${xmleb}END_ORIGIN") { error("History file \"$filetoread\" is corrupted (End of section ORIGIN not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } +@@ -2427,7 +2427,7 @@ + } + $_=; + chomp $_; s/\r//; +- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; ++ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; + } + until ($field[0] eq 'END_DAY' || $field[0] eq "${xmleb}END_DAY" || ! $_); + if ($field[0] ne 'END_DAY' && $field[0] ne "${xmleb}END_DAY") { error("History file \"$filetoread\" is corrupted (End of section DAY not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } +@@ -2534,7 +2534,7 @@ + } + $_=; + chomp $_; s/\r//; +- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; ++ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; + } + until ($field[0] eq 'END_VISITOR' || $field[0] eq "${xmleb}END_VISITOR" || ! $_); + if ($field[0] ne 'END_VISITOR' && $field[0] ne "${xmleb}END_VISITOR") { error("History file \"$filetoread\" is corrupted (End of section VISITOR not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } +@@ -2564,7 +2564,7 @@ + } + $_=; + chomp $_; s/\r//; +- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; ++ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; + } + until ($field[0] eq 'END_UNKNOWNIP' || $field[0] eq "${xmleb}END_UNKNOWNIP" || ! $_); + if ($field[0] ne 'END_UNKNOWNIP' && $field[0] ne "${xmleb}END_UNKNOWNIP") { error("History file \"$filetoread\" is corrupted (End of section UNKOWNIP not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } +@@ -2602,7 +2602,7 @@ + } + $_=; + chomp $_; s/\r//; +- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; ++ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; + } + until ($field[0] eq 'END_LOGIN' || $field[0] eq "${xmleb}END_LOGIN" || ! $_); + if ($field[0] ne 'END_LOGIN' && $field[0] ne "${xmleb}END_LOGIN") { error("History file \"$filetoread\" is corrupted (End of section LOGIN not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } +@@ -2632,7 +2632,7 @@ + } + $_=; + chomp $_; s/\r//; +- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; ++ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; + } + until ($field[0] eq 'END_DOMAIN' || $field[0] eq "${xmleb}END_DOMAIN" || ! $_); + if ($field[0] ne 'END_DOMAIN' && $field[0] ne "${xmleb}END_DOMAIN") { error("History file \"$filetoread\" is corrupted (End of section DOMAIN not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } +@@ -2660,7 +2660,7 @@ + } + $_=; + chomp $_; s/\r//; +- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; ++ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; + } + until ($field[0] eq 'END_SESSION' || $field[0] eq "${xmleb}END_SESSION" || ! $_); + if ($field[0] ne 'END_SESSION' && $field[0] ne "${xmleb}END_SESSION") { error("History file \"$filetoread\" is corrupted (End of section SESSION not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } +@@ -2689,7 +2689,7 @@ + } + $_=; + chomp $_; s/\r//; +- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; ++ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; + } + until ($field[0] eq 'END_OS' || $field[0] eq "${xmleb}END_OS" || ! $_); + if ($field[0] ne 'END_OS' && $field[0] ne "${xmleb}END_OS") { error("History file \"$filetoread\" is corrupted (End of section OS not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } +@@ -2717,7 +2717,7 @@ + } + $_=; + chomp $_; s/\r//; +- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; ++ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; + } + until ($field[0] eq 'END_BROWSER' || $field[0] eq "${xmleb}END_BROWSER" || ! $_); + if ($field[0] ne 'END_BROWSER' && $field[0] ne "${xmleb}END_BROWSER") { error("History file \"$filetoread\" is corrupted (End of section BROWSER not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } +@@ -2745,7 +2745,7 @@ + } + $_=; + chomp $_; s/\r//; +- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; ++ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; + } + until ($field[0] eq 'END_UNKNOWNREFERER' || $field[0] eq "${xmleb}END_UNKNOWNREFERER" || ! $_); + if ($field[0] ne 'END_UNKNOWNREFERER' && $field[0] ne "${xmleb}END_UNKNOWNREFERER") { error("History file \"$filetoread\" is corrupted (End of section UNKNOWNREFERER not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } +@@ -2773,7 +2773,7 @@ + } + $_=; + chomp $_; s/\r//; +- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; ++ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; + } + until ($field[0] eq 'END_UNKNOWNREFERERBROWSER' || $field[0] eq "${xmleb}END_UNKNOWNREFERERBROWSER" || ! $_); + if ($field[0] ne 'END_UNKNOWNREFERERBROWSER' && $field[0] ne "${xmleb}END_UNKNOWNREFERERBROWSER") { error("History file \"$filetoread\" is corrupted (End of section UNKNOWNREFERERBROWSER not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } +@@ -2801,7 +2801,7 @@ + } + $_=; + chomp $_; s/\r//; +- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; ++ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; + } + until ($field[0] eq 'END_SCREENSIZE' || $field[0] eq "${xmleb}END_SCREENSIZE" || ! $_); + if ($field[0] ne 'END_SCREENSIZE' && $field[0] ne "${xmleb}END_SCREENSIZE") { error("History file \"$filetoread\" is corrupted (End of section SCREENSIZE not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } +@@ -2832,7 +2832,7 @@ + } + $_=; + chomp $_; s/\r//; +- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; ++ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; + } + until ($field[0] eq 'END_ROBOT' || $field[0] eq "${xmleb}END_ROBOT" || ! $_); + if ($field[0] ne 'END_ROBOT' && $field[0] ne "${xmleb}END_ROBOT") { error("History file \"$filetoread\" is corrupted (End of section ROBOT not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } +@@ -2862,7 +2862,7 @@ + } + $_=; + chomp $_; s/\r//; +- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; ++ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; + } + until ($field[0] eq 'END_WORMS' || $field[0] eq "${xmleb}END_WORMS" || ! $_); + if ($field[0] ne 'END_WORMS' && $field[0] ne "${xmleb}END_WORMS") { error("History file \"$filetoread\" is corrupted (End of section WORMS not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } +@@ -2892,7 +2892,7 @@ + } + $_=; + chomp $_; s/\r//; +- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; ++ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; + } + until ($field[0] eq 'END_EMAILSENDER' || $field[0] eq "${xmleb}END_EMAILSENDER" || ! $_); + if ($field[0] ne 'END_EMAILSENDER' && $field[0] ne "${xmleb}END_EMAILSENDER") { error("History file \"$filetoread\" is corrupted (End of section EMAILSENDER not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } +@@ -2922,7 +2922,7 @@ + } + $_=; + chomp $_; s/\r//; +- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; ++ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; + } + until ($field[0] eq 'END_EMAILRECEIVER' || $field[0] eq "${xmleb}END_EMAILRECEIVER" || ! $_); + if ($field[0] ne 'END_EMAILRECEIVER' && $field[0] ne "${xmleb}END_EMAILRECEIVER") { error("History file \"$filetoread\" is corrupted (End of section EMAILRECEIVER not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } +@@ -2984,7 +2984,7 @@ + } + $_=; + chomp $_; s/\r//; +- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; ++ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; + } + until ($field[0] eq 'END_SIDER' || $field[0] eq "${xmleb}END_SIDER" || ! $_); + if ($field[0] ne 'END_SIDER' && $field[0] ne "${xmleb}END_SIDER") { error("History file \"$filetoread\" is corrupted (End of section SIDER not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } +@@ -3016,7 +3016,7 @@ + } + $_=; + chomp $_; s/\r//; +- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; ++ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; + } + until ($field[0] eq 'END_FILETYPES' || $field[0] eq "${xmleb}END_FILETYPES" || ! $_); + if ($field[0] ne 'END_FILETYPES' && $field[0] ne "${xmleb}END_FILETYPES") { error("History file \"$filetoread\" is corrupted (End of section FILETYPES not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } +@@ -3066,7 +3066,7 @@ + } + $_=; + chomp $_; s/\r//; +- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; ++ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; + } + until ($field[0] eq 'END_SEREFERRALS' || $field[0] eq "${xmleb}END_SEREFERRALS" || ! $_); + if ($field[0] ne 'END_SEREFERRALS' && $field[0] ne "${xmleb}END_SEREFERRALS") { error("History file \"$filetoread\" is corrupted (End of section SEREFERRALS not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } +@@ -3109,7 +3109,7 @@ + } + $_=; + chomp $_; s/\r//; +- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; ++ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; + } + until ($field[0] eq 'END_PAGEREFS' || $field[0] eq "${xmleb}END_PAGEREFS" || ! $_); + if ($field[0] ne 'END_PAGEREFS' && $field[0] ne "${xmleb}END_PAGEREFS") { error("History file \"$filetoread\" is corrupted (End of section PAGEREFS not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } +@@ -3173,7 +3173,7 @@ + } + $_=; + chomp $_; s/\r//; +- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; ++ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; + } + until ($field[0] eq 'END_SEARCHWORDS' || $field[0] eq "${xmleb}END_SEARCHWORDS" || ! $_); + if ($field[0] ne 'END_SEARCHWORDS' && $field[0] ne "${xmleb}END_SEARCHWORDS") { error("History file \"$filetoread\" is corrupted (End of section SEARCHWORDS not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } +@@ -3210,7 +3210,7 @@ + } + $_=; + chomp $_; s/\r//; +- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; ++ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; + } + until ($field[0] eq 'END_KEYWORDS' || $field[0] eq "${xmleb}END_KEYWORDS" || ! $_); + if ($field[0] ne 'END_KEYWORDS' && $field[0] ne "${xmleb}END_KEYWORDS") { error("History file \"$filetoread\" is corrupted (End of section KEYWORDS not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } +@@ -3239,7 +3239,7 @@ + } + $_=; + chomp $_; s/\r//; +- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; ++ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; + } + until ($field[0] eq 'END_ERRORS' || $field[0] eq "${xmleb}END_ERRORS" || ! $_); + if ($field[0] ne 'END_ERRORS' && $field[0] ne "${xmleb}END_ERRORS") { error("History file \"$filetoread\" is corrupted (End of section ERRORS not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } +@@ -3271,7 +3271,7 @@ + } + $_=; + chomp $_; s/\r//; +- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; ++ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; + } + until ($field[0] eq "END_SIDER_$code" || $field[0] eq "${xmleb}END_SIDER_$code" || ! $_); + if ($field[0] ne "END_SIDER_$code" && $field[0] ne "${xmleb}END_SIDER_$code") { error("History file \"$filetoread\" is corrupted (End of section SIDER_$code not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } +@@ -3304,7 +3304,7 @@ + } + $_=; + chomp $_; s/\r//; +- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; ++ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; + } + until ($field[0] eq "END_EXTRA_$extranum" || $field[0] eq "${xmleb}END_EXTRA_$extranum" || ! $_); + if ($field[0] ne "END_EXTRA_$extranum" && $field[0] ne "${xmleb}END_EXTRA_$extranum") { error("History file \"$filetoread\" is corrupted (End of section EXTRA_$extranum not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } +@@ -3352,7 +3352,7 @@ + do { + $_=; + chomp $_; s/\r//; +- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; ++ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; + } + until ($field[0] eq "END_PLUGIN_$pluginname" || $field[0] eq "${xmleb}END_PLUGIN_$pluginname" || ! $_); + } +@@ -3811,13 +3811,13 @@ + $keysinkeylist{$_}=1; + my $newkey=$_; + $newkey =~ s/([^:])\/\//$1\//g; # Because some targeted url were taped with 2 / (Ex: //rep//file.htm). We must keep http://rep/file.htm +- print HISTORYTMP "${xmlrb}$newkey${xmlrs}".int($_url_p{$_}||0)."${xmlrs}".int($_url_k{$_}||0)."${xmlrs}".int($_url_e{$_}||0)."${xmlrs}".int($_url_x{$_}||0)."${xmlre}\n"; ++ print HISTORYTMP "${xmlrb}".XMLEncodeForHisto($newkey)."${xmlrs}".int($_url_p{$_}||0)."${xmlrs}".int($_url_k{$_}||0)."${xmlrs}".int($_url_e{$_}||0)."${xmlrs}".int($_url_x{$_}||0)."${xmlre}\n"; + } + foreach (keys %_url_p) { + if ($keysinkeylist{$_}) { next; } + my $newkey=$_; + $newkey =~ s/([^:])\/\//$1\//g; # Because some targeted url were taped with 2 / (Ex: //rep//file.htm). We must keep http://rep/file.htm +- print HISTORYTMP "${xmlrb}$newkey ".int($_url_p{$_}||0)."${xmlrs}".int($_url_k{$_}||0)."${xmlrs}".int($_url_e{$_}||0)."${xmlrs}".int($_url_x{$_}||0)."${xmlre}\n"; ++ print HISTORYTMP "${xmlrb}".XMLEncodeForHisto($newkey)."${xmlrs}".int($_url_p{$_}||0)."${xmlrs}".int($_url_k{$_}||0)."${xmlrs}".int($_url_e{$_}||0)."${xmlrs}".int($_url_x{$_}||0)."${xmlre}\n"; + } + print HISTORYTMP "${xmleb}END_SIDER${xmlee}\n"; + } +@@ -4340,7 +4340,8 @@ + } + + #------------------------------------------------------------------------------ +-# Function: Transforms spaces into %20 and special chars by entities as needed in XML/XHTML ++# Function: Transforms spaces into %20 and special chars by HTML entities as needed in XML/XHTML ++# Decoding is done by XMLDecodeFromHisto + # Parameters: stringtoencode + # Return: encodedstring + #------------------------------------------------------------------------------ +@@ -4348,6 +4349,7 @@ + my $string = shift; + $string =~ s/\s/%20/g; + if ($BuildHistoryFormat ne 'xml') { return $string; } ++ $string =~ s/=/%3d/g; + $string =~ s/&/&/g; + $string =~ s//>/g; +@@ -4445,10 +4447,16 @@ + # Output: None + # Return: decodedstring + #------------------------------------------------------------------------------ +-sub CleanFromTags { ++sub XMLDecodeFromHisto { + my $stringtoclean=shift; + $stringtoclean =~ s/$regclean1/ /g; # Replace or with space +- $stringtoclean =~ s/$regclean2//g; # Remove ++ $stringtoclean =~ s/$regclean2//g; # Remove others ++ $stringtoclean =~ s/%3d/=/g; ++ $stringtoclean =~ s/&/&/g; ++ $stringtoclean =~ s/<//g; ++ $stringtoclean =~ s/"/\"/g; ++ $stringtoclean =~ s/'/\'/g; + return $stringtoclean; + } + diff --git a/awstats.spec b/awstats.spec index 725b7a9..79f2c66 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,19 +1,25 @@ Name: awstats -Version: 6.6 +Version: 6.7 Release: 1%{?dist} Summary: Advanced Web Statistics License: GPL Group: Applications/Internet URL: http://awstats.sourceforge.net -Source0: http://dl.sf.net/awstats/awstats-6.6.tar.gz +Source0: http://dl.sf.net/awstats/awstats-%{version}.tar.gz #Source0: http://awstats.sourceforge.net/files/awstats-6.6.tar.gz Source1: awstats.README.SELinux + +# Fix pb in xml output for history files +# http://awstats.cvs.sourceforge.net/awstats/awstats/wwwroot/cgi-bin/awstats.pl?r1=1.892&r2=1.894&view=patch +Patch0: awstats-6.7-xmlhistory.patch + BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) +BuildRequires: checkpolicy, selinux-policy-devel Requires: httpd Requires: perl -Requires(post): perl, policycoreutils -Requires(postun): /sbin/service, policycoreutils +Requires(post): perl +Requires(postun): /sbin/service %description Advanced Web Statistics is a powerful and featureful tool that generates @@ -31,9 +37,23 @@ The program also supports virtual servers, plugins and a lot of features. With the default configuration, the statistics are available: http://localhost/awstats/awstats.pl +%package selinux +Summary: SELinux support for Awstats +Group: Applications/Internet +Requires: %{name} = %{version} +Requires(post): policycoreutils +Requires(preun): policycoreutils +Requires(postun): policycoreutils + +%description selinux +This package adds SELinux enforcement to AWstats. + %prep %setup -q +# No backup or it will be installed +#%%patch0 -p0 -b .xmlhistory +%patch0 -p0 # Fix style sheets. perl -pi -e 's,/icon,/awstatsicons,g' wwwroot/css/* # Fix some bad file permissions here for convenience. @@ -43,6 +63,7 @@ find tools/xslt -type f | xargs chmod -x perl -pi -e 's/\r//g' tools/httpd_conf tools/logresolvemerge.pl # SELinux README cp -a %{SOURCE1} README.SELinux +mkdir selinux %install @@ -111,6 +132,15 @@ echo "# Additional Perl modules # Cron job install -m 0755 awstats.cron $RPM_BUILD_ROOT%{_sysconfdir}/cron.hourly/%{name} +# SELinux support +cd selinux +echo 'policy_module(%{name}, 1.0)' > %{name}.te +echo '%{_datadir}/awstats/wwwroot/cgi-bin(/.*)? system_u:object_r:httpd_sys_script_exec_t:s0' > %{name}.fc +echo '%{_localstatedir}/lib/awstats(/.*)? system_u:object_r:httpd_sys_script_rw_t:s0' >> %{name}.fc +touch %{name}.if +make -f %{_datadir}/selinux/devel/Makefile +install -p -m 644 -D %{name}.pp $RPM_BUILD_ROOT%{_datadir}/selinux/packages/%{name}/%{name}.pp + %clean rm -rf $RPM_BUILD_ROOT @@ -125,27 +155,29 @@ if [ $1 -eq 1 ]; then ' > %{_sysconfdir}/%{name}/%{name}.`hostname`.conf || : fi fi -### SELinux support ### -# Set SELinux file_context -semanage fcontext -a -t httpd_sys_script_exec_t \ - '%{_datadir}/awstats/wwwroot/cgi-bin(/.*)?' 2>/dev/null || : -semanage fcontext -a -t httpd_sys_script_rw_t '%{_localstatedir}/lib/awstats(/.*)?' 2>/dev/null || : -# Actually change the context -chcon -R -t httpd_sys_script_exec_t %{_datadir}/awstats/wwwroot/cgi-bin || : -chcon -R -t httpd_sys_script_rw_t %{_localstatedir}/lib/awstats || : - %postun if [ $1 -ne 0 ]; then /sbin/service httpd condrestart >/dev/null 2>&1 fi -# SELinux support -if [ $1 -eq 0 ]; then - semanage fcontext -d -t httpd_sys_script_exec_t \ - '%{_datadir}/awstats/wwwroot/cgi-bin(/.*)?' 2>/dev/null || : - semanage fcontext -d -t httpd_sys_script_rw_t '%{_localstatedir}/lib/awstats(/.*)?' 2>/dev/null || : + +%post selinux +if [ "$1" -le "1" ]; then # Fist install + semodule -i %{_datadir}/selinux/packages/%{name}/%{name}.pp 2>/dev/null || : + fixfiles -R %{name} restore fi +%preun selinux +if [ "$1" -lt "1" ]; then # Final removal + semodule -r %{name} 2>/dev/null || : + fixfiles -R %{name} restore +fi + +%postun selinux +if [ "$1" -ge "1" ]; then # Upgrade + # Replaces the module if it is already loaded + semodule -i %{_datadir}/selinux/packages/%{name}/%{name}.pp 2>/dev/null || : +fi %files @@ -161,7 +193,7 @@ fi %{_datadir}/%{name}/wwwroot/cgi-bin # Different defattr to fix lots of files which should not be +x. %defattr(644,root,root,755) -%doc README.TXT docs/* README.SELinux +%doc README.TXT docs/* %{_datadir}/%{name}/lang %{_datadir}/%{name}/lib %{_datadir}/%{name}/plugins @@ -171,8 +203,18 @@ fi %{_datadir}/%{name}/wwwroot/js +%files selinux +%defattr(644, root, root, 755) +%doc README.SELinux +%{_datadir}/selinux/packages/%{name}/%{name}.pp + %changelog +* Mon Aug 13 2007 Aurelien Bompard 6.7-1 +- split SElinux bits in the -selinux package (bug 250637) +- use an SElinux module instead of semanage +- update to version 6.7 + * Sun Jan 07 2007 Aurelien Bompard 6.6-1 - version 6.6 final diff --git a/sources b/sources index b661447..89dc12a 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -38e393edb530d409fdf7f79127a7548e awstats-6.6.tar.gz +512cd146247eb178ef023c924f7bb766 awstats-6.7.tar.gz From 5298e18897c5e63ce0d2255322648817d935a0c4 Mon Sep 17 00:00:00 2001 From: Aurelien Bompard Date: Sun, 26 Aug 2007 08:53:18 +0000 Subject: [PATCH 022/129] fix license tag --- awstats.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index 79f2c66..72ffed4 100644 --- a/awstats.spec +++ b/awstats.spec @@ -2,7 +2,7 @@ Name: awstats Version: 6.7 Release: 1%{?dist} Summary: Advanced Web Statistics -License: GPL +License: GPLv2 Group: Applications/Internet URL: http://awstats.sourceforge.net Source0: http://dl.sf.net/awstats/awstats-%{version}.tar.gz From bfe7b8b946eb014a7001620d7c6a5191a000de57 Mon Sep 17 00:00:00 2001 From: Aurelien Bompard Date: Sun, 2 Dec 2007 17:01:51 +0000 Subject: [PATCH 023/129] - awstats does not actually require httpd (bug 406901) --- awstats.spec | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/awstats.spec b/awstats.spec index 72ffed4..76fc2c7 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 6.7 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Advanced Web Statistics License: GPLv2 Group: Applications/Internet @@ -16,7 +16,6 @@ Patch0: awstats-6.7-xmlhistory.patch BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: checkpolicy, selinux-policy-devel -Requires: httpd Requires: perl Requires(post): perl Requires(postun): /sbin/service @@ -210,6 +209,9 @@ fi %changelog +* Sun Dec 02 2007 Aurelien Bompard 6.7-2 +- awstats does not actually require httpd (bug 406901) + * Mon Aug 13 2007 Aurelien Bompard 6.7-1 - split SElinux bits in the -selinux package (bug 250637) - use an SElinux module instead of semanage From ce1806098f1e4c49a7c86145c39d5de19e4119d2 Mon Sep 17 00:00:00 2001 From: Aurelien Bompard Date: Sat, 15 Mar 2008 15:03:04 +0000 Subject: [PATCH 024/129] - SELinux policy is included upstream - Fix cron job (bug 435101) --- awstats.README.SELinux | 35 +++-------------------- awstats.spec | 65 ++++++++++++++++-------------------------- 2 files changed, 29 insertions(+), 71 deletions(-) diff --git a/awstats.README.SELinux b/awstats.README.SELinux index 2d29be3..efb6ff4 100644 --- a/awstats.README.SELinux +++ b/awstats.README.SELinux @@ -2,34 +2,7 @@ SELinux support in AWStats ========================== - -What is the problem ? ---------------------- - -AWStats is a CGI script, and needs to be labelled correctly to be called -from Apache. -The files in ``/usr/share/awstats/wwwroot/cgi-bin`` need to have the -``httpd_sys_script_exec_t`` type, and the databases files in -``/var/lib/awstats`` need to have the ``httpd_sys_script_rw_t`` type. - - -How do we solve it ? --------------------- - -You can change the type with the ``chcon`` command:: - - chcon -R -t httpd_sys_script_exec_t /usr/share/awstats/wwwroot/cgi-bin - chcon -R -t httpd_sys_script_rw_t /var/lib/awstats - -But these modifications will be lost if the system is relabeled (you can -request a relabel with the system-config-security tool). - -To make these changes permanent, this package sets the contexts by running -the following commands:: - - semanage fcontext -a -t httpd_sys_script_exec_t \ - '/usr/share/awstats/wwwroot/cgi-bin(/.*)?' - semanage fcontext -a -t httpd_sys_script_rw_t '/var/lib/awstats(/.*)?' - - -Please send your bug reports (if any ;) ) to https://bugzilla.redhat.com +SELinux support for AWStats used to be provided by this package, but is now +included in the main SELinux policy. This package is only there to help you +move to the upstream module. +You can now safely remove it diff --git a/awstats.spec b/awstats.spec index 76fc2c7..83c1d4e 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 6.7 -Release: 2%{?dist} +Release: 3%{?dist} Summary: Advanced Web Statistics License: GPLv2 Group: Applications/Internet @@ -15,11 +15,15 @@ Patch0: awstats-6.7-xmlhistory.patch BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) -BuildRequires: checkpolicy, selinux-policy-devel Requires: perl Requires(post): perl Requires(postun): /sbin/service +## SELinux policy is now included upstream +#Obsoletes: awstats-selinux <= 6.7-2 +#Provides: awstats-selinux = %{version}-%{release} + + %description Advanced Web Statistics is a powerful and featureful tool that generates advanced web server graphic statistics. This server log analyzer works @@ -36,16 +40,15 @@ The program also supports virtual servers, plugins and a lot of features. With the default configuration, the statistics are available: http://localhost/awstats/awstats.pl + %package selinux Summary: SELinux support for Awstats Group: Applications/Internet Requires: %{name} = %{version} -Requires(post): policycoreutils -Requires(preun): policycoreutils -Requires(postun): policycoreutils +Requires(postun): policycoreutils, selinux-policy %description selinux -This package adds SELinux enforcement to AWstats. +This package helps moving to the upstream SELinux module. %prep @@ -62,7 +65,6 @@ find tools/xslt -type f | xargs chmod -x perl -pi -e 's/\r//g' tools/httpd_conf tools/logresolvemerge.pl # SELinux README cp -a %{SOURCE1} README.SELinux -mkdir selinux %install @@ -71,12 +73,9 @@ rm -rf $RPM_BUILD_ROOT ### Create cron job cat <awstats.cron #!/bin/bash - -if [ -f %{_localstatedir}/log/httpd/access_log ] ; then - exec perl %{_datadir}/awstats/tools/awstats_updateall.pl now \ - -configdir="%{_sysconfdir}/awstats" \ - -awstatsprog="%{_datadir}/awstats/wwwroot/cgi-bin/awstats.pl" >/dev/null -fi +exec %{_datadir}/awstats/tools/awstats_updateall.pl now \ + -configdir="%{_sysconfdir}/awstats" \ + -awstatsprog="%{_datadir}/awstats/wwwroot/cgi-bin/awstats.pl" >/dev/null exit 0 EOF @@ -131,15 +130,6 @@ echo "# Additional Perl modules # Cron job install -m 0755 awstats.cron $RPM_BUILD_ROOT%{_sysconfdir}/cron.hourly/%{name} -# SELinux support -cd selinux -echo 'policy_module(%{name}, 1.0)' > %{name}.te -echo '%{_datadir}/awstats/wwwroot/cgi-bin(/.*)? system_u:object_r:httpd_sys_script_exec_t:s0' > %{name}.fc -echo '%{_localstatedir}/lib/awstats(/.*)? system_u:object_r:httpd_sys_script_rw_t:s0' >> %{name}.fc -touch %{name}.if -make -f %{_datadir}/selinux/devel/Makefile -install -p -m 644 -D %{name}.pp $RPM_BUILD_ROOT%{_datadir}/selinux/packages/%{name}/%{name}.pp - %clean rm -rf $RPM_BUILD_ROOT @@ -161,28 +151,21 @@ if [ $1 -ne 0 ]; then fi %post selinux -if [ "$1" -le "1" ]; then # Fist install - semodule -i %{_datadir}/selinux/packages/%{name}/%{name}.pp 2>/dev/null || : - fixfiles -R %{name} restore -fi - -%preun selinux -if [ "$1" -lt "1" ]; then # Final removal - semodule -r %{name} 2>/dev/null || : - fixfiles -R %{name} restore -fi - -%postun selinux -if [ "$1" -ge "1" ]; then # Upgrade - # Replaces the module if it is already loaded - semodule -i %{_datadir}/selinux/packages/%{name}/%{name}.pp 2>/dev/null || : +if selinuxenabled; then + # Replace the module by the upstream one + . /etc/selinux/config 2>/dev/null || : + semodule -i %{_datadir}/selinux/$SELINUXTYPE/%{name}.pp 2>/dev/null || : + # relabel files + fixfiles -R %{name} restore || : + # relabel data + restorecon -R %{_localstatedir}/lib/%{name} || : fi %files %defattr(-,root,root,755) # Apache configuration file -%config %{_sysconfdir}/httpd/conf.d/%{name}.conf +%config(noreplace) %{_sysconfdir}/httpd/conf.d/%{name}.conf %config(noreplace) %attr(755,root,root) %{_sysconfdir}/cron.hourly/%{name} %config(noreplace) %{_sysconfdir}/%{name}/ %{_localstatedir}/lib/%{name} @@ -201,14 +184,16 @@ fi %{_datadir}/%{name}/wwwroot/icon %{_datadir}/%{name}/wwwroot/js - %files selinux %defattr(644, root, root, 755) %doc README.SELinux -%{_datadir}/selinux/packages/%{name}/%{name}.pp %changelog +* Fri Mar 14 2008 Aurelien Bompard 6.7-3 +- SELinux policy is included upstream +- Fix cron job (bug 435101) + * Sun Dec 02 2007 Aurelien Bompard 6.7-2 - awstats does not actually require httpd (bug 406901) From 6e8ffcee0907562430c412e8e579e5ba272e20ee Mon Sep 17 00:00:00 2001 From: Aurelien Bompard Date: Mon, 21 Jul 2008 21:11:08 +0000 Subject: [PATCH 025/129] - version 6.8 --- .cvsignore | 2 +- awstats-6.7-xmlhistory.patch | 325 ----------------------------------- awstats.README.SELinux | 8 - awstats.spec | 51 ++---- sources | 2 +- 5 files changed, 13 insertions(+), 375 deletions(-) delete mode 100644 awstats-6.7-xmlhistory.patch delete mode 100644 awstats.README.SELinux diff --git a/.cvsignore b/.cvsignore index 20be2b7..fe295bb 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1 +1 @@ -awstats-6.7.tar.gz +awstats-6.8.tar.gz diff --git a/awstats-6.7-xmlhistory.patch b/awstats-6.7-xmlhistory.patch deleted file mode 100644 index a73750c..0000000 --- a/awstats-6.7-xmlhistory.patch +++ /dev/null @@ -1,325 +0,0 @@ ---- wwwroot/cgi-bin/awstats.pl 2007/07/07 11:00:05 1.892 -+++ wwwroot/cgi-bin/awstats.pl 2007/07/12 21:38:20 1.894 -@@ -2211,7 +2211,7 @@ - } - - # Analyze fields -- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); -+ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); - if (! $field[0]) { next; } - - # Here version MUST be defined -@@ -2282,7 +2282,7 @@ - } - $_=; - chomp $_; s/\r//; -- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; -+ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; - } - until ($field[0] eq 'END_MISC' || $field[0] eq "${xmleb}END_MISC" || ! $_); - if ($field[0] ne 'END_MISC' && $field[0] ne "${xmleb}END_MISC") { error("History file \"$filetoread\" is corrupted (End of section MISC not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } -@@ -2313,7 +2313,7 @@ - } - $_=; - chomp $_; s/\r//; -- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; -+ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; - } - until ($field[0] eq 'END_CLUSTER' || $field[0] eq "${xmleb}END_CLUSTER" || ! $_); - if ($field[0] ne 'END_CLUSTER' && $field[0] ne "${xmleb}END_CLUSTER") { error("History file \"$filetoread\" is corrupted (End of section CLUSTER not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } -@@ -2357,7 +2357,7 @@ - } - $_=; - chomp $_; s/\r//; -- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; -+ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; - } - until ($field[0] eq 'END_TIME' || $field[0] eq "${xmleb}END_TIME" || ! $_); - if ($field[0] ne 'END_TIME' && $field[0] ne "${xmleb}END_TIME") { error("History file \"$filetoread\" is corrupted (End of section TIME not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } -@@ -2396,7 +2396,7 @@ - } - $_=; - chomp $_; s/\r//; -- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; -+ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; - } - until ($field[0] eq 'END_ORIGIN' || $field[0] eq "${xmleb}END_ORIGIN" || ! $_); - if ($field[0] ne 'END_ORIGIN' && $field[0] ne "${xmleb}END_ORIGIN") { error("History file \"$filetoread\" is corrupted (End of section ORIGIN not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } -@@ -2427,7 +2427,7 @@ - } - $_=; - chomp $_; s/\r//; -- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; -+ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; - } - until ($field[0] eq 'END_DAY' || $field[0] eq "${xmleb}END_DAY" || ! $_); - if ($field[0] ne 'END_DAY' && $field[0] ne "${xmleb}END_DAY") { error("History file \"$filetoread\" is corrupted (End of section DAY not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } -@@ -2534,7 +2534,7 @@ - } - $_=; - chomp $_; s/\r//; -- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; -+ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; - } - until ($field[0] eq 'END_VISITOR' || $field[0] eq "${xmleb}END_VISITOR" || ! $_); - if ($field[0] ne 'END_VISITOR' && $field[0] ne "${xmleb}END_VISITOR") { error("History file \"$filetoread\" is corrupted (End of section VISITOR not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } -@@ -2564,7 +2564,7 @@ - } - $_=; - chomp $_; s/\r//; -- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; -+ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; - } - until ($field[0] eq 'END_UNKNOWNIP' || $field[0] eq "${xmleb}END_UNKNOWNIP" || ! $_); - if ($field[0] ne 'END_UNKNOWNIP' && $field[0] ne "${xmleb}END_UNKNOWNIP") { error("History file \"$filetoread\" is corrupted (End of section UNKOWNIP not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } -@@ -2602,7 +2602,7 @@ - } - $_=; - chomp $_; s/\r//; -- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; -+ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; - } - until ($field[0] eq 'END_LOGIN' || $field[0] eq "${xmleb}END_LOGIN" || ! $_); - if ($field[0] ne 'END_LOGIN' && $field[0] ne "${xmleb}END_LOGIN") { error("History file \"$filetoread\" is corrupted (End of section LOGIN not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } -@@ -2632,7 +2632,7 @@ - } - $_=; - chomp $_; s/\r//; -- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; -+ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; - } - until ($field[0] eq 'END_DOMAIN' || $field[0] eq "${xmleb}END_DOMAIN" || ! $_); - if ($field[0] ne 'END_DOMAIN' && $field[0] ne "${xmleb}END_DOMAIN") { error("History file \"$filetoread\" is corrupted (End of section DOMAIN not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } -@@ -2660,7 +2660,7 @@ - } - $_=; - chomp $_; s/\r//; -- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; -+ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; - } - until ($field[0] eq 'END_SESSION' || $field[0] eq "${xmleb}END_SESSION" || ! $_); - if ($field[0] ne 'END_SESSION' && $field[0] ne "${xmleb}END_SESSION") { error("History file \"$filetoread\" is corrupted (End of section SESSION not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } -@@ -2689,7 +2689,7 @@ - } - $_=; - chomp $_; s/\r//; -- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; -+ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; - } - until ($field[0] eq 'END_OS' || $field[0] eq "${xmleb}END_OS" || ! $_); - if ($field[0] ne 'END_OS' && $field[0] ne "${xmleb}END_OS") { error("History file \"$filetoread\" is corrupted (End of section OS not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } -@@ -2717,7 +2717,7 @@ - } - $_=; - chomp $_; s/\r//; -- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; -+ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; - } - until ($field[0] eq 'END_BROWSER' || $field[0] eq "${xmleb}END_BROWSER" || ! $_); - if ($field[0] ne 'END_BROWSER' && $field[0] ne "${xmleb}END_BROWSER") { error("History file \"$filetoread\" is corrupted (End of section BROWSER not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } -@@ -2745,7 +2745,7 @@ - } - $_=; - chomp $_; s/\r//; -- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; -+ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; - } - until ($field[0] eq 'END_UNKNOWNREFERER' || $field[0] eq "${xmleb}END_UNKNOWNREFERER" || ! $_); - if ($field[0] ne 'END_UNKNOWNREFERER' && $field[0] ne "${xmleb}END_UNKNOWNREFERER") { error("History file \"$filetoread\" is corrupted (End of section UNKNOWNREFERER not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } -@@ -2773,7 +2773,7 @@ - } - $_=; - chomp $_; s/\r//; -- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; -+ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; - } - until ($field[0] eq 'END_UNKNOWNREFERERBROWSER' || $field[0] eq "${xmleb}END_UNKNOWNREFERERBROWSER" || ! $_); - if ($field[0] ne 'END_UNKNOWNREFERERBROWSER' && $field[0] ne "${xmleb}END_UNKNOWNREFERERBROWSER") { error("History file \"$filetoread\" is corrupted (End of section UNKNOWNREFERERBROWSER not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } -@@ -2801,7 +2801,7 @@ - } - $_=; - chomp $_; s/\r//; -- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; -+ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; - } - until ($field[0] eq 'END_SCREENSIZE' || $field[0] eq "${xmleb}END_SCREENSIZE" || ! $_); - if ($field[0] ne 'END_SCREENSIZE' && $field[0] ne "${xmleb}END_SCREENSIZE") { error("History file \"$filetoread\" is corrupted (End of section SCREENSIZE not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } -@@ -2832,7 +2832,7 @@ - } - $_=; - chomp $_; s/\r//; -- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; -+ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; - } - until ($field[0] eq 'END_ROBOT' || $field[0] eq "${xmleb}END_ROBOT" || ! $_); - if ($field[0] ne 'END_ROBOT' && $field[0] ne "${xmleb}END_ROBOT") { error("History file \"$filetoread\" is corrupted (End of section ROBOT not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } -@@ -2862,7 +2862,7 @@ - } - $_=; - chomp $_; s/\r//; -- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; -+ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; - } - until ($field[0] eq 'END_WORMS' || $field[0] eq "${xmleb}END_WORMS" || ! $_); - if ($field[0] ne 'END_WORMS' && $field[0] ne "${xmleb}END_WORMS") { error("History file \"$filetoread\" is corrupted (End of section WORMS not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } -@@ -2892,7 +2892,7 @@ - } - $_=; - chomp $_; s/\r//; -- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; -+ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; - } - until ($field[0] eq 'END_EMAILSENDER' || $field[0] eq "${xmleb}END_EMAILSENDER" || ! $_); - if ($field[0] ne 'END_EMAILSENDER' && $field[0] ne "${xmleb}END_EMAILSENDER") { error("History file \"$filetoread\" is corrupted (End of section EMAILSENDER not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } -@@ -2922,7 +2922,7 @@ - } - $_=; - chomp $_; s/\r//; -- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; -+ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; - } - until ($field[0] eq 'END_EMAILRECEIVER' || $field[0] eq "${xmleb}END_EMAILRECEIVER" || ! $_); - if ($field[0] ne 'END_EMAILRECEIVER' && $field[0] ne "${xmleb}END_EMAILRECEIVER") { error("History file \"$filetoread\" is corrupted (End of section EMAILRECEIVER not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } -@@ -2984,7 +2984,7 @@ - } - $_=; - chomp $_; s/\r//; -- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; -+ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; - } - until ($field[0] eq 'END_SIDER' || $field[0] eq "${xmleb}END_SIDER" || ! $_); - if ($field[0] ne 'END_SIDER' && $field[0] ne "${xmleb}END_SIDER") { error("History file \"$filetoread\" is corrupted (End of section SIDER not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } -@@ -3016,7 +3016,7 @@ - } - $_=; - chomp $_; s/\r//; -- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; -+ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; - } - until ($field[0] eq 'END_FILETYPES' || $field[0] eq "${xmleb}END_FILETYPES" || ! $_); - if ($field[0] ne 'END_FILETYPES' && $field[0] ne "${xmleb}END_FILETYPES") { error("History file \"$filetoread\" is corrupted (End of section FILETYPES not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } -@@ -3066,7 +3066,7 @@ - } - $_=; - chomp $_; s/\r//; -- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; -+ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; - } - until ($field[0] eq 'END_SEREFERRALS' || $field[0] eq "${xmleb}END_SEREFERRALS" || ! $_); - if ($field[0] ne 'END_SEREFERRALS' && $field[0] ne "${xmleb}END_SEREFERRALS") { error("History file \"$filetoread\" is corrupted (End of section SEREFERRALS not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } -@@ -3109,7 +3109,7 @@ - } - $_=; - chomp $_; s/\r//; -- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; -+ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; - } - until ($field[0] eq 'END_PAGEREFS' || $field[0] eq "${xmleb}END_PAGEREFS" || ! $_); - if ($field[0] ne 'END_PAGEREFS' && $field[0] ne "${xmleb}END_PAGEREFS") { error("History file \"$filetoread\" is corrupted (End of section PAGEREFS not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } -@@ -3173,7 +3173,7 @@ - } - $_=; - chomp $_; s/\r//; -- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; -+ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; - } - until ($field[0] eq 'END_SEARCHWORDS' || $field[0] eq "${xmleb}END_SEARCHWORDS" || ! $_); - if ($field[0] ne 'END_SEARCHWORDS' && $field[0] ne "${xmleb}END_SEARCHWORDS") { error("History file \"$filetoread\" is corrupted (End of section SEARCHWORDS not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } -@@ -3210,7 +3210,7 @@ - } - $_=; - chomp $_; s/\r//; -- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; -+ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; - } - until ($field[0] eq 'END_KEYWORDS' || $field[0] eq "${xmleb}END_KEYWORDS" || ! $_); - if ($field[0] ne 'END_KEYWORDS' && $field[0] ne "${xmleb}END_KEYWORDS") { error("History file \"$filetoread\" is corrupted (End of section KEYWORDS not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } -@@ -3239,7 +3239,7 @@ - } - $_=; - chomp $_; s/\r//; -- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; -+ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; - } - until ($field[0] eq 'END_ERRORS' || $field[0] eq "${xmleb}END_ERRORS" || ! $_); - if ($field[0] ne 'END_ERRORS' && $field[0] ne "${xmleb}END_ERRORS") { error("History file \"$filetoread\" is corrupted (End of section ERRORS not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } -@@ -3271,7 +3271,7 @@ - } - $_=; - chomp $_; s/\r//; -- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; -+ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; - } - until ($field[0] eq "END_SIDER_$code" || $field[0] eq "${xmleb}END_SIDER_$code" || ! $_); - if ($field[0] ne "END_SIDER_$code" && $field[0] ne "${xmleb}END_SIDER_$code") { error("History file \"$filetoread\" is corrupted (End of section SIDER_$code not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } -@@ -3304,7 +3304,7 @@ - } - $_=; - chomp $_; s/\r//; -- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; -+ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; - } - until ($field[0] eq "END_EXTRA_$extranum" || $field[0] eq "${xmleb}END_EXTRA_$extranum" || ! $_); - if ($field[0] ne "END_EXTRA_$extranum" && $field[0] ne "${xmleb}END_EXTRA_$extranum") { error("History file \"$filetoread\" is corrupted (End of section EXTRA_$extranum not found).\nRestore a recent backup of this file (data for this month will be restored to backup date), remove it (data for month will be lost), or remove the corrupted section in file (data for at least this section will be lost).","","",1); } -@@ -3352,7 +3352,7 @@ - do { - $_=; - chomp $_; s/\r//; -- @field=split(/\s+/,($readxml?CleanFromTags($_):$_)); $countlines++; -+ @field=split(/\s+/,($readxml?XMLDecodeFromHisto($_):$_)); $countlines++; - } - until ($field[0] eq "END_PLUGIN_$pluginname" || $field[0] eq "${xmleb}END_PLUGIN_$pluginname" || ! $_); - } -@@ -3811,13 +3811,13 @@ - $keysinkeylist{$_}=1; - my $newkey=$_; - $newkey =~ s/([^:])\/\//$1\//g; # Because some targeted url were taped with 2 / (Ex: //rep//file.htm). We must keep http://rep/file.htm -- print HISTORYTMP "${xmlrb}$newkey${xmlrs}".int($_url_p{$_}||0)."${xmlrs}".int($_url_k{$_}||0)."${xmlrs}".int($_url_e{$_}||0)."${xmlrs}".int($_url_x{$_}||0)."${xmlre}\n"; -+ print HISTORYTMP "${xmlrb}".XMLEncodeForHisto($newkey)."${xmlrs}".int($_url_p{$_}||0)."${xmlrs}".int($_url_k{$_}||0)."${xmlrs}".int($_url_e{$_}||0)."${xmlrs}".int($_url_x{$_}||0)."${xmlre}\n"; - } - foreach (keys %_url_p) { - if ($keysinkeylist{$_}) { next; } - my $newkey=$_; - $newkey =~ s/([^:])\/\//$1\//g; # Because some targeted url were taped with 2 / (Ex: //rep//file.htm). We must keep http://rep/file.htm -- print HISTORYTMP "${xmlrb}$newkey ".int($_url_p{$_}||0)."${xmlrs}".int($_url_k{$_}||0)."${xmlrs}".int($_url_e{$_}||0)."${xmlrs}".int($_url_x{$_}||0)."${xmlre}\n"; -+ print HISTORYTMP "${xmlrb}".XMLEncodeForHisto($newkey)."${xmlrs}".int($_url_p{$_}||0)."${xmlrs}".int($_url_k{$_}||0)."${xmlrs}".int($_url_e{$_}||0)."${xmlrs}".int($_url_x{$_}||0)."${xmlre}\n"; - } - print HISTORYTMP "${xmleb}END_SIDER${xmlee}\n"; - } -@@ -4340,7 +4340,8 @@ - } - - #------------------------------------------------------------------------------ --# Function: Transforms spaces into %20 and special chars by entities as needed in XML/XHTML -+# Function: Transforms spaces into %20 and special chars by HTML entities as needed in XML/XHTML -+# Decoding is done by XMLDecodeFromHisto - # Parameters: stringtoencode - # Return: encodedstring - #------------------------------------------------------------------------------ -@@ -4348,6 +4349,7 @@ - my $string = shift; - $string =~ s/\s/%20/g; - if ($BuildHistoryFormat ne 'xml') { return $string; } -+ $string =~ s/=/%3d/g; - $string =~ s/&/&/g; - $string =~ s//>/g; -@@ -4445,10 +4447,16 @@ - # Output: None - # Return: decodedstring - #------------------------------------------------------------------------------ --sub CleanFromTags { -+sub XMLDecodeFromHisto { - my $stringtoclean=shift; - $stringtoclean =~ s/$regclean1/ /g; # Replace or with space -- $stringtoclean =~ s/$regclean2//g; # Remove -+ $stringtoclean =~ s/$regclean2//g; # Remove others -+ $stringtoclean =~ s/%3d/=/g; -+ $stringtoclean =~ s/&/&/g; -+ $stringtoclean =~ s/<//g; -+ $stringtoclean =~ s/"/\"/g; -+ $stringtoclean =~ s/'/\'/g; - return $stringtoclean; - } - diff --git a/awstats.README.SELinux b/awstats.README.SELinux deleted file mode 100644 index efb6ff4..0000000 --- a/awstats.README.SELinux +++ /dev/null @@ -1,8 +0,0 @@ -========================== -SELinux support in AWStats -========================== - -SELinux support for AWStats used to be provided by this package, but is now -included in the main SELinux policy. This package is only there to help you -move to the upstream module. -You can now safely remove it diff --git a/awstats.spec b/awstats.spec index 83c1d4e..e49be77 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,27 +1,23 @@ Name: awstats -Version: 6.7 -Release: 3%{?dist} +Version: 6.8 +Release: 1%{?dist} Summary: Advanced Web Statistics License: GPLv2 Group: Applications/Internet URL: http://awstats.sourceforge.net Source0: http://dl.sf.net/awstats/awstats-%{version}.tar.gz #Source0: http://awstats.sourceforge.net/files/awstats-6.6.tar.gz -Source1: awstats.README.SELinux - -# Fix pb in xml output for history files -# http://awstats.cvs.sourceforge.net/awstats/awstats/wwwroot/cgi-bin/awstats.pl?r1=1.892&r2=1.894&view=patch -Patch0: awstats-6.7-xmlhistory.patch BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) +BuildRequires: recode Requires: perl Requires(post): perl Requires(postun): /sbin/service ## SELinux policy is now included upstream -#Obsoletes: awstats-selinux <= 6.7-2 -#Provides: awstats-selinux = %{version}-%{release} +Obsoletes: awstats-selinux < 6.8-1 +Provides: awstats-selinux = %{version}-%{release} %description @@ -41,30 +37,17 @@ With the default configuration, the statistics are available: http://localhost/awstats/awstats.pl -%package selinux -Summary: SELinux support for Awstats -Group: Applications/Internet -Requires: %{name} = %{version} -Requires(postun): policycoreutils, selinux-policy - -%description selinux -This package helps moving to the upstream SELinux module. - - %prep %setup -q -# No backup or it will be installed -#%%patch0 -p0 -b .xmlhistory -%patch0 -p0 # Fix style sheets. perl -pi -e 's,/icon,/awstatsicons,g' wwwroot/css/* # Fix some bad file permissions here for convenience. chmod -x tools/httpd_conf find tools/xslt -type f | xargs chmod -x # Remove \r in conf file (file written on MS Windows) -perl -pi -e 's/\r//g' tools/httpd_conf tools/logresolvemerge.pl -# SELinux README -cp -a %{SOURCE1} README.SELinux +perl -pi -e 's/\r//g' docs/COPYING.TXT docs/LICENSE.TXT docs/pad_awstats.xml docs/awstats_changelog.txt docs/styles.css tools/httpd_conf tools/logresolvemerge.pl tools/awstats_exportlib.pl tools/awstats_buildstaticpages.pl tools/maillogconvert.pl tools/urlaliasbuilder.pl wwwroot/cgi-bin/awredir.pl +# Encoding +recode ISO-8859-1..UTF-8 docs/awstats_changelog.txt %install @@ -150,17 +133,6 @@ if [ $1 -ne 0 ]; then /sbin/service httpd condrestart >/dev/null 2>&1 fi -%post selinux -if selinuxenabled; then - # Replace the module by the upstream one - . /etc/selinux/config 2>/dev/null || : - semodule -i %{_datadir}/selinux/$SELINUXTYPE/%{name}.pp 2>/dev/null || : - # relabel files - fixfiles -R %{name} restore || : - # relabel data - restorecon -R %{_localstatedir}/lib/%{name} || : -fi - %files %defattr(-,root,root,755) @@ -184,12 +156,11 @@ fi %{_datadir}/%{name}/wwwroot/icon %{_datadir}/%{name}/wwwroot/js -%files selinux -%defattr(644, root, root, 755) -%doc README.SELinux - %changelog +* Mon Jul 21 2008 Aurelien Bompard 6.8-1 +- version 6.8 + * Fri Mar 14 2008 Aurelien Bompard 6.7-3 - SELinux policy is included upstream - Fix cron job (bug 435101) diff --git a/sources b/sources index 89dc12a..bb02ebc 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -512cd146247eb178ef023c924f7bb766 awstats-6.7.tar.gz +1a35d5a2ca29b31dabd650f3e5f173e9 awstats-6.8.tar.gz From fcde86813466bf06c6a854539558ab35a91f67d6 Mon Sep 17 00:00:00 2001 From: Aurelien Bompard Date: Sat, 23 Aug 2008 06:00:04 +0000 Subject: [PATCH 026/129] - Add upstream patch for CVE-2008-3714 --- awstats-6.8-CVE-2008-3714.patch | 43 +++++++++++++++++++++++++++++++++ awstats.spec | 10 +++++++- 2 files changed, 52 insertions(+), 1 deletion(-) create mode 100644 awstats-6.8-CVE-2008-3714.patch diff --git a/awstats-6.8-CVE-2008-3714.patch b/awstats-6.8-CVE-2008-3714.patch new file mode 100644 index 0000000..3de2f54 --- /dev/null +++ b/awstats-6.8-CVE-2008-3714.patch @@ -0,0 +1,43 @@ +--- awstats.pl 2008/04/21 21:13:28 1.910 ++++ awstats.pl 2008/07/27 17:44:11 1.912 +@@ -6,7 +6,7 @@ + # line or a browser to read report results. + # See AWStats documentation (in docs/ directory) for all setup instructions. + #------------------------------------------------------------------------------ +-# $Revision: 1.910 $ - $Author: eldy $ - $Date: 2008/04/21 21:13:28 $ ++# $Revision: 1.912 $ - $Author: eldy $ - $Date: 2008/07/27 17:44:11 $ + require 5.005; + + #$|=1; +@@ -21,8 +21,8 @@ + # Defines + #------------------------------------------------------------------------------ + use vars qw/ $REVISION $VERSION /; +-$REVISION='$Revision: 1.910 $'; $REVISION =~ /\s(.*)\s/; $REVISION=$1; +-$VERSION="6.8 (build $REVISION)"; ++$REVISION='$Revision: 1.912 $'; $REVISION =~ /\s(.*)\s/; $REVISION=$1; ++$VERSION="6.9 (build $REVISION)"; + + # ----- Constants ----- + use vars qw/ +@@ -4406,6 +4406,7 @@ + sub DecodeEncodedString { + my $stringtodecode=shift; + $stringtodecode =~ tr/\+/ /s; ++ $stringtodecode =~ s/%22//g; + $stringtodecode =~ s/%([A-F0-9][A-F0-9])/pack("C", hex($1))/ieg; + return $stringtodecode; + } +@@ -4458,9 +4459,12 @@ + #------------------------------------------------------------------------------ + sub CleanXSS { + my $stringtoclean=shift; ++ # To avoid html tags and javascript + $stringtoclean =~ s//>/g; + $stringtoclean =~ s/|//g; ++ # To avoid onload=" ++ $stringtoclean =~ s/onload//g; + return $stringtoclean; + } + diff --git a/awstats.spec b/awstats.spec index e49be77..11815ca 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,12 +1,14 @@ Name: awstats Version: 6.8 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Advanced Web Statistics License: GPLv2 Group: Applications/Internet URL: http://awstats.sourceforge.net Source0: http://dl.sf.net/awstats/awstats-%{version}.tar.gz #Source0: http://awstats.sourceforge.net/files/awstats-6.6.tar.gz +# http://awstats.cvs.sourceforge.net/awstats/awstats/wwwroot/cgi-bin/awstats.pl?r1=1.910&r2=1.912&view=patch +Patch0: awstats-6.8-CVE-2008-3714.patch BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -39,6 +41,9 @@ http://localhost/awstats/awstats.pl %prep %setup -q +pushd wwwroot/cgi-bin/ +%patch0 -p0 -b .CVE-2008-3714 +popd # Fix style sheets. perl -pi -e 's,/icon,/awstatsicons,g' wwwroot/css/* # Fix some bad file permissions here for convenience. @@ -158,6 +163,9 @@ fi %changelog +* Sat Aug 23 2008 Aurelien Bompard 6.8-2 +- Add upstream patch for CVE-2008-3714 + * Mon Jul 21 2008 Aurelien Bompard 6.8-1 - version 6.8 From 2fa8fd4d3b3ac4fd6f7264fa6fede5e9d183669a Mon Sep 17 00:00:00 2001 From: Aurelien Bompard Date: Sat, 6 Dec 2008 09:32:21 +0000 Subject: [PATCH 027/129] - Use Debian's patch for CVE-2008-3714 (rh#474396) --- awstats-6.8-CVE-2008-3714-debian.patch | 11 +++++++ awstats-6.8-CVE-2008-3714.patch | 43 -------------------------- awstats.spec | 9 +++--- 3 files changed, 16 insertions(+), 47 deletions(-) create mode 100644 awstats-6.8-CVE-2008-3714-debian.patch delete mode 100644 awstats-6.8-CVE-2008-3714.patch diff --git a/awstats-6.8-CVE-2008-3714-debian.patch b/awstats-6.8-CVE-2008-3714-debian.patch new file mode 100644 index 0000000..9111eb3 --- /dev/null +++ b/awstats-6.8-CVE-2008-3714-debian.patch @@ -0,0 +1,11 @@ +diff -up ./wwwroot/cgi-bin/awstats.pl.CVE-2008-3714 ./wwwroot/cgi-bin/awstats.pl +--- ./wwwroot/cgi-bin/awstats.pl.CVE-2008-3714 2008-12-06 10:19:42.000000000 +0100 ++++ ./wwwroot/cgi-bin/awstats.pl 2008-12-06 10:21:01.000000000 +0100 +@@ -4407,6 +4407,7 @@ sub DecodeEncodedString { + my $stringtodecode=shift; + $stringtodecode =~ tr/\+/ /s; + $stringtodecode =~ s/%([A-F0-9][A-F0-9])/pack("C", hex($1))/ieg; ++ $stringtodecode =~ s/["']//g; + return $stringtodecode; + } + diff --git a/awstats-6.8-CVE-2008-3714.patch b/awstats-6.8-CVE-2008-3714.patch deleted file mode 100644 index 3de2f54..0000000 --- a/awstats-6.8-CVE-2008-3714.patch +++ /dev/null @@ -1,43 +0,0 @@ ---- awstats.pl 2008/04/21 21:13:28 1.910 -+++ awstats.pl 2008/07/27 17:44:11 1.912 -@@ -6,7 +6,7 @@ - # line or a browser to read report results. - # See AWStats documentation (in docs/ directory) for all setup instructions. - #------------------------------------------------------------------------------ --# $Revision: 1.910 $ - $Author: eldy $ - $Date: 2008/04/21 21:13:28 $ -+# $Revision: 1.912 $ - $Author: eldy $ - $Date: 2008/07/27 17:44:11 $ - require 5.005; - - #$|=1; -@@ -21,8 +21,8 @@ - # Defines - #------------------------------------------------------------------------------ - use vars qw/ $REVISION $VERSION /; --$REVISION='$Revision: 1.910 $'; $REVISION =~ /\s(.*)\s/; $REVISION=$1; --$VERSION="6.8 (build $REVISION)"; -+$REVISION='$Revision: 1.912 $'; $REVISION =~ /\s(.*)\s/; $REVISION=$1; -+$VERSION="6.9 (build $REVISION)"; - - # ----- Constants ----- - use vars qw/ -@@ -4406,6 +4406,7 @@ - sub DecodeEncodedString { - my $stringtodecode=shift; - $stringtodecode =~ tr/\+/ /s; -+ $stringtodecode =~ s/%22//g; - $stringtodecode =~ s/%([A-F0-9][A-F0-9])/pack("C", hex($1))/ieg; - return $stringtodecode; - } -@@ -4458,9 +4459,12 @@ - #------------------------------------------------------------------------------ - sub CleanXSS { - my $stringtoclean=shift; -+ # To avoid html tags and javascript - $stringtoclean =~ s//>/g; - $stringtoclean =~ s/|//g; -+ # To avoid onload=" -+ $stringtoclean =~ s/onload//g; - return $stringtoclean; - } - diff --git a/awstats.spec b/awstats.spec index 11815ca..0d72ace 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 6.8 -Release: 2%{?dist} +Release: 3%{?dist} Summary: Advanced Web Statistics License: GPLv2 Group: Applications/Internet @@ -8,7 +8,7 @@ URL: http://awstats.sourceforge.net Source0: http://dl.sf.net/awstats/awstats-%{version}.tar.gz #Source0: http://awstats.sourceforge.net/files/awstats-6.6.tar.gz # http://awstats.cvs.sourceforge.net/awstats/awstats/wwwroot/cgi-bin/awstats.pl?r1=1.910&r2=1.912&view=patch -Patch0: awstats-6.8-CVE-2008-3714.patch +Patch0: awstats-6.8-CVE-2008-3714-debian.patch BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -41,9 +41,7 @@ http://localhost/awstats/awstats.pl %prep %setup -q -pushd wwwroot/cgi-bin/ %patch0 -p0 -b .CVE-2008-3714 -popd # Fix style sheets. perl -pi -e 's,/icon,/awstatsicons,g' wwwroot/css/* # Fix some bad file permissions here for convenience. @@ -163,6 +161,9 @@ fi %changelog +* Sat Dec 06 2008 Aurelien Bompard 6.8-3 +- Use Debian's patch for CVE-2008-3714 (rh#474396) + * Sat Aug 23 2008 Aurelien Bompard 6.8-2 - Add upstream patch for CVE-2008-3714 From ac46768c4ef8a795325ac173978f832bbbeee3f1 Mon Sep 17 00:00:00 2001 From: Aurelien Bompard Date: Wed, 31 Dec 2008 08:15:36 +0000 Subject: [PATCH 028/129] - version 6.9 - use Debian's version of the CVE-2008-3714 fix --- .cvsignore | 2 +- awstats-6.8-CVE-2008-3714-debian.patch | 11 ----------- awstats-6.9-CVE-2008-3714-debian.patch | 13 +++++++++++++ awstats.spec | 11 +++++++---- sources | 2 +- 5 files changed, 22 insertions(+), 17 deletions(-) delete mode 100644 awstats-6.8-CVE-2008-3714-debian.patch create mode 100644 awstats-6.9-CVE-2008-3714-debian.patch diff --git a/.cvsignore b/.cvsignore index fe295bb..37811e5 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1 +1 @@ -awstats-6.8.tar.gz +awstats-6.9.tar.gz diff --git a/awstats-6.8-CVE-2008-3714-debian.patch b/awstats-6.8-CVE-2008-3714-debian.patch deleted file mode 100644 index 9111eb3..0000000 --- a/awstats-6.8-CVE-2008-3714-debian.patch +++ /dev/null @@ -1,11 +0,0 @@ -diff -up ./wwwroot/cgi-bin/awstats.pl.CVE-2008-3714 ./wwwroot/cgi-bin/awstats.pl ---- ./wwwroot/cgi-bin/awstats.pl.CVE-2008-3714 2008-12-06 10:19:42.000000000 +0100 -+++ ./wwwroot/cgi-bin/awstats.pl 2008-12-06 10:21:01.000000000 +0100 -@@ -4407,6 +4407,7 @@ sub DecodeEncodedString { - my $stringtodecode=shift; - $stringtodecode =~ tr/\+/ /s; - $stringtodecode =~ s/%([A-F0-9][A-F0-9])/pack("C", hex($1))/ieg; -+ $stringtodecode =~ s/["']//g; - return $stringtodecode; - } - diff --git a/awstats-6.9-CVE-2008-3714-debian.patch b/awstats-6.9-CVE-2008-3714-debian.patch new file mode 100644 index 0000000..ad59113 --- /dev/null +++ b/awstats-6.9-CVE-2008-3714-debian.patch @@ -0,0 +1,13 @@ +diff -up ./wwwroot/cgi-bin/awstats.pl.CVE-2008-3714 ./wwwroot/cgi-bin/awstats.pl +--- ./wwwroot/cgi-bin/awstats.pl.CVE-2008-3714 2008-12-31 09:09:43.000000000 +0100 ++++ ./wwwroot/cgi-bin/awstats.pl 2008-12-31 09:10:11.000000000 +0100 +@@ -7521,8 +7521,8 @@ sub EncodeString { + sub DecodeEncodedString { + my $stringtodecode = shift; + $stringtodecode =~ tr/\+/ /s; +- $stringtodecode =~ s/%22//g; + $stringtodecode =~ s/%([A-F0-9][A-F0-9])/pack("C", hex($1))/ieg; ++ $stringtodecode =~ s/["']//g; + return $stringtodecode; + } + diff --git a/awstats.spec b/awstats.spec index 0d72ace..8dc5d63 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,14 +1,13 @@ Name: awstats -Version: 6.8 -Release: 3%{?dist} +Version: 6.9 +Release: 1%{?dist} Summary: Advanced Web Statistics License: GPLv2 Group: Applications/Internet URL: http://awstats.sourceforge.net Source0: http://dl.sf.net/awstats/awstats-%{version}.tar.gz #Source0: http://awstats.sourceforge.net/files/awstats-6.6.tar.gz -# http://awstats.cvs.sourceforge.net/awstats/awstats/wwwroot/cgi-bin/awstats.pl?r1=1.910&r2=1.912&view=patch -Patch0: awstats-6.8-CVE-2008-3714-debian.patch +Patch0: awstats-6.9-CVE-2008-3714-debian.patch BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -161,6 +160,10 @@ fi %changelog +* Wed Dec 31 2008 Aurelien Bompard 6.9-1 +- version 6.9 +- use Debian's version of the CVE-2008-3714 fix + * Sat Dec 06 2008 Aurelien Bompard 6.8-3 - Use Debian's patch for CVE-2008-3714 (rh#474396) diff --git a/sources b/sources index bb02ebc..2a32536 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -1a35d5a2ca29b31dabd650f3e5f173e9 awstats-6.8.tar.gz +fc19dbb8449eccf3300efb30ca3376cb awstats-6.9.tar.gz From b35de3f42923f0db7ad99aa21c4adba19d4e31dc Mon Sep 17 00:00:00 2001 From: Jesse Keating Date: Tue, 24 Feb 2009 03:46:07 +0000 Subject: [PATCH 029/129] - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index 8dc5d63..99e04ef 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 6.9 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Advanced Web Statistics License: GPLv2 Group: Applications/Internet @@ -160,6 +160,9 @@ fi %changelog +* Mon Feb 23 2009 Fedora Release Engineering - 6.9-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild + * Wed Dec 31 2008 Aurelien Bompard 6.9-1 - version 6.9 - use Debian's version of the CVE-2008-3714 fix From a4c0c1f79d697b8051d95a4305f6fd7a61c5bd5f Mon Sep 17 00:00:00 2001 From: Jesse Keating Date: Fri, 24 Jul 2009 17:43:43 +0000 Subject: [PATCH 030/129] - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index 99e04ef..d962f0b 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 6.9 -Release: 2%{?dist} +Release: 3%{?dist} Summary: Advanced Web Statistics License: GPLv2 Group: Applications/Internet @@ -160,6 +160,9 @@ fi %changelog +* Fri Jul 24 2009 Fedora Release Engineering - 6.9-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + * Mon Feb 23 2009 Fedora Release Engineering - 6.9-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild From 8c278e41f944d57d3c5da9d8d15ea9d336e178c9 Mon Sep 17 00:00:00 2001 From: Aurelien Bompard Date: Fri, 21 Aug 2009 19:51:27 +0000 Subject: [PATCH 031/129] - don't backup the cgi when patching (#518168) --- awstats.spec | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/awstats.spec b/awstats.spec index d962f0b..06f977e 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 6.9 -Release: 3%{?dist} +Release: 4%{?dist} Summary: Advanced Web Statistics License: GPLv2 Group: Applications/Internet @@ -40,7 +40,7 @@ http://localhost/awstats/awstats.pl %prep %setup -q -%patch0 -p0 -b .CVE-2008-3714 +%patch0 -p0 # Fix style sheets. perl -pi -e 's,/icon,/awstatsicons,g' wwwroot/css/* # Fix some bad file permissions here for convenience. @@ -160,6 +160,9 @@ fi %changelog +* Fri Aug 21 2009 Aurelien Bompard - 6.9-4 +- don't backup the cgi when patching (#518168) + * Fri Jul 24 2009 Fedora Release Engineering - 6.9-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild From bfb4bddb03dda265f65c17808ea09b14b20beb7b Mon Sep 17 00:00:00 2001 From: Bill Nottingham Date: Wed, 25 Nov 2009 22:43:06 +0000 Subject: [PATCH 032/129] Fix typo that causes a failure to update the common directory. (releng #2781) --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 63c5a86..eba022d 100644 --- a/Makefile +++ b/Makefile @@ -4,7 +4,7 @@ NAME := awstats SPECFILE = $(firstword $(wildcard *.spec)) define find-makefile-common -for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done +for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$d/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done endef MAKEFILE_COMMON := $(shell $(find-makefile-common)) From 43d7fc86e1c8167bcb27b8520e2144817f142bda Mon Sep 17 00:00:00 2001 From: Aurelien Bompard Date: Thu, 26 Nov 2009 05:27:36 +0000 Subject: [PATCH 033/129] - version 6.95 (security fix) - drop patch0 --- .cvsignore | 2 +- awstats-6.9-CVE-2008-3714-debian.patch | 13 ------------- awstats.spec | 11 ++++++----- sources | 2 +- 4 files changed, 8 insertions(+), 20 deletions(-) delete mode 100644 awstats-6.9-CVE-2008-3714-debian.patch diff --git a/.cvsignore b/.cvsignore index 37811e5..a48706a 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1 +1 @@ -awstats-6.9.tar.gz +awstats-6.95.tar.gz diff --git a/awstats-6.9-CVE-2008-3714-debian.patch b/awstats-6.9-CVE-2008-3714-debian.patch deleted file mode 100644 index ad59113..0000000 --- a/awstats-6.9-CVE-2008-3714-debian.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff -up ./wwwroot/cgi-bin/awstats.pl.CVE-2008-3714 ./wwwroot/cgi-bin/awstats.pl ---- ./wwwroot/cgi-bin/awstats.pl.CVE-2008-3714 2008-12-31 09:09:43.000000000 +0100 -+++ ./wwwroot/cgi-bin/awstats.pl 2008-12-31 09:10:11.000000000 +0100 -@@ -7521,8 +7521,8 @@ sub EncodeString { - sub DecodeEncodedString { - my $stringtodecode = shift; - $stringtodecode =~ tr/\+/ /s; -- $stringtodecode =~ s/%22//g; - $stringtodecode =~ s/%([A-F0-9][A-F0-9])/pack("C", hex($1))/ieg; -+ $stringtodecode =~ s/["']//g; - return $stringtodecode; - } - diff --git a/awstats.spec b/awstats.spec index 06f977e..6d65358 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,13 +1,11 @@ Name: awstats -Version: 6.9 -Release: 4%{?dist} +Version: 6.95 +Release: 1%{?dist} Summary: Advanced Web Statistics License: GPLv2 Group: Applications/Internet URL: http://awstats.sourceforge.net Source0: http://dl.sf.net/awstats/awstats-%{version}.tar.gz -#Source0: http://awstats.sourceforge.net/files/awstats-6.6.tar.gz -Patch0: awstats-6.9-CVE-2008-3714-debian.patch BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -40,7 +38,6 @@ http://localhost/awstats/awstats.pl %prep %setup -q -%patch0 -p0 # Fix style sheets. perl -pi -e 's,/icon,/awstatsicons,g' wwwroot/css/* # Fix some bad file permissions here for convenience. @@ -160,6 +157,10 @@ fi %changelog +* Thu Nov 26 2009 Aurelien Bompard - 6.95-1 +- version 6.95 (security fix) +- drop patch0 + * Fri Aug 21 2009 Aurelien Bompard - 6.9-4 - don't backup the cgi when patching (#518168) diff --git a/sources b/sources index 2a32536..c02a89c 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -fc19dbb8449eccf3300efb30ca3376cb awstats-6.9.tar.gz +26a5b19fa9f395e9e7dafed37b795d7f awstats-6.95.tar.gz From f7c745c47f7f9f9c9cde652bdd4e7b8c6c982ab1 Mon Sep 17 00:00:00 2001 From: Aurelien Bompard Date: Tue, 13 Jul 2010 06:05:44 +0000 Subject: [PATCH 034/129] - version 7.0 --- .cvsignore | 2 +- awstats.spec | 5 ++++- sources | 2 +- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/.cvsignore b/.cvsignore index a48706a..f4ddd54 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1 +1 @@ -awstats-6.95.tar.gz +awstats-7.0.tar.gz diff --git a/awstats.spec b/awstats.spec index 6d65358..28c8587 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,5 +1,5 @@ Name: awstats -Version: 6.95 +Version: 7.0 Release: 1%{?dist} Summary: Advanced Web Statistics License: GPLv2 @@ -157,6 +157,9 @@ fi %changelog +* Tue Jul 13 2010 Aurelien Bompard - 7.0-1 +- version 7.0 + * Thu Nov 26 2009 Aurelien Bompard - 6.95-1 - version 6.95 (security fix) - drop patch0 diff --git a/sources b/sources index c02a89c..9d9689a 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -26a5b19fa9f395e9e7dafed37b795d7f awstats-6.95.tar.gz +ebd28930da02d55db78a0cadb27b351d awstats-7.0.tar.gz From d31533d6f839afc434a4818856b3ae8e21f1aa6e Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 28 Jul 2010 10:42:40 +0000 Subject: [PATCH 035/129] dist-git conversion --- .cvsignore => .gitignore | 0 Makefile | 21 --------------------- 2 files changed, 21 deletions(-) rename .cvsignore => .gitignore (100%) delete mode 100644 Makefile diff --git a/.cvsignore b/.gitignore similarity index 100% rename from .cvsignore rename to .gitignore diff --git a/Makefile b/Makefile deleted file mode 100644 index eba022d..0000000 --- a/Makefile +++ /dev/null @@ -1,21 +0,0 @@ -# Makefile for source rpm: awstats -# $Id$ -NAME := awstats -SPECFILE = $(firstword $(wildcard *.spec)) - -define find-makefile-common -for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$d/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done -endef - -MAKEFILE_COMMON := $(shell $(find-makefile-common)) - -ifeq ($(MAKEFILE_COMMON),) -# attept a checkout -define checkout-makefile-common -test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2 -endef - -MAKEFILE_COMMON := $(shell $(checkout-makefile-common)) -endif - -include $(MAKEFILE_COMMON) From fb2ced1faacb4b5e0168f652e3a99e58594a5f7b Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Mon, 7 Feb 2011 21:57:42 -0600 Subject: [PATCH 036/129] - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index 28c8587..80309f2 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.0 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Advanced Web Statistics License: GPLv2 Group: Applications/Internet @@ -157,6 +157,9 @@ fi %changelog +* Mon Feb 07 2011 Fedora Release Engineering - 7.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + * Tue Jul 13 2010 Aurelien Bompard - 7.0-1 - version 7.0 From fab6bbc3ffb03ce809042435f634350981147bf4 Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Tue, 15 Feb 2011 15:49:26 +0100 Subject: [PATCH 037/129] http://downloads.sourceforge.net/project/awstats/AWStats/7.0/awstats-7.0.tar.gz --- awstats.spec | 7 +++++-- sources | 2 +- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/awstats.spec b/awstats.spec index 80309f2..8e30227 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,11 +1,11 @@ Name: awstats Version: 7.0 -Release: 2%{?dist} +Release: 3%{?dist} Summary: Advanced Web Statistics License: GPLv2 Group: Applications/Internet URL: http://awstats.sourceforge.net -Source0: http://dl.sf.net/awstats/awstats-%{version}.tar.gz +Source0: http://downloads.sourceforge.net/project/awstats/AWStats/%{version}/awstats-%{version}.tar.gz BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -157,6 +157,9 @@ fi %changelog +* Tue Feb 15 2011 Petr Lautrbach 7.0-3 +- update to upstream 7.0 version + * Mon Feb 07 2011 Fedora Release Engineering - 7.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild diff --git a/sources b/sources index 9d9689a..6d183bc 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -ebd28930da02d55db78a0cadb27b351d awstats-7.0.tar.gz +3e8e09b9ebe74513bb34290dbcd37b45 awstats-7.0.tar.gz From 939c350f0f525eb6fa2cda9b7b89234199a5a119 Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Wed, 10 Aug 2011 13:50:41 +0200 Subject: [PATCH 038/129] don't use Switch module, awstats-7.0-4.fc17 --- awstats.spec | 9 +++- use-if-instead-of-switch-statement.patch | 58 ++++++++++++++++++++++++ 2 files changed, 65 insertions(+), 2 deletions(-) create mode 100644 use-if-instead-of-switch-statement.patch diff --git a/awstats.spec b/awstats.spec index 8e30227..be3f89f 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,16 +1,17 @@ Name: awstats Version: 7.0 -Release: 3%{?dist} +Release: 4%{?dist} Summary: Advanced Web Statistics License: GPLv2 Group: Applications/Internet URL: http://awstats.sourceforge.net Source0: http://downloads.sourceforge.net/project/awstats/AWStats/%{version}/awstats-%{version}.tar.gz +Patch0: use-if-instead-of-switch-statement.patch BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: recode -Requires: perl +Requires: perl(:MODULE_COMPAT_%(eval "`perl -V:version`"; echo $version)) Requires(post): perl Requires(postun): /sbin/service @@ -38,6 +39,7 @@ http://localhost/awstats/awstats.pl %prep %setup -q +%patch0 -p 1 # Fix style sheets. perl -pi -e 's,/icon,/awstatsicons,g' wwwroot/css/* # Fix some bad file permissions here for convenience. @@ -157,6 +159,9 @@ fi %changelog +* Wed Aug 10 2011 Petr Lautrbach 7.0-4 +- don't use Switch module + * Tue Feb 15 2011 Petr Lautrbach 7.0-3 - update to upstream 7.0 version diff --git a/use-if-instead-of-switch-statement.patch b/use-if-instead-of-switch-statement.patch new file mode 100644 index 0000000..20b9c17 --- /dev/null +++ b/use-if-instead-of-switch-statement.patch @@ -0,0 +1,58 @@ +diff --git a/tools/geoip_generator.pl b/tools/geoip_generator.pl +index 4b9c02d..2ca3e3f 100644 +--- a/tools/geoip_generator.pl ++++ b/tools/geoip_generator.pl +@@ -8,7 +8,6 @@ + # $Revision: 1.1 $ - $Author: eldy $ - $Date: 2010/04/17 17:57:58 $ + + use strict; no strict "refs"; +-use Switch; + + #------------------------------------------------------------------------------ + # Defines +@@ -447,24 +446,28 @@ while ($start <= $end){ + # clean start and end quotes + if ($f =~ m/^"/) {$f = substr($f, 1);} + +- # build the fields by switching on the dbtype +- switch (lc($DBType)){ +- case "geoip" {$f .= $Values[1]; } +- case "geoipfree" {$f .= $Values[1]; } +- case "geoipcity" { +- $f .= $Values[1].",".$Values[2].",\"".$Values[3]."\",\""; +- $f .= $Values[4]."\",".$Values[5].",".$Values[6].",\""; +- $f .= $Values[7]."\",\"".$Values[8]."\""; +- } +- case "geoipcitylite" { +- $f .= $Values[1].",".$Values[2].",\"".$Values[3]."\",\""; +- $f .= $Values[4]."\",".$Values[5].",".$Values[6].",\""; +- $f .= $Values[7]."\",\"".$Values[8]."\""; +- } +- case "geoipregion" {$f .= "\"".$Values[2]."\""; } +- case "geoiporg" {$f .= "\"".$Values[9]."\""; } +- case "geoipasn" {$f .= "\"".$Values[10]." ".$Values[9]."\""} ++ # build the fields based on the dbtype ++ my $lc_DBType = lc($DBType); ++ if ($lc_DBType eq "geoip") {$f .= $Values[1]; } ++ if ($lc_DBType eq "geoipfree") {$f .= $Values[1]; } ++ if ($lc_DBType eq "geoipcity") { ++ $f .= $Values[1].",".$Values[2].",\"".$Values[3]."\",\""; ++ $f .= $Values[4]."\",".$Values[5].",".$Values[6].",\""; ++ $f .= $Values[7]."\",\"".$Values[8]."\""; + } ++ if ($lc_DBType eq "geoipcitylite") { ++ $f .= $Values[1].",".$Values[2].",\"".$Values[3]."\",\""; ++ $f .= $Values[4]."\",".$Values[5].",".$Values[6].",\""; ++ $f .= $Values[7]."\",\"".$Values[8]."\""; ++ } ++ if ($lc_DBType eq "geoipcitylite") { ++ $f .= $Values[1].",".$Values[2].",\"".$Values[3]."\",\""; ++ $f .= $Values[4]."\",".$Values[5].",".$Values[6].",\""; ++ $f .= $Values[7]."\",\"".$Values[8]."\""; ++ } ++ if ($lc_DBType eq "geoipregion") {$f .= "\"".$Values[2]."\""; } ++ if ($lc_DBType eq "geoiporg") {$f .= "\"".$Values[9]."\""; } ++ if ($lc_DBType eq "geoipasn") {$f .= "\"".$Values[10]." ".$Values[9]."\""} + + $temp{num_to_addr($start)} = $f; + debug("Generating: ".num_to_addr($start)."$f",2); From 48d1dcb0359330d5270ae0d4588372b637189457 Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Thu, 6 Oct 2011 16:44:13 +0200 Subject: [PATCH 039/129] fix multiple XSS and sql injection flaws (#740926) --- awstats-awredir.pl-sanitize-parameters.patch | 67 ++++++++++++++++++++ awstats.spec | 3 +- 2 files changed, 69 insertions(+), 1 deletion(-) create mode 100644 awstats-awredir.pl-sanitize-parameters.patch diff --git a/awstats-awredir.pl-sanitize-parameters.patch b/awstats-awredir.pl-sanitize-parameters.patch new file mode 100644 index 0000000..49c8f71 --- /dev/null +++ b/awstats-awredir.pl-sanitize-parameters.patch @@ -0,0 +1,67 @@ +diff --git a/wwwroot/cgi-bin/awredir.pl b/wwwroot/cgi-bin/awredir.pl +index 35ee82d..3feeb83 100755 +--- a/wwwroot/cgi-bin/awredir.pl ++++ b/wwwroot/cgi-bin/awredir.pl +@@ -8,6 +8,8 @@ + + #use DBD::mysql; + use Digest::MD5 qw(md5 md5_hex md5_base64); ++use HTML::Entities; ++use URI::Escape; + + + #------------------------------------------------------- +@@ -116,26 +118,27 @@ if ($ENV{QUERY_STRING} =~ /tag=\"?([^\"&]+)\"?/) { $Tag=$1; } + + $Key='NOKEY'; + if ($ENV{QUERY_STRING} =~ /key=\"?([^\"&]+)\"?/) { $Key=$1; } ++$KeyEncoded=HTML::Entities::encode($Key); + + # Extract url to redirect to + $Url=$ENV{QUERY_STRING}; + if ($Url =~ /url=\"([^\"]+)\"/) { $Url=$1; } + elsif ($Url =~ /url=(.+)$/) { $Url=$1; } + $Url = DecodeEncodedString($Url); +-$UrlParam=$Url; ++$UrlEncoded=HTML::Entities::encode($Url); + +-if (! $UrlParam) { ++if (! $Url) { + error("Error: Bad use of $PROG. To redirect an URL with $PROG, use the following syntax:
/cgi-bin/$PROG.pl?url=http://urltogo"); + } + ++if ($KEYFORMD5 && ($Key ne md5_hex($KEYFORMD5.$Url))) { ++# error("Error: Bad value for parameter key=".$Key." to allow a redirect to ".$UrlEncoded." - ".$KEYFORMD5." - ".md5_hex($KEYFORMD5.$UrlEncoded) ); ++ error("Error: Bad value for parameter key=".$KeyEncoded." to allow a redirect to ".$UrlEncoded.". Key must be hexadecimal md5(KEYFORMD5.".$UrlEncoded.") where KEYFORMD5 is value hardcoded into awredir.pl. Note: You can remove use of key by setting KEYFORMD5 to empty string in script awredir.pl"); ++} ++ + if ($Url !~ /^http/i) { $Url = "http://".$Url; } + if ($DEBUG) { print LOGFILE "Url=$Url\n"; } + +-if ($KEYFORMD5 && ($Key ne md5_hex($KEYFORMD5.$UrlParam))) { +-# error("Error: Bad value for parameter key=".$Key." to allow a redirect to ".$UrlParam." - ".$KEYFORMD5." - ".md5_hex($KEYFORMD5.$UrlParam) ); +- error("Error: Bad value for parameter key=".$Key." to allow a redirect to ".$UrlParam.". Key must be hexadecimal md5(KEYFORMD5.".$UrlParam.") where KEYFORMD5 is value hardcoded into awredir.pl. Note: You can remove use of key by setting KEYFORMD5 to empty string in script awredir.pl"); +-} +- + + # Get date + ($nowsec,$nowmin,$nowhour,$nowday,$nowmonth,$nowyear,$nowwday,$nowyday,$nowisdst) = localtime(time); +@@ -151,8 +154,8 @@ if ($TRACEBASE == 1) { + if ($ENV{REMOTE_ADDR} !~ /$EXCLUDEIP/) { + if ($DEBUG == 1) { print LOGFILE "Execution requete Update sur BASE=$BASE, USER=$USER, PASS=$PASS\n"; } + my $dbh = DBI->connect("DBI:mysql:$BASE", $USER, $PASS) || die "Can't connect to DBI:mysql:$BASE: $dbh->errstr\n"; +- my $sth = $dbh->prepare("UPDATE T_LINKS set HITS_LINKS = HIT_LINKS+1 where URL_LINKS = '$Url'"); +- $sth->execute || error("Error: Unable execute query:$dbh->err, $dbh->errstr"); ++ my $sth = $dbh->prepare("UPDATE T_LINKS set HITS_LINKS = HIT_LINKS+1 where URL_LINKS = ?"); ++ $sth->execute($Url) || error("Error: Unable execute query:$dbh->err, $dbh->errstr"); + $sth->finish; + $dbh->disconnect; + if ($DEBUG == 1) { print LOGFILE "Execution requete Update - OK\n"; } +@@ -167,6 +170,7 @@ if ($TRACEFILE == 1) { + } + } + ++$Url=uri_escape($Url); + # Redir html instructions + print "Location: $Url\n\n"; + diff --git a/awstats.spec b/awstats.spec index be3f89f..0caab54 100644 --- a/awstats.spec +++ b/awstats.spec @@ -7,6 +7,7 @@ Group: Applications/Internet URL: http://awstats.sourceforge.net Source0: http://downloads.sourceforge.net/project/awstats/AWStats/%{version}/awstats-%{version}.tar.gz Patch0: use-if-instead-of-switch-statement.patch +Patch1: awstats-awredir.pl-sanitize-parameters.patch BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -39,7 +40,7 @@ http://localhost/awstats/awstats.pl %prep %setup -q -%patch0 -p 1 +%patch1 -p 1 # Fix style sheets. perl -pi -e 's,/icon,/awstatsicons,g' wwwroot/css/* # Fix some bad file permissions here for convenience. From b7bb8a0b63ab7660387008f7ea938fb0abd1103c Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Thu, 6 Oct 2011 16:44:31 +0200 Subject: [PATCH 040/129] awstats-7.0-5.fc17 --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index 0caab54..2cabdf9 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.0 -Release: 4%{?dist} +Release: 5%{?dist} Summary: Advanced Web Statistics License: GPLv2 Group: Applications/Internet @@ -160,6 +160,9 @@ fi %changelog +* Mon Oct 03 2011 Petr Lautrbach 7.0-5 +- fix multiple XSS and sql injection flaws (#740926) + * Wed Aug 10 2011 Petr Lautrbach 7.0-4 - don't use Switch module From c756488bcf66dc38548e55c6351c7ba36cdc68df Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Fri, 7 Oct 2011 13:32:45 +0200 Subject: [PATCH 041/129] fix CRLF Injection flaw (#740926) --- awstats-awredir.pl-sanitize-parameters.patch | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/awstats-awredir.pl-sanitize-parameters.patch b/awstats-awredir.pl-sanitize-parameters.patch index 49c8f71..1615e9b 100644 --- a/awstats-awredir.pl-sanitize-parameters.patch +++ b/awstats-awredir.pl-sanitize-parameters.patch @@ -1,5 +1,5 @@ diff --git a/wwwroot/cgi-bin/awredir.pl b/wwwroot/cgi-bin/awredir.pl -index 35ee82d..3feeb83 100755 +index 35ee82d..f1e4cd2 100755 --- a/wwwroot/cgi-bin/awredir.pl +++ b/wwwroot/cgi-bin/awredir.pl @@ -8,6 +8,8 @@ @@ -46,7 +46,7 @@ index 35ee82d..3feeb83 100755 # Get date ($nowsec,$nowmin,$nowhour,$nowday,$nowmonth,$nowyear,$nowwday,$nowyday,$nowisdst) = localtime(time); -@@ -151,8 +154,8 @@ if ($TRACEBASE == 1) { +@@ -151,14 +154,17 @@ if ($TRACEBASE == 1) { if ($ENV{REMOTE_ADDR} !~ /$EXCLUDEIP/) { if ($DEBUG == 1) { print LOGFILE "Execution requete Update sur BASE=$BASE, USER=$USER, PASS=$PASS\n"; } my $dbh = DBI->connect("DBI:mysql:$BASE", $USER, $PASS) || die "Can't connect to DBI:mysql:$BASE: $dbh->errstr\n"; @@ -57,11 +57,12 @@ index 35ee82d..3feeb83 100755 $sth->finish; $dbh->disconnect; if ($DEBUG == 1) { print LOGFILE "Execution requete Update - OK\n"; } -@@ -167,6 +170,7 @@ if ($TRACEFILE == 1) { } } -+$Url=uri_escape($Url); - # Redir html instructions - print "Location: $Url\n\n"; - ++$Url=uri_escape($Url, "^A-Za-z0-9\-\._~/:"); ++$Tag=uri_escape($Tag); ++ + if ($TRACEFILE == 1) { + if ($ENV{REMOTE_ADDR} !~ /$EXCLUDEIP/) { + open(FICHIER,">>$TXTDIR/$TXTFILE") || error("Error: Enable to open trace file $TXTDIR/$TXTFILE: $!"); From a755a63c611a82c1d2cb955814037f55ff8d5ff0 Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Fri, 7 Oct 2011 13:33:05 +0200 Subject: [PATCH 042/129] awstats-7.0-6.fc17 --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index 2cabdf9..f6a6818 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.0 -Release: 5%{?dist} +Release: 6%{?dist} Summary: Advanced Web Statistics License: GPLv2 Group: Applications/Internet @@ -160,6 +160,9 @@ fi %changelog +* Fri Oct 07 2011 Petr Lautrbach 7.0-6 +- fix CRLF Injection flaw (#740926) + * Mon Oct 03 2011 Petr Lautrbach 7.0-5 - fix multiple XSS and sql injection flaws (#740926) From f7b0f3252271f8c96a38a51b9009ebf8d1fab937 Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Mon, 2 Jan 2012 13:04:03 +0100 Subject: [PATCH 043/129] fix for perl-5.14 (#768443,#768982,#771031) --- awstats-perl-5.14.patch | 24 ++++++++++++++++++++++++ awstats.spec | 2 ++ 2 files changed, 26 insertions(+) create mode 100644 awstats-perl-5.14.patch diff --git a/awstats-perl-5.14.patch b/awstats-perl-5.14.patch new file mode 100644 index 0000000..b8cc7bf --- /dev/null +++ b/awstats-perl-5.14.patch @@ -0,0 +1,24 @@ +diff --git a/wwwroot/cgi-bin/awstats.pl b/wwwroot/cgi-bin/awstats.pl +index bae9db6..b13a525 100755 +--- a/wwwroot/cgi-bin/awstats.pl ++++ b/wwwroot/cgi-bin/awstats.pl +@@ -1353,9 +1353,7 @@ sub debug { + #------------------------------------------------------------------------------ + sub OptimizeArray { + my $array = shift; +- my @arrayunreg = map { +- if (/\(\?[-\w]*:(.*)\)/) { $1 } +- } @$array; ++ my @arrayunreg = map { qr/$_/ } @$array; + my $notcasesensitive = shift; + my $searchlist = 0; + if ($Debug) { +@@ -7809,7 +7807,7 @@ sub DecodeEncodedString { + # Return: standardregex + #------------------------------------------------------------------------------ + sub UnCompileRegex { +- shift =~ /\(\?[-\w]*:(.*)\)/; ++ shift =~ /\(\?[-\^\w]*:(.*)\)/; + return $1; + } + diff --git a/awstats.spec b/awstats.spec index f6a6818..cc222ae 100644 --- a/awstats.spec +++ b/awstats.spec @@ -8,6 +8,7 @@ URL: http://awstats.sourceforge.net Source0: http://downloads.sourceforge.net/project/awstats/AWStats/%{version}/awstats-%{version}.tar.gz Patch0: use-if-instead-of-switch-statement.patch Patch1: awstats-awredir.pl-sanitize-parameters.patch +Patch2: awstats-perl-5.14.patch BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -41,6 +42,7 @@ http://localhost/awstats/awstats.pl %prep %setup -q %patch1 -p 1 +%patch2 -p 1 # Fix style sheets. perl -pi -e 's,/icon,/awstatsicons,g' wwwroot/css/* # Fix some bad file permissions here for convenience. From 7b5d29a532f164ce18f165e131746bb10f0d066c Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Mon, 2 Jan 2012 13:04:27 +0100 Subject: [PATCH 044/129] awstats-7.0-7 --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index cc222ae..f7b4d79 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.0 -Release: 6%{?dist} +Release: 7%{?dist} Summary: Advanced Web Statistics License: GPLv2 Group: Applications/Internet @@ -162,6 +162,9 @@ fi %changelog +* Mon Jan 02 2012 Petr Lautrbach 7.0-7 +- fix for perl-5.14 (#768443,#768982,#771031) + * Fri Oct 07 2011 Petr Lautrbach 7.0-6 - fix CRLF Injection flaw (#740926) From 4eb3130c3483664e69f9a283e277271739ffc4ec Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Thu, 12 Jan 2012 16:12:59 -0600 Subject: [PATCH 045/129] - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index f7b4d79..53dfa77 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.0 -Release: 7%{?dist} +Release: 8%{?dist} Summary: Advanced Web Statistics License: GPLv2 Group: Applications/Internet @@ -162,6 +162,9 @@ fi %changelog +* Thu Jan 12 2012 Fedora Release Engineering - 7.0-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + * Mon Jan 02 2012 Petr Lautrbach 7.0-7 - fix for perl-5.14 (#768443,#768982,#771031) From 0daf55e9ad6e471d324182621b9fe1eea5edddc6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= Date: Fri, 8 Jun 2012 12:41:35 +0200 Subject: [PATCH 046/129] Perl 5.16 rebuild --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index 53dfa77..350ff45 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.0 -Release: 8%{?dist} +Release: 9%{?dist} Summary: Advanced Web Statistics License: GPLv2 Group: Applications/Internet @@ -162,6 +162,9 @@ fi %changelog +* Fri Jun 08 2012 Petr Pisar - 7.0-9 +- Perl 5.16 rebuild + * Thu Jan 12 2012 Fedora Release Engineering - 7.0-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild From 7a79e7f7a3e9339cba5f7079e99b2b13ea185ca0 Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Wed, 18 Jul 2012 12:21:45 -0500 Subject: [PATCH 047/129] - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index 350ff45..46e5905 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.0 -Release: 9%{?dist} +Release: 10%{?dist} Summary: Advanced Web Statistics License: GPLv2 Group: Applications/Internet @@ -162,6 +162,9 @@ fi %changelog +* Wed Jul 18 2012 Fedora Release Engineering - 7.0-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + * Fri Jun 08 2012 Petr Pisar - 7.0-9 - Perl 5.16 rebuild From 50a915164d55ad44fadfe6fa6823661668ca37e1 Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Fri, 16 Nov 2012 16:00:38 +0100 Subject: [PATCH 048/129] fix potential XSS attacks - CVE-2012-4547 (#871159) --- awstats-7.0-cleanxss.patch | 43 ++++++++++++++++++++++++++++++++++++++ awstats.spec | 3 +++ 2 files changed, 46 insertions(+) create mode 100644 awstats-7.0-cleanxss.patch diff --git a/awstats-7.0-cleanxss.patch b/awstats-7.0-cleanxss.patch new file mode 100644 index 0000000..98f10a7 --- /dev/null +++ b/awstats-7.0-cleanxss.patch @@ -0,0 +1,43 @@ +diff -up awstats-7.0/wwwroot/cgi-bin/awredir.pl.cleanxss awstats-7.0/wwwroot/cgi-bin/awredir.pl +--- awstats-7.0/wwwroot/cgi-bin/awredir.pl.cleanxss 2012-11-16 15:38:42.077347478 +0100 ++++ awstats-7.0/wwwroot/cgi-bin/awredir.pl 2012-11-16 15:53:28.893552096 +0100 +@@ -75,6 +75,27 @@ sub DecodeEncodedString { + return $stringtodecode; + } + ++#------------------------------------------------------------------------------ ++# Function: Clean a string of HTML tags to avoid 'Cross Site Scripting attacks' ++# and clean | char. ++# Parameters: stringtoclean ++# Input: None ++# Output: None ++# Return: cleanedstring ++#------------------------------------------------------------------------------ ++sub CleanXSS { ++ my $stringtoclean = shift; ++ ++ # To avoid html tags and javascript ++ $stringtoclean =~ s//>/g; ++ $stringtoclean =~ s/|//g; ++ ++ # To avoid onload=" ++ $stringtoclean =~ s/onload//g; ++ return $stringtoclean; ++} ++ + + #------------------------------------------------------- + # MAIN +@@ -127,6 +148,11 @@ elsif ($Url =~ /url=(.+)$/) { $Url=$1; } + $Url = DecodeEncodedString($Url); + $UrlEncoded=HTML::Entities::encode($Url); + ++# Sanitize parameters ++$Tag=CleanXSS($Tag); ++$Key=CleanXSS($Key); ++$UrlEncoded=CleanXSS($UrlEncoded); ++ + if (! $Url) { + error("Error: Bad use of $PROG. To redirect an URL with $PROG, use the following syntax:
/cgi-bin/$PROG.pl?url=http://urltogo"); + } diff --git a/awstats.spec b/awstats.spec index 46e5905..0682a82 100644 --- a/awstats.spec +++ b/awstats.spec @@ -9,6 +9,8 @@ Source0: http://downloads.sourceforge.net/project/awstats/AWStats/%{version}/ Patch0: use-if-instead-of-switch-statement.patch Patch1: awstats-awredir.pl-sanitize-parameters.patch Patch2: awstats-perl-5.14.patch +# CVE-2012-4547, #871159 +Patch3: awstats-7.0-cleanxss.patch BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -43,6 +45,7 @@ http://localhost/awstats/awstats.pl %setup -q %patch1 -p 1 %patch2 -p 1 +%patch3 -p 1 -b .cleanxss # Fix style sheets. perl -pi -e 's,/icon,/awstatsicons,g' wwwroot/css/* # Fix some bad file permissions here for convenience. From 7b08e7f1dcf64db5d7d4408ede41417d0eb5a747 Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Fri, 16 Nov 2012 17:02:39 +0100 Subject: [PATCH 049/129] fix configuration for httpd 2.4 (#871366) --- awstats-7.0-httpd-2.4.patch | 45 +++++++++++++++++++++++++++++++++++++ awstats.spec | 19 ++++++++++------ 2 files changed, 57 insertions(+), 7 deletions(-) create mode 100644 awstats-7.0-httpd-2.4.patch diff --git a/awstats-7.0-httpd-2.4.patch b/awstats-7.0-httpd-2.4.patch new file mode 100644 index 0000000..2fe23b6 --- /dev/null +++ b/awstats-7.0-httpd-2.4.patch @@ -0,0 +1,45 @@ +diff -up awstats-7.0/tools/httpd_conf.http-2.4 awstats-7.0/tools/httpd_conf +--- awstats-7.0/tools/httpd_conf.http-2.4 2012-11-16 16:11:07.612386681 +0100 ++++ awstats-7.0/tools/httpd_conf 2012-11-16 16:44:24.921755562 +0100 +@@ -10,20 +10,33 @@ + + # + # Directives to add to your Apache conf file to allow use of AWStats as a CGI. +-# Note that path "/usr/local/awstats/" must reflect your AWStats install path. ++# Note that path "/usr/share/awstats/" must reflect your AWStats install path. + # +-Alias /awstatsclasses "/usr/local/awstats/wwwroot/classes/" +-Alias /awstatscss "/usr/local/awstats/wwwroot/css/" +-Alias /awstatsicons "/usr/local/awstats/wwwroot/icon/" +-ScriptAlias /awstats/ "/usr/local/awstats/wwwroot/cgi-bin/" ++Alias /awstatsclasses "/usr/share/awstats/wwwroot/classes/" ++Alias /awstatscss "/usr/share/awstats/wwwroot/css/" ++Alias /awstatsicons "/usr/share/awstats/wwwroot/icon/" ++ScriptAlias /awstats/ "/usr/share/awstats/wwwroot/cgi-bin/" + + + # + # This is to permit URL access to scripts/files in AWStats directory. + # +- ++ + Options None + AllowOverride None +- Order allow,deny +- Allow from all ++ ++ # Apache 2.4 ++ Require local ++ ++ ++ # Apache 2.2 ++ Order allow,deny ++ Allow from 127.0.0.1 ++ Allow from ::1 ++ + ++# Additional Perl modules ++ ++ SetEnv PERL5LIB /usr/share/awstats/lib:/usr/share/awstats/plugins ++ ++ diff --git a/awstats.spec b/awstats.spec index 0682a82..00c4fce 100644 --- a/awstats.spec +++ b/awstats.spec @@ -11,6 +11,8 @@ Patch1: awstats-awredir.pl-sanitize-parameters.patch Patch2: awstats-perl-5.14.patch # CVE-2012-4547, #871159 Patch3: awstats-7.0-cleanxss.patch +# fix configuration for httpd 2.4 (#871366) +Patch4: awstats-7.0-httpd-2.4.patch BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -46,6 +48,8 @@ http://localhost/awstats/awstats.pl %patch1 -p 1 %patch2 -p 1 %patch3 -p 1 -b .cleanxss +%patch4 -p 1 -b .httpd-2.4 + # Fix style sheets. perl -pi -e 's,/icon,/awstatsicons,g' wwwroot/css/* # Fix some bad file permissions here for convenience. @@ -106,16 +110,17 @@ install -p -m 644 $RPM_BUILD_ROOT/%{_sysconfdir}/%{name}/%{name}.{model,localhos # Fix scripts perl -pi -e 's|/usr/local/awstats|%{_datadir}/awstats|g' \ - $RPM_BUILD_ROOT%{_datadir}/%{name}/tools/{*.pl,httpd_conf} + $RPM_BUILD_ROOT%{_datadir}/%{name}/tools/{*.pl} # Apache configuration install -p -m 644 tools/httpd_conf $RPM_BUILD_ROOT/%{_sysconfdir}/httpd/conf.d/%{name}.conf -perl -pi -e 's|/usr/local|%{_datadir}|g;s|Allow from all|Allow from 127.0.0.1|g' \ - $RPM_BUILD_ROOT/%{_sysconfdir}/httpd/conf.d/%{name}.conf -echo "# Additional Perl modules - - SetEnv PERL5LIB %{_datadir}/awstats/lib:%{_datadir}/awstats/plugins -" >> $RPM_BUILD_ROOT/%{_sysconfdir}/httpd/conf.d/%{name}.conf +# move to awstats-7.0-httpd-2.4.patch +#perl -pi -e 's|/usr/local|%{_datadir}|g;s|Allow from all|Allow from 127.0.0.1|g' \ +# $RPM_BUILD_ROOT/%{_sysconfdir}/httpd/conf.d/%{name}.conf +#echo "# Additional Perl modules +# +# SetEnv PERL5LIB %{_datadir}/awstats/lib:%{_datadir}/awstats/plugins +#" >> $RPM_BUILD_ROOT/%{_sysconfdir}/httpd/conf.d/%{name}.conf # Cron job install -m 0755 awstats.cron $RPM_BUILD_ROOT%{_sysconfdir}/cron.hourly/%{name} From 34ba9ca2708d37a70dc02738c6a242ae9ccb38c0 Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Fri, 16 Nov 2012 17:54:01 +0100 Subject: [PATCH 050/129] don't use suffixes in %patch --- awstats.spec | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/awstats.spec b/awstats.spec index 00c4fce..14d6122 100644 --- a/awstats.spec +++ b/awstats.spec @@ -47,8 +47,8 @@ http://localhost/awstats/awstats.pl %setup -q %patch1 -p 1 %patch2 -p 1 -%patch3 -p 1 -b .cleanxss -%patch4 -p 1 -b .httpd-2.4 +%patch3 -p 1 +%patch4 -p 1 # Fix style sheets. perl -pi -e 's,/icon,/awstatsicons,g' wwwroot/css/* From 6170c585041a8f1c73cf1d7eccf14643850c8f5e Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Fri, 16 Nov 2012 17:59:27 +0100 Subject: [PATCH 051/129] awstats-7.0-11 --- awstats.spec | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index 14d6122..e6c9dcd 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.0 -Release: 10%{?dist} +Release: 11%{?dist} Summary: Advanced Web Statistics License: GPLv2 Group: Applications/Internet @@ -170,6 +170,10 @@ fi %changelog +* Fri Nov 16 2012 Petr Lautrbach 7.0-11 +- fix configuration for httpd 2.4 (#871366) +- fix potential XSS attacks - CVE-2012-4547 (#871159) + * Wed Jul 18 2012 Fedora Release Engineering - 7.0-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild From 777c71909e5b98b25174df7e3f1858024c4dd80c Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Fri, 4 Jan 2013 10:57:30 +0100 Subject: [PATCH 052/129] awstats-7.1-1 --- .gitignore | 1 + awstats-awredir.pl-sanitize-parameters.patch | 46 +++----------------- awstats.spec | 17 +++++--- sources | 2 +- 4 files changed, 18 insertions(+), 48 deletions(-) diff --git a/.gitignore b/.gitignore index f4ddd54..2d80a38 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ awstats-7.0.tar.gz +/awstats-7.1.tar.gz diff --git a/awstats-awredir.pl-sanitize-parameters.patch b/awstats-awredir.pl-sanitize-parameters.patch index 1615e9b..bc92ebb 100644 --- a/awstats-awredir.pl-sanitize-parameters.patch +++ b/awstats-awredir.pl-sanitize-parameters.patch @@ -1,8 +1,7 @@ -diff --git a/wwwroot/cgi-bin/awredir.pl b/wwwroot/cgi-bin/awredir.pl -index 35ee82d..f1e4cd2 100755 ---- a/wwwroot/cgi-bin/awredir.pl -+++ b/wwwroot/cgi-bin/awredir.pl -@@ -8,6 +8,8 @@ +diff -up awstats-7.1/wwwroot/cgi-bin/awredir.pl.sanitize awstats-7.1/wwwroot/cgi-bin/awredir.pl +--- awstats-7.1/wwwroot/cgi-bin/awredir.pl.sanitize 2012-02-15 15:19:22.000000000 +0100 ++++ awstats-7.1/wwwroot/cgi-bin/awredir.pl 2013-01-04 10:31:33.303448288 +0100 +@@ -21,6 +21,8 @@ #use DBD::mysql; use Digest::MD5 qw(md5 md5_hex md5_base64); @@ -11,42 +10,7 @@ index 35ee82d..f1e4cd2 100755 #------------------------------------------------------- -@@ -116,26 +118,27 @@ if ($ENV{QUERY_STRING} =~ /tag=\"?([^\"&]+)\"?/) { $Tag=$1; } - - $Key='NOKEY'; - if ($ENV{QUERY_STRING} =~ /key=\"?([^\"&]+)\"?/) { $Key=$1; } -+$KeyEncoded=HTML::Entities::encode($Key); - - # Extract url to redirect to - $Url=$ENV{QUERY_STRING}; - if ($Url =~ /url=\"([^\"]+)\"/) { $Url=$1; } - elsif ($Url =~ /url=(.+)$/) { $Url=$1; } - $Url = DecodeEncodedString($Url); --$UrlParam=$Url; -+$UrlEncoded=HTML::Entities::encode($Url); - --if (! $UrlParam) { -+if (! $Url) { - error("Error: Bad use of $PROG. To redirect an URL with $PROG, use the following syntax:
/cgi-bin/$PROG.pl?url=http://urltogo"); - } - -+if ($KEYFORMD5 && ($Key ne md5_hex($KEYFORMD5.$Url))) { -+# error("Error: Bad value for parameter key=".$Key." to allow a redirect to ".$UrlEncoded." - ".$KEYFORMD5." - ".md5_hex($KEYFORMD5.$UrlEncoded) ); -+ error("Error: Bad value for parameter key=".$KeyEncoded." to allow a redirect to ".$UrlEncoded.". Key must be hexadecimal md5(KEYFORMD5.".$UrlEncoded.") where KEYFORMD5 is value hardcoded into awredir.pl. Note: You can remove use of key by setting KEYFORMD5 to empty string in script awredir.pl"); -+} -+ - if ($Url !~ /^http/i) { $Url = "http://".$Url; } - if ($DEBUG) { print LOGFILE "Url=$Url\n"; } - --if ($KEYFORMD5 && ($Key ne md5_hex($KEYFORMD5.$UrlParam))) { --# error("Error: Bad value for parameter key=".$Key." to allow a redirect to ".$UrlParam." - ".$KEYFORMD5." - ".md5_hex($KEYFORMD5.$UrlParam) ); -- error("Error: Bad value for parameter key=".$Key." to allow a redirect to ".$UrlParam.". Key must be hexadecimal md5(KEYFORMD5.".$UrlParam.") where KEYFORMD5 is value hardcoded into awredir.pl. Note: You can remove use of key by setting KEYFORMD5 to empty string in script awredir.pl"); --} -- - - # Get date - ($nowsec,$nowmin,$nowhour,$nowday,$nowmonth,$nowyear,$nowwday,$nowyday,$nowisdst) = localtime(time); -@@ -151,14 +154,17 @@ if ($TRACEBASE == 1) { +@@ -193,14 +195,17 @@ if ($TRACEBASE == 1) { if ($ENV{REMOTE_ADDR} !~ /$EXCLUDEIP/) { if ($DEBUG == 1) { print LOGFILE "Execution requete Update sur BASE=$BASE, USER=$USER, PASS=$PASS\n"; } my $dbh = DBI->connect("DBI:mysql:$BASE", $USER, $PASS) || die "Can't connect to DBI:mysql:$BASE: $dbh->errstr\n"; diff --git a/awstats.spec b/awstats.spec index e6c9dcd..8715ee6 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats -Version: 7.0 -Release: 11%{?dist} +Version: 7.1 +Release: 1%{?dist} Summary: Advanced Web Statistics License: GPLv2 Group: Applications/Internet @@ -8,9 +8,11 @@ URL: http://awstats.sourceforge.net Source0: http://downloads.sourceforge.net/project/awstats/AWStats/%{version}/awstats-%{version}.tar.gz Patch0: use-if-instead-of-switch-statement.patch Patch1: awstats-awredir.pl-sanitize-parameters.patch -Patch2: awstats-perl-5.14.patch +# fixed upstream +# Patch2: awstats-perl-5.14.patch # CVE-2012-4547, #871159 -Patch3: awstats-7.0-cleanxss.patch +# fixed upstream +# Patch3: awstats-7.0-cleanxss.patch # fix configuration for httpd 2.4 (#871366) Patch4: awstats-7.0-httpd-2.4.patch @@ -46,8 +48,8 @@ http://localhost/awstats/awstats.pl %prep %setup -q %patch1 -p 1 -%patch2 -p 1 -%patch3 -p 1 +#%patch2 -p 1 +#%patch3 -p 1 %patch4 -p 1 # Fix style sheets. @@ -170,6 +172,9 @@ fi %changelog +* Fri Jan 04 2013 Petr Lautrbach 7.1-1 +- version 7.1 + * Fri Nov 16 2012 Petr Lautrbach 7.0-11 - fix configuration for httpd 2.4 (#871366) - fix potential XSS attacks - CVE-2012-4547 (#871159) diff --git a/sources b/sources index 6d183bc..59a26c3 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -3e8e09b9ebe74513bb34290dbcd37b45 awstats-7.0.tar.gz +9ee8cb9c89295a519638ae1cf6a4e1e2 awstats-7.1.tar.gz From fe7e6889ded9d5010be0354f9e22f473a8220cd1 Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Wed, 13 Feb 2013 11:30:16 -0600 Subject: [PATCH 053/129] - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index 8715ee6..354b79a 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.1 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Advanced Web Statistics License: GPLv2 Group: Applications/Internet @@ -172,6 +172,9 @@ fi %changelog +* Wed Feb 13 2013 Fedora Release Engineering - 7.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + * Fri Jan 04 2013 Petr Lautrbach 7.1-1 - version 7.1 From 675d47125b25e260f919010a1bf24171481e7c0a Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Mon, 18 Mar 2013 13:47:22 +0100 Subject: [PATCH 054/129] don't use /sbin/service --- awstats.spec | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/awstats.spec b/awstats.spec index 354b79a..fab7d97 100644 --- a/awstats.spec +++ b/awstats.spec @@ -21,7 +21,7 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: recode Requires: perl(:MODULE_COMPAT_%(eval "`perl -V:version`"; echo $version)) Requires(post): perl -Requires(postun): /sbin/service +Requires(postun): systemd ## SELinux policy is now included upstream Obsoletes: awstats-selinux < 6.8-1 @@ -144,7 +144,7 @@ fi %postun if [ $1 -ne 0 ]; then - /sbin/service httpd condrestart >/dev/null 2>&1 + /bin/systemctl try-restart httpd.service >/dev/null 2>&1 || : fi From 8edcecce946cc5e44b9afbd0109ab3f2fca33845 Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Mon, 18 Mar 2013 15:03:30 +0100 Subject: [PATCH 055/129] fix a bogus date in the changelog --- awstats.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index fab7d97..d957e6f 100644 --- a/awstats.spec +++ b/awstats.spec @@ -319,7 +319,7 @@ fi * Wed Mar 03 2004 Aurelien Bompard 6.0.0.fdr.2 - requires perl without version to fix build on rh9 -* Tue Feb 19 2004 Aurelien Bompard 6.0-0.fdr.1 +* Thu Feb 19 2004 Aurelien Bompard 6.0-0.fdr.1 - version 6.0 * Mon Dec 22 2003 Aurelien Bompard 5.9-0.fdr.5 From 28237c34def3c50e343042819c086f4c18fa31f5 Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Mon, 18 Mar 2013 15:23:19 +0100 Subject: [PATCH 056/129] awstats-7.1.1-1 --- .gitignore | 1 + awstats.spec | 7 +++++-- sources | 2 +- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index 2d80a38..cf08795 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ awstats-7.0.tar.gz /awstats-7.1.tar.gz +/awstats-7.1.1.tar.gz diff --git a/awstats.spec b/awstats.spec index d957e6f..a17fda7 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats -Version: 7.1 -Release: 2%{?dist} +Version: 7.1.1 +Release: 1%{?dist} Summary: Advanced Web Statistics License: GPLv2 Group: Applications/Internet @@ -172,6 +172,9 @@ fi %changelog +* Mon Mar 18 2013 Petr Lautrbach 7.1.1-1 +- version 7.1.1 + * Wed Feb 13 2013 Fedora Release Engineering - 7.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild diff --git a/sources b/sources index 59a26c3..abc2f0b 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -9ee8cb9c89295a519638ae1cf6a4e1e2 awstats-7.1.tar.gz +bbec0233a83cf6ac1eebcf91b555aae7 awstats-7.1.1.tar.gz From 94408c4c2ad8d8ddaac8ff993b01ca01a00af122 Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Tue, 2 Apr 2013 13:23:59 +0200 Subject: [PATCH 057/129] add a missing requirement on crontab and fix (#947040) fix cron file permissions --- awstats.cron | 3 +++ awstats.spec | 15 ++++----------- 2 files changed, 7 insertions(+), 11 deletions(-) create mode 100644 awstats.cron diff --git a/awstats.cron b/awstats.cron new file mode 100644 index 0000000..c2a44ab --- /dev/null +++ b/awstats.cron @@ -0,0 +1,3 @@ +#!/bin/bash +exec /usr/share/awstats/tools/awstats_updateall.pl now -configdir="/etc/awstats" -awstatsprog="/usr/share/awstats/wwwroot/cgi-bin/awstats.pl" >/dev/null +exit 0 diff --git a/awstats.spec b/awstats.spec index a17fda7..a670e23 100644 --- a/awstats.spec +++ b/awstats.spec @@ -6,6 +6,7 @@ License: GPLv2 Group: Applications/Internet URL: http://awstats.sourceforge.net Source0: http://downloads.sourceforge.net/project/awstats/AWStats/%{version}/awstats-%{version}.tar.gz +Source1: %{name}.cron Patch0: use-if-instead-of-switch-statement.patch Patch1: awstats-awredir.pl-sanitize-parameters.patch # fixed upstream @@ -20,6 +21,7 @@ BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: recode Requires: perl(:MODULE_COMPAT_%(eval "`perl -V:version`"; echo $version)) +Requires: crontabs Requires(post): perl Requires(postun): systemd @@ -66,15 +68,6 @@ recode ISO-8859-1..UTF-8 docs/awstats_changelog.txt %install rm -rf $RPM_BUILD_ROOT -### Create cron job -cat <awstats.cron -#!/bin/bash -exec %{_datadir}/awstats/tools/awstats_updateall.pl now \ - -configdir="%{_sysconfdir}/awstats" \ - -awstatsprog="%{_datadir}/awstats/wwwroot/cgi-bin/awstats.pl" >/dev/null -exit 0 -EOF - ### Create folders mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/{httpd/conf.d,%{name},cron.hourly} mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/lib/%{name} @@ -125,7 +118,7 @@ install -p -m 644 tools/httpd_conf $RPM_BUILD_ROOT/%{_sysconfdir}/httpd/conf.d/% #" >> $RPM_BUILD_ROOT/%{_sysconfdir}/httpd/conf.d/%{name}.conf # Cron job -install -m 0755 awstats.cron $RPM_BUILD_ROOT%{_sysconfdir}/cron.hourly/%{name} +install -m 0750 -p %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/cron.hourly/%{name} %clean @@ -152,7 +145,7 @@ fi %defattr(-,root,root,755) # Apache configuration file %config(noreplace) %{_sysconfdir}/httpd/conf.d/%{name}.conf -%config(noreplace) %attr(755,root,root) %{_sysconfdir}/cron.hourly/%{name} +%config(noreplace) %attr(750,root,root) %{_sysconfdir}/cron.hourly/%{name} %config(noreplace) %{_sysconfdir}/%{name}/ %{_localstatedir}/lib/%{name} %dir %{_datadir}/%{name} From 741b525709038e43c2618913911ab992f78bdf5a Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Tue, 2 Apr 2013 13:41:43 +0200 Subject: [PATCH 058/129] spec file and patches cleanup --- awstats-7.0-cleanxss.patch | 43 ------------------ awstats-perl-5.14.patch | 24 ---------- awstats.spec | 25 ++-------- use-if-instead-of-switch-statement.patch | 58 ------------------------ 4 files changed, 4 insertions(+), 146 deletions(-) delete mode 100644 awstats-7.0-cleanxss.patch delete mode 100644 awstats-perl-5.14.patch delete mode 100644 use-if-instead-of-switch-statement.patch diff --git a/awstats-7.0-cleanxss.patch b/awstats-7.0-cleanxss.patch deleted file mode 100644 index 98f10a7..0000000 --- a/awstats-7.0-cleanxss.patch +++ /dev/null @@ -1,43 +0,0 @@ -diff -up awstats-7.0/wwwroot/cgi-bin/awredir.pl.cleanxss awstats-7.0/wwwroot/cgi-bin/awredir.pl ---- awstats-7.0/wwwroot/cgi-bin/awredir.pl.cleanxss 2012-11-16 15:38:42.077347478 +0100 -+++ awstats-7.0/wwwroot/cgi-bin/awredir.pl 2012-11-16 15:53:28.893552096 +0100 -@@ -75,6 +75,27 @@ sub DecodeEncodedString { - return $stringtodecode; - } - -+#------------------------------------------------------------------------------ -+# Function: Clean a string of HTML tags to avoid 'Cross Site Scripting attacks' -+# and clean | char. -+# Parameters: stringtoclean -+# Input: None -+# Output: None -+# Return: cleanedstring -+#------------------------------------------------------------------------------ -+sub CleanXSS { -+ my $stringtoclean = shift; -+ -+ # To avoid html tags and javascript -+ $stringtoclean =~ s//>/g; -+ $stringtoclean =~ s/|//g; -+ -+ # To avoid onload=" -+ $stringtoclean =~ s/onload//g; -+ return $stringtoclean; -+} -+ - - #------------------------------------------------------- - # MAIN -@@ -127,6 +148,11 @@ elsif ($Url =~ /url=(.+)$/) { $Url=$1; } - $Url = DecodeEncodedString($Url); - $UrlEncoded=HTML::Entities::encode($Url); - -+# Sanitize parameters -+$Tag=CleanXSS($Tag); -+$Key=CleanXSS($Key); -+$UrlEncoded=CleanXSS($UrlEncoded); -+ - if (! $Url) { - error("Error: Bad use of $PROG. To redirect an URL with $PROG, use the following syntax:
/cgi-bin/$PROG.pl?url=http://urltogo"); - } diff --git a/awstats-perl-5.14.patch b/awstats-perl-5.14.patch deleted file mode 100644 index b8cc7bf..0000000 --- a/awstats-perl-5.14.patch +++ /dev/null @@ -1,24 +0,0 @@ -diff --git a/wwwroot/cgi-bin/awstats.pl b/wwwroot/cgi-bin/awstats.pl -index bae9db6..b13a525 100755 ---- a/wwwroot/cgi-bin/awstats.pl -+++ b/wwwroot/cgi-bin/awstats.pl -@@ -1353,9 +1353,7 @@ sub debug { - #------------------------------------------------------------------------------ - sub OptimizeArray { - my $array = shift; -- my @arrayunreg = map { -- if (/\(\?[-\w]*:(.*)\)/) { $1 } -- } @$array; -+ my @arrayunreg = map { qr/$_/ } @$array; - my $notcasesensitive = shift; - my $searchlist = 0; - if ($Debug) { -@@ -7809,7 +7807,7 @@ sub DecodeEncodedString { - # Return: standardregex - #------------------------------------------------------------------------------ - sub UnCompileRegex { -- shift =~ /\(\?[-\w]*:(.*)\)/; -+ shift =~ /\(\?[-\^\w]*:(.*)\)/; - return $1; - } - diff --git a/awstats.spec b/awstats.spec index a670e23..a1f2de0 100644 --- a/awstats.spec +++ b/awstats.spec @@ -7,15 +7,9 @@ Group: Applications/Internet URL: http://awstats.sourceforge.net Source0: http://downloads.sourceforge.net/project/awstats/AWStats/%{version}/awstats-%{version}.tar.gz Source1: %{name}.cron -Patch0: use-if-instead-of-switch-statement.patch -Patch1: awstats-awredir.pl-sanitize-parameters.patch -# fixed upstream -# Patch2: awstats-perl-5.14.patch -# CVE-2012-4547, #871159 -# fixed upstream -# Patch3: awstats-7.0-cleanxss.patch +Patch0: awstats-awredir.pl-sanitize-parameters.patch # fix configuration for httpd 2.4 (#871366) -Patch4: awstats-7.0-httpd-2.4.patch +Patch1: awstats-7.0-httpd-2.4.patch BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -49,10 +43,8 @@ http://localhost/awstats/awstats.pl %prep %setup -q +%patch0 -p 1 %patch1 -p 1 -#%patch2 -p 1 -#%patch3 -p 1 -%patch4 -p 1 # Fix style sheets. perl -pi -e 's,/icon,/awstatsicons,g' wwwroot/css/* @@ -109,13 +101,6 @@ perl -pi -e 's|/usr/local/awstats|%{_datadir}/awstats|g' \ # Apache configuration install -p -m 644 tools/httpd_conf $RPM_BUILD_ROOT/%{_sysconfdir}/httpd/conf.d/%{name}.conf -# move to awstats-7.0-httpd-2.4.patch -#perl -pi -e 's|/usr/local|%{_datadir}|g;s|Allow from all|Allow from 127.0.0.1|g' \ -# $RPM_BUILD_ROOT/%{_sysconfdir}/httpd/conf.d/%{name}.conf -#echo "# Additional Perl modules -# -# SetEnv PERL5LIB %{_datadir}/awstats/lib:%{_datadir}/awstats/plugins -#" >> $RPM_BUILD_ROOT/%{_sysconfdir}/httpd/conf.d/%{name}.conf # Cron job install -m 0750 -p %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/cron.hourly/%{name} @@ -136,9 +121,7 @@ if [ $1 -eq 1 ]; then fi %postun -if [ $1 -ne 0 ]; then - /bin/systemctl try-restart httpd.service >/dev/null 2>&1 || : -fi +%systemd_postun_with_restart httpd.service %files diff --git a/use-if-instead-of-switch-statement.patch b/use-if-instead-of-switch-statement.patch deleted file mode 100644 index 20b9c17..0000000 --- a/use-if-instead-of-switch-statement.patch +++ /dev/null @@ -1,58 +0,0 @@ -diff --git a/tools/geoip_generator.pl b/tools/geoip_generator.pl -index 4b9c02d..2ca3e3f 100644 ---- a/tools/geoip_generator.pl -+++ b/tools/geoip_generator.pl -@@ -8,7 +8,6 @@ - # $Revision: 1.1 $ - $Author: eldy $ - $Date: 2010/04/17 17:57:58 $ - - use strict; no strict "refs"; --use Switch; - - #------------------------------------------------------------------------------ - # Defines -@@ -447,24 +446,28 @@ while ($start <= $end){ - # clean start and end quotes - if ($f =~ m/^"/) {$f = substr($f, 1);} - -- # build the fields by switching on the dbtype -- switch (lc($DBType)){ -- case "geoip" {$f .= $Values[1]; } -- case "geoipfree" {$f .= $Values[1]; } -- case "geoipcity" { -- $f .= $Values[1].",".$Values[2].",\"".$Values[3]."\",\""; -- $f .= $Values[4]."\",".$Values[5].",".$Values[6].",\""; -- $f .= $Values[7]."\",\"".$Values[8]."\""; -- } -- case "geoipcitylite" { -- $f .= $Values[1].",".$Values[2].",\"".$Values[3]."\",\""; -- $f .= $Values[4]."\",".$Values[5].",".$Values[6].",\""; -- $f .= $Values[7]."\",\"".$Values[8]."\""; -- } -- case "geoipregion" {$f .= "\"".$Values[2]."\""; } -- case "geoiporg" {$f .= "\"".$Values[9]."\""; } -- case "geoipasn" {$f .= "\"".$Values[10]." ".$Values[9]."\""} -+ # build the fields based on the dbtype -+ my $lc_DBType = lc($DBType); -+ if ($lc_DBType eq "geoip") {$f .= $Values[1]; } -+ if ($lc_DBType eq "geoipfree") {$f .= $Values[1]; } -+ if ($lc_DBType eq "geoipcity") { -+ $f .= $Values[1].",".$Values[2].",\"".$Values[3]."\",\""; -+ $f .= $Values[4]."\",".$Values[5].",".$Values[6].",\""; -+ $f .= $Values[7]."\",\"".$Values[8]."\""; - } -+ if ($lc_DBType eq "geoipcitylite") { -+ $f .= $Values[1].",".$Values[2].",\"".$Values[3]."\",\""; -+ $f .= $Values[4]."\",".$Values[5].",".$Values[6].",\""; -+ $f .= $Values[7]."\",\"".$Values[8]."\""; -+ } -+ if ($lc_DBType eq "geoipcitylite") { -+ $f .= $Values[1].",".$Values[2].",\"".$Values[3]."\",\""; -+ $f .= $Values[4]."\",".$Values[5].",".$Values[6].",\""; -+ $f .= $Values[7]."\",\"".$Values[8]."\""; -+ } -+ if ($lc_DBType eq "geoipregion") {$f .= "\"".$Values[2]."\""; } -+ if ($lc_DBType eq "geoiporg") {$f .= "\"".$Values[9]."\""; } -+ if ($lc_DBType eq "geoipasn") {$f .= "\"".$Values[10]." ".$Values[9]."\""} - - $temp{num_to_addr($start)} = $f; - debug("Generating: ".num_to_addr($start)."$f",2); From 3c0b9144d072297c6aadd045fd78f6a166b44382 Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Tue, 2 Apr 2013 13:59:32 +0200 Subject: [PATCH 059/129] add missing requirements (#908981) --- awstats.spec | 1 + 1 file changed, 1 insertion(+) diff --git a/awstats.spec b/awstats.spec index a1f2de0..c97638a 100644 --- a/awstats.spec +++ b/awstats.spec @@ -15,6 +15,7 @@ BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: recode Requires: perl(:MODULE_COMPAT_%(eval "`perl -V:version`"; echo $version)) +Requires: perl-Net-IP, perl-Net-DNS, perl-Geo-IP Requires: crontabs Requires(post): perl Requires(postun): systemd From ac9cda8f0072df94c1e1d26f4d296fef94a9f452 Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Tue, 2 Apr 2013 13:59:50 +0200 Subject: [PATCH 060/129] awstats-7.1.1-2 --- awstats.spec | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index c97638a..65a3d73 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.1.1 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Advanced Web Statistics License: GPLv2 Group: Applications/Internet @@ -149,6 +149,11 @@ fi %changelog +* Tue Apr 02 2013 Petr Lautrbach 7.1.1-2 +- add a missing requirement on crontab and fix (#947040) +- add missing requirements (#908981) +- spec file and patches cleanup + * Mon Mar 18 2013 Petr Lautrbach 7.1.1-1 - version 7.1.1 From 3e44101ced494fedcd6a62e676676ee772b25a33 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= Date: Wed, 17 Jul 2013 12:03:27 +0200 Subject: [PATCH 061/129] Perl 5.18 rebuild --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index 65a3d73..1fc5908 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.1.1 -Release: 2%{?dist} +Release: 3%{?dist} Summary: Advanced Web Statistics License: GPLv2 Group: Applications/Internet @@ -149,6 +149,9 @@ fi %changelog +* Wed Jul 17 2013 Petr Pisar - 7.1.1-3 +- Perl 5.18 rebuild + * Tue Apr 02 2013 Petr Lautrbach 7.1.1-2 - add a missing requirement on crontab and fix (#947040) - add missing requirements (#908981) From 233cae6fa5c5c157c4dd22b3444f50e234554fe7 Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Fri, 2 Aug 2013 21:52:27 -0500 Subject: [PATCH 062/129] - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index 1fc5908..1f52af8 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.1.1 -Release: 3%{?dist} +Release: 4%{?dist} Summary: Advanced Web Statistics License: GPLv2 Group: Applications/Internet @@ -149,6 +149,9 @@ fi %changelog +* Sat Aug 03 2013 Fedora Release Engineering - 7.1.1-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + * Wed Jul 17 2013 Petr Pisar - 7.1.1-3 - Perl 5.18 rebuild From b807ce4771a4b93d690915255bc025fe41e72bd0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ralf=20Cors=C3=A9pius?= Date: Thu, 10 Oct 2013 12:08:33 +0200 Subject: [PATCH 063/129] Add BR: systemd for systemd.macros (RHBZ #1017665). --- awstats.spec | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index 1f52af8..013ae5e 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.1.1 -Release: 4%{?dist} +Release: 5%{?dist} Summary: Advanced Web Statistics License: GPLv2 Group: Applications/Internet @@ -13,6 +13,8 @@ Patch1: awstats-7.0-httpd-2.4.patch BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) +# For systemd.macros +BuildRequires: systemd BuildRequires: recode Requires: perl(:MODULE_COMPAT_%(eval "`perl -V:version`"; echo $version)) Requires: perl-Net-IP, perl-Net-DNS, perl-Geo-IP @@ -149,6 +151,9 @@ fi %changelog +* Thu Oct 10 2013 Ralf Corsépius - 7.1.1-5 +- Add BR: systemd for systemd.macros (RHBZ #1017665). + * Sat Aug 03 2013 Fedora Release Engineering - 7.1.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild From 4e184fb7a29cf46946ecdfdee091fcb79c0f2a94 Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Fri, 6 Jun 2014 21:22:25 -0500 Subject: [PATCH 064/129] - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index 013ae5e..7c8e226 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.1.1 -Release: 5%{?dist} +Release: 6%{?dist} Summary: Advanced Web Statistics License: GPLv2 Group: Applications/Internet @@ -151,6 +151,9 @@ fi %changelog +* Sat Jun 07 2014 Fedora Release Engineering - 7.1.1-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + * Thu Oct 10 2013 Ralf Corsépius - 7.1.1-5 - Add BR: systemd for systemd.macros (RHBZ #1017665). From 568752f4c99584e2bb497ccc60c268293965a2e9 Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Mon, 9 Jun 2014 15:42:06 +0200 Subject: [PATCH 065/129] awstats-7.2-1 --- .gitignore | 1 + awstats.spec | 9 ++++++--- sources | 2 +- 3 files changed, 8 insertions(+), 4 deletions(-) diff --git a/.gitignore b/.gitignore index cf08795..fdccc91 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ awstats-7.0.tar.gz /awstats-7.1.tar.gz /awstats-7.1.1.tar.gz +/awstats-7.2.tar.gz diff --git a/awstats.spec b/awstats.spec index 7c8e226..7b15858 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,8 +1,8 @@ Name: awstats -Version: 7.1.1 -Release: 6%{?dist} +Version: 7.2 +Release: 1%{?dist} Summary: Advanced Web Statistics -License: GPLv2 +License: GPLv3+ Group: Applications/Internet URL: http://awstats.sourceforge.net Source0: http://downloads.sourceforge.net/project/awstats/AWStats/%{version}/awstats-%{version}.tar.gz @@ -151,6 +151,9 @@ fi %changelog +* Mon Jun 09 2014 Petr Lautrbach 7.2-1 +- version 7.2 + * Sat Jun 07 2014 Fedora Release Engineering - 7.1.1-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild diff --git a/sources b/sources index abc2f0b..76da7a8 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -bbec0233a83cf6ac1eebcf91b555aae7 awstats-7.1.1.tar.gz +0608ee882bc4a7088e9d588e887846c5 awstats-7.2.tar.gz From 9eb2decbff55ef83ac4c105448bf800f27e56f26 Mon Sep 17 00:00:00 2001 From: Jitka Plesnikova Date: Wed, 27 Aug 2014 01:24:08 +0200 Subject: [PATCH 066/129] Perl 5.20 rebuild --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index 7b15858..0ee1ab8 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.2 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Advanced Web Statistics License: GPLv3+ Group: Applications/Internet @@ -151,6 +151,9 @@ fi %changelog +* Tue Aug 26 2014 Jitka Plesnikova - 7.2-2 +- Perl 5.20 rebuild + * Mon Jun 09 2014 Petr Lautrbach 7.2-1 - version 7.2 From b1fe644aa517142d4e0eee5c7dde68ef92fd2932 Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Wed, 3 Sep 2014 23:19:05 +0200 Subject: [PATCH 067/129] awstats-7.3-1 --- .gitignore | 1 + awstats.spec | 7 +++++-- sources | 2 +- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index fdccc91..964b750 100644 --- a/.gitignore +++ b/.gitignore @@ -2,3 +2,4 @@ awstats-7.0.tar.gz /awstats-7.1.tar.gz /awstats-7.1.1.tar.gz /awstats-7.2.tar.gz +/awstats-7.3.tar.gz diff --git a/awstats.spec b/awstats.spec index 0ee1ab8..9cd46f5 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats -Version: 7.2 -Release: 2%{?dist} +Version: 7.3 +Release: 1%{?dist} Summary: Advanced Web Statistics License: GPLv3+ Group: Applications/Internet @@ -151,6 +151,9 @@ fi %changelog +* Wed Sep 03 2014 Petr Lautrbach 7.3-1 +- version 7.3 + * Tue Aug 26 2014 Jitka Plesnikova - 7.2-2 - Perl 5.20 rebuild diff --git a/sources b/sources index 76da7a8..938187f 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -0608ee882bc4a7088e9d588e887846c5 awstats-7.2.tar.gz +a76bf324d8836a8ba97f13a3c20ec6bc awstats-7.3.tar.gz From 7a3145031b15ecb3b5bd952d419c28f34a779121 Mon Sep 17 00:00:00 2001 From: Jitka Plesnikova Date: Fri, 5 Sep 2014 16:56:53 +0200 Subject: [PATCH 068/129] Perl 5.20 rebuild --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index 9cd46f5..cc0cb7c 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.3 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Advanced Web Statistics License: GPLv3+ Group: Applications/Internet @@ -151,6 +151,9 @@ fi %changelog +* Fri Sep 05 2014 Jitka Plesnikova - 7.3-2 +- Perl 5.20 rebuild + * Wed Sep 03 2014 Petr Lautrbach 7.3-1 - version 7.3 From 49319fb90b298517764e2b4e932489d35a7e7d5d Mon Sep 17 00:00:00 2001 From: Jitka Plesnikova Date: Wed, 3 Jun 2015 19:17:49 +0200 Subject: [PATCH 069/129] Perl 5.22 rebuild --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index cc0cb7c..2b4de7e 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.3 -Release: 2%{?dist} +Release: 3%{?dist} Summary: Advanced Web Statistics License: GPLv3+ Group: Applications/Internet @@ -151,6 +151,9 @@ fi %changelog +* Wed Jun 03 2015 Jitka Plesnikova - 7.3-3 +- Perl 5.22 rebuild + * Fri Sep 05 2014 Jitka Plesnikova - 7.3-2 - Perl 5.20 rebuild From 7fccb34177efe761f2ff3c0701b066a1ed80e9a1 Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Wed, 17 Jun 2015 01:28:42 +0000 Subject: [PATCH 070/129] - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index 2b4de7e..2aff7b6 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.3 -Release: 3%{?dist} +Release: 4%{?dist} Summary: Advanced Web Statistics License: GPLv3+ Group: Applications/Internet @@ -151,6 +151,9 @@ fi %changelog +* Wed Jun 17 2015 Fedora Release Engineering - 7.3-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + * Wed Jun 03 2015 Jitka Plesnikova - 7.3-3 - Perl 5.22 rebuild From 295b109b6aa01924a0608e6ff658433aeccba73d Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Fri, 11 Sep 2015 09:21:40 +0200 Subject: [PATCH 071/129] awstats-7.4-1 --- .gitignore | 1 + awstats.spec | 9 ++++++--- sources | 1 + 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index 964b750..f0aeb1f 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,4 @@ awstats-7.0.tar.gz /awstats-7.1.1.tar.gz /awstats-7.2.tar.gz /awstats-7.3.tar.gz +/awstats-7.4.tar.gz diff --git a/awstats.spec b/awstats.spec index 2aff7b6..b16013d 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats -Version: 7.3 -Release: 4%{?dist} +Version: 7.4 +Release: 1%{?dist} Summary: Advanced Web Statistics License: GPLv3+ Group: Applications/Internet @@ -140,7 +140,7 @@ fi %{_datadir}/%{name}/wwwroot/cgi-bin # Different defattr to fix lots of files which should not be +x. %defattr(644,root,root,755) -%doc README.TXT docs/* +%doc README.md docs/* %{_datadir}/%{name}/lang %{_datadir}/%{name}/lib %{_datadir}/%{name}/plugins @@ -151,6 +151,9 @@ fi %changelog +* Fri Sep 11 2015 Petr Lautrbach 7.4-1 +- version 7.4 + * Wed Jun 17 2015 Fedora Release Engineering - 7.3-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild diff --git a/sources b/sources index 938187f..5e45f86 100644 --- a/sources +++ b/sources @@ -1 +1,2 @@ a76bf324d8836a8ba97f13a3c20ec6bc awstats-7.3.tar.gz +2ff8854a471947578ba98f43e9d0db95 awstats-7.4.tar.gz From 9e2f64f89decc1f86609c4711a2818cb035990a2 Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Wed, 3 Feb 2016 16:47:59 +0000 Subject: [PATCH 072/129] - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index b16013d..13a5240 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.4 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Advanced Web Statistics License: GPLv3+ Group: Applications/Internet @@ -151,6 +151,9 @@ fi %changelog +* Wed Feb 03 2016 Fedora Release Engineering - 7.4-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + * Fri Sep 11 2015 Petr Lautrbach 7.4-1 - version 7.4 From 3875d9c70f27ca1a914231c74b315544a7a5296d Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Thu, 25 Feb 2016 14:11:35 +0100 Subject: [PATCH 073/129] awstats-7.4-3.fc25 replace logos with Copyright and Trademark problem by unknown.png https://bugzilla.redhat.com/show_bug.cgi?id=1196549 --- awstats.spec | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index 13a5240..1442e43 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.4 -Release: 2%{?dist} +Release: 3%{?dist} Summary: Advanced Web Statistics License: GPLv3+ Group: Applications/Internet @@ -108,6 +108,13 @@ install -p -m 644 tools/httpd_conf $RPM_BUILD_ROOT/%{_sysconfdir}/httpd/conf.d/% # Cron job install -m 0750 -p %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/cron.hourly/%{name} +# replace logos with Copyright and Trademark problem by unknown.png +# https://bugzilla.redhat.com/show_bug.cgi?id=1196549 +cd $RPM_BUILD_ROOT%{_datadir}/%{name}/wwwroot/icon +for i in browser/adobe.png browser/seamonkey.png os/win*.png os/macos*.png cpu/intel.png cpu/ibm.png; do + cp -v os/unknown.png $i +done +cd - %clean rm -rf $RPM_BUILD_ROOT @@ -151,6 +158,9 @@ fi %changelog +* Thu Feb 25 2016 Petr Lautrbach 7.4-3 +- replace logos with Copyright and Trademark problem by unknown.png (#1196549) + * Wed Feb 03 2016 Fedora Release Engineering - 7.4-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild From 1b28cd0e39be6488a953dfb638b8dcbdadb12158 Mon Sep 17 00:00:00 2001 From: Jitka Plesnikova Date: Sat, 14 May 2016 23:32:52 +0200 Subject: [PATCH 074/129] Perl 5.24 rebuild --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index 1442e43..2b702f8 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.4 -Release: 3%{?dist} +Release: 4%{?dist} Summary: Advanced Web Statistics License: GPLv3+ Group: Applications/Internet @@ -158,6 +158,9 @@ fi %changelog +* Sat May 14 2016 Jitka Plesnikova - 7.4-4 +- Perl 5.24 rebuild + * Thu Feb 25 2016 Petr Lautrbach 7.4-3 - replace logos with Copyright and Trademark problem by unknown.png (#1196549) From a0d181e2b0d0ebafb799182783d771f2da242af9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= Date: Fri, 24 Jun 2016 10:15:06 +0200 Subject: [PATCH 075/129] Mandatory Perl build-requires added --- awstats.spec | 1 + 1 file changed, 1 insertion(+) diff --git a/awstats.spec b/awstats.spec index 2b702f8..d5e233a 100644 --- a/awstats.spec +++ b/awstats.spec @@ -14,6 +14,7 @@ Patch1: awstats-7.0-httpd-2.4.patch BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) # For systemd.macros +BuildRequires: perl-generators BuildRequires: systemd BuildRequires: recode Requires: perl(:MODULE_COMPAT_%(eval "`perl -V:version`"; echo $version)) From 602edfa9b4ee1900baec9ac870f6cd9c2d392445 Mon Sep 17 00:00:00 2001 From: Jitka Plesnikova Date: Fri, 22 Jul 2016 14:22:49 +0200 Subject: [PATCH 076/129] Fix FTBFS when perl is not in the SRPM build root --- awstats.spec | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index d5e233a..cca550c 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.4 -Release: 4%{?dist} +Release: 5%{?dist} Summary: Advanced Web Statistics License: GPLv3+ Group: Applications/Internet @@ -14,6 +14,9 @@ Patch1: awstats-7.0-httpd-2.4.patch BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) # For systemd.macros +BuildRequires: coreutils +BuildRequires: findutils +BuildRequires: perl BuildRequires: perl-generators BuildRequires: systemd BuildRequires: recode @@ -159,6 +162,9 @@ fi %changelog +* Fri Jul 22 2016 Jitka Plesnikova - 7.4-5 +- Fix FTBFS when perl is not in the SRPM build root + * Sat May 14 2016 Jitka Plesnikova - 7.4-4 - Perl 5.24 rebuild From d5fa7aab6211bfc43c08208e294c3f940220d806 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Fri, 10 Feb 2017 06:39:40 +0000 Subject: [PATCH 077/129] - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index cca550c..64a41d9 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.4 -Release: 5%{?dist} +Release: 6%{?dist} Summary: Advanced Web Statistics License: GPLv3+ Group: Applications/Internet @@ -162,6 +162,9 @@ fi %changelog +* Fri Feb 10 2017 Fedora Release Engineering - 7.4-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + * Fri Jul 22 2016 Jitka Plesnikova - 7.4-5 - Fix FTBFS when perl is not in the SRPM build root From 0785cefadcef600595c2f14d1570693977123da1 Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Wed, 12 Apr 2017 13:30:34 +0200 Subject: [PATCH 078/129] awstats-7.6-1 --- .gitignore | 1 + awstats.spec | 7 +++++-- sources | 3 +-- 3 files changed, 7 insertions(+), 4 deletions(-) diff --git a/.gitignore b/.gitignore index f0aeb1f..452eb0a 100644 --- a/.gitignore +++ b/.gitignore @@ -4,3 +4,4 @@ awstats-7.0.tar.gz /awstats-7.2.tar.gz /awstats-7.3.tar.gz /awstats-7.4.tar.gz +/awstats-7.6.tar.gz diff --git a/awstats.spec b/awstats.spec index 64a41d9..93521ce 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats -Version: 7.4 -Release: 6%{?dist} +Version: 7.6 +Release: 1%{?dist} Summary: Advanced Web Statistics License: GPLv3+ Group: Applications/Internet @@ -162,6 +162,9 @@ fi %changelog +* Wed Apr 12 2017 Petr Lautrbach - 7.6-1 +- version 7.6 + * Fri Feb 10 2017 Fedora Release Engineering - 7.4-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild diff --git a/sources b/sources index 5e45f86..fb6bcc0 100644 --- a/sources +++ b/sources @@ -1,2 +1 @@ -a76bf324d8836a8ba97f13a3c20ec6bc awstats-7.3.tar.gz -2ff8854a471947578ba98f43e9d0db95 awstats-7.4.tar.gz +SHA512 (awstats-7.6.tar.gz) = ebce29dcbdc1f0eef68f1faf6a511212daba3e3621db682dce692dffa584e0c456fb260b9f8e1b7ac25a2a7d5d2bea5034692d2395d4e56a16fa5a36844c79d5 From 58cdd8cb3764cb86217b1e358b14677d8a13865a Mon Sep 17 00:00:00 2001 From: Chris Caron Date: Tue, 23 May 2017 13:55:13 +0200 Subject: [PATCH 079/129] Update spec file so it can be built on el6, el7 and Fedora --- awstats.spec | 23 +++++++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) diff --git a/awstats.spec b/awstats.spec index 93521ce..cc28c48 100644 --- a/awstats.spec +++ b/awstats.spec @@ -8,23 +8,34 @@ URL: http://awstats.sourceforge.net Source0: http://downloads.sourceforge.net/project/awstats/AWStats/%{version}/awstats-%{version}.tar.gz Source1: %{name}.cron Patch0: awstats-awredir.pl-sanitize-parameters.patch + +%if 0%{?rhel} == 7 || 0%{?fedora} # fix configuration for httpd 2.4 (#871366) Patch1: awstats-7.0-httpd-2.4.patch +%endif + +# distribution specific definitions +%define use_systemd (0%{?fedora} || 0%{?rhel} >= 7) BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) -# For systemd.macros BuildRequires: coreutils BuildRequires: findutils BuildRequires: perl BuildRequires: perl-generators -BuildRequires: systemd BuildRequires: recode Requires: perl(:MODULE_COMPAT_%(eval "`perl -V:version`"; echo $version)) Requires: perl-Net-IP, perl-Net-DNS, perl-Geo-IP Requires: crontabs Requires(post): perl + +%if %use_systemd +# For systemd.macros +BuildRequires: systemd Requires(postun): systemd +%else +Requires(postun): /sbin/service +%endif ## SELinux policy is now included upstream Obsoletes: awstats-selinux < 6.8-1 @@ -51,7 +62,9 @@ http://localhost/awstats/awstats.pl %prep %setup -q %patch0 -p 1 +%if 0%{?rhel} == 7 || 0%{?fedora} %patch1 -p 1 +%endif # Fix style sheets. perl -pi -e 's,/icon,/awstatsicons,g' wwwroot/css/* @@ -135,7 +148,13 @@ if [ $1 -eq 1 ]; then fi %postun +%if %use_systemd %systemd_postun_with_restart httpd.service +%else +if [ $1 -ne 0 ]; then + /sbin/service httpd condrestart >/dev/null 2>&1 +fi +%endif %files From 8b0cb1db93da782683d488199bbabc75f6998b26 Mon Sep 17 00:00:00 2001 From: Chris Caron Date: Tue, 23 May 2017 14:02:15 +0200 Subject: [PATCH 080/129] Move the cron file to awstats-cron --- awstats.spec | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index cc28c48..fa63385 100644 --- a/awstats.spec +++ b/awstats.spec @@ -59,6 +59,17 @@ With the default configuration, the statistics are available: http://localhost/awstats/awstats.pl +%package cron +Group: Applications/System +Summary: Provides cron entry for awstats +Requires: %{name} +Obsoletes: awstats <= 7.6-1 + +%description cron +awstats comes with a cron entry that is set to run hourly. +This is very useful for system admins who don't run any +out of the ordinary configuration. + %prep %setup -q %patch0 -p 1 @@ -156,12 +167,14 @@ if [ $1 -ne 0 ]; then fi %endif +%files cron +%defattr(-,root,root,755) +%config(noreplace) %attr(750,root,root) %{_sysconfdir}/cron.hourly/%{name} %files %defattr(-,root,root,755) # Apache configuration file %config(noreplace) %{_sysconfdir}/httpd/conf.d/%{name}.conf -%config(noreplace) %attr(750,root,root) %{_sysconfdir}/cron.hourly/%{name} %config(noreplace) %{_sysconfdir}/%{name}/ %{_localstatedir}/lib/%{name} %dir %{_datadir}/%{name} From 5d0e884730cef4da6d7a8be1f3ef54d73a8169c8 Mon Sep 17 00:00:00 2001 From: Chris Caron Date: Tue, 23 May 2017 14:03:10 +0200 Subject: [PATCH 081/129] Update default path to be more compatible with Linux distro --- awstats-awstats_path.patch | 38 ++++++++++++++++++++++++++++++++++++++ awstats.spec | 3 +++ 2 files changed, 41 insertions(+) create mode 100644 awstats-awstats_path.patch diff --git a/awstats-awstats_path.patch b/awstats-awstats_path.patch new file mode 100644 index 0000000..ba708d6 --- /dev/null +++ b/awstats-awstats_path.patch @@ -0,0 +1,38 @@ +From: Chris Caron +Date: Tue, 29 Nov 2016 20:33:53 -0500 +Subject: update default path to be more compatible with Linux distro +Website: http://nuxref.com + +Make it so you don't have to pass in the -awstats=/path/to/awstats.pl +every time any script is called. + +--- + +diff -Naur awstats-7.4/tools/awstats_buildstaticpages.pl awstats-7.4.patched/tools/awstats_buildstaticpages.pl +--- awstats-7.4/tools/awstats_buildstaticpages.pl 2014-09-23 03:16:09.000000000 -0400 ++++ awstats-7.4.patched/tools/awstats_buildstaticpages.pl 2016-11-29 20:33:53.203777945 -0500 +@@ -299,6 +299,10 @@ + # Check if AWSTATS prog is found + my $AwstatsFound=0; + if (-s "$Awstats") { $AwstatsFound=1; } ++elsif (-s "/usr/share/awstats/wwwroot/cgi-bin/awstats.pl") { ++ $Awstats="/usr/share/awstats/wwwroot/cgi-bin/awstats.pl"; ++ $AwstatsFound=1; ++} + elsif (-s "/usr/local/awstats/wwwroot/cgi-bin/awstats.pl") { + $Awstats="/usr/local/awstats/wwwroot/cgi-bin/awstats.pl"; + $AwstatsFound=1; +diff -Naur awstats-7.4/tools/awstats_updateall.pl awstats-7.4.patched/tools/awstats_updateall.pl +--- awstats-7.4/tools/awstats_updateall.pl 2014-09-23 03:16:09.000000000 -0400 ++++ awstats-7.4.patched/tools/awstats_updateall.pl 2016-11-29 20:34:58.026745752 -0500 +@@ -129,6 +129,10 @@ + # Check if AWSTATS prog is found + my $AwstatsFound=0; + if (-s "$Awstats") { $AwstatsFound=1; } ++ elsif (-s "/usr/share/awstats/wwwroot/cgi-bin/awstats.pl") { ++ $Awstats="/usr/share/awstats/wwwroot/cgi-bin/awstats.pl"; ++ $AwstatsFound=1; ++ } + elsif (-s "/usr/local/awstats/wwwroot/cgi-bin/awstats.pl") { + $Awstats="/usr/local/awstats/wwwroot/cgi-bin/awstats.pl"; + $AwstatsFound=1; diff --git a/awstats.spec b/awstats.spec index fa63385..b47c35e 100644 --- a/awstats.spec +++ b/awstats.spec @@ -14,6 +14,8 @@ Patch0: awstats-awredir.pl-sanitize-parameters.patch Patch1: awstats-7.0-httpd-2.4.patch %endif +Patch2: awstats-awstats_path.patch + # distribution specific definitions %define use_systemd (0%{?fedora} || 0%{?rhel} >= 7) @@ -76,6 +78,7 @@ out of the ordinary configuration. %if 0%{?rhel} == 7 || 0%{?fedora} %patch1 -p 1 %endif +%patch2 -p 1 # Fix style sheets. perl -pi -e 's,/icon,/awstatsicons,g' wwwroot/css/* From 494bbe43da0036232b7d3c75e2cc036ea8bbb90a Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Wed, 24 May 2017 07:46:39 +0200 Subject: [PATCH 082/129] awstats-7.6-2 - Move cron file to awstats-cron - Update default path to be more compatible with Linux distro --- awstats.spec | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index b47c35e..5d030d0 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.6 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Advanced Web Statistics License: GPLv3+ Group: Applications/Internet @@ -197,6 +197,10 @@ fi %changelog +* Tue May 23 2017 Petr Lautrbach - 7.6-2 +- Move cron file to awstats-cron +- Update default path to be more compatible with Linux distro + * Wed Apr 12 2017 Petr Lautrbach - 7.6-1 - version 7.6 From cc73d70abc491ef1b6dea87e1901203f78522713 Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Tue, 30 May 2017 08:54:41 +0200 Subject: [PATCH 083/129] Revert "Move the cron file to awstats-cron" This reverts commit 8b0cb1db93da782683d488199bbabc75f6998b26. We need to solve upgrade path for current users of the cron file first. --- awstats.spec | 15 +-------------- 1 file changed, 1 insertion(+), 14 deletions(-) diff --git a/awstats.spec b/awstats.spec index 5d030d0..00f1731 100644 --- a/awstats.spec +++ b/awstats.spec @@ -61,17 +61,6 @@ With the default configuration, the statistics are available: http://localhost/awstats/awstats.pl -%package cron -Group: Applications/System -Summary: Provides cron entry for awstats -Requires: %{name} -Obsoletes: awstats <= 7.6-1 - -%description cron -awstats comes with a cron entry that is set to run hourly. -This is very useful for system admins who don't run any -out of the ordinary configuration. - %prep %setup -q %patch0 -p 1 @@ -170,14 +159,12 @@ if [ $1 -ne 0 ]; then fi %endif -%files cron -%defattr(-,root,root,755) -%config(noreplace) %attr(750,root,root) %{_sysconfdir}/cron.hourly/%{name} %files %defattr(-,root,root,755) # Apache configuration file %config(noreplace) %{_sysconfdir}/httpd/conf.d/%{name}.conf +%config(noreplace) %attr(750,root,root) %{_sysconfdir}/cron.hourly/%{name} %config(noreplace) %{_sysconfdir}/%{name}/ %{_localstatedir}/lib/%{name} %dir %{_datadir}/%{name} From ea14dcb440e1a8ab15a15c352f6fcee2f9869f75 Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Tue, 30 May 2017 08:59:23 +0200 Subject: [PATCH 084/129] awstats-7.6-3 - Revert "Move cron file to awstats-cron" --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index 00f1731..fd2adbf 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.6 -Release: 2%{?dist} +Release: 3%{?dist} Summary: Advanced Web Statistics License: GPLv3+ Group: Applications/Internet @@ -184,6 +184,9 @@ fi %changelog +* Tue May 30 2017 Petr Lautrbach - 7.6-3 +- Revert "Move cron file to awstats-cron" + * Tue May 23 2017 Petr Lautrbach - 7.6-2 - Move cron file to awstats-cron - Update default path to be more compatible with Linux distro From bd7c4c4253212862f3b864b20f31d5e9e80d1e02 Mon Sep 17 00:00:00 2001 From: Jitka Plesnikova Date: Sun, 4 Jun 2017 14:35:48 +0200 Subject: [PATCH 085/129] Perl 5.26 rebuild --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index fd2adbf..8c7b3b8 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.6 -Release: 3%{?dist} +Release: 4%{?dist} Summary: Advanced Web Statistics License: GPLv3+ Group: Applications/Internet @@ -184,6 +184,9 @@ fi %changelog +* Sun Jun 04 2017 Jitka Plesnikova - 7.6-4 +- Perl 5.26 rebuild + * Tue May 30 2017 Petr Lautrbach - 7.6-3 - Revert "Move cron file to awstats-cron" From 2f508ddcc4d10c604f79c7a1f2d8d997f6c46063 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= Date: Thu, 13 Jul 2017 10:45:54 +0200 Subject: [PATCH 086/129] perl dependency renamed to perl-interpreter --- awstats.spec | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/awstats.spec b/awstats.spec index 8c7b3b8..4a1973f 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.6 -Release: 4%{?dist} +Release: 5%{?dist} Summary: Advanced Web Statistics License: GPLv3+ Group: Applications/Internet @@ -23,7 +23,7 @@ BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: coreutils BuildRequires: findutils -BuildRequires: perl +BuildRequires: perl-interpreter BuildRequires: perl-generators BuildRequires: recode Requires: perl(:MODULE_COMPAT_%(eval "`perl -V:version`"; echo $version)) @@ -184,6 +184,10 @@ fi %changelog +* Thu Jul 13 2017 Petr Pisar - 7.6-5 +- perl dependency renamed to perl-interpreter + + * Sun Jun 04 2017 Jitka Plesnikova - 7.6-4 - Perl 5.26 rebuild From da82ce97da98889e05df0f86b7110ae87d6d55e1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= Date: Fri, 14 Jul 2017 10:23:36 +0200 Subject: [PATCH 087/129] perl dependency renamed to perl-interpreter manually --- awstats.spec | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/awstats.spec b/awstats.spec index 4a1973f..4e45991 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.6 -Release: 5%{?dist} +Release: 6%{?dist} Summary: Advanced Web Statistics License: GPLv3+ Group: Applications/Internet @@ -29,7 +29,7 @@ BuildRequires: recode Requires: perl(:MODULE_COMPAT_%(eval "`perl -V:version`"; echo $version)) Requires: perl-Net-IP, perl-Net-DNS, perl-Geo-IP Requires: crontabs -Requires(post): perl +Requires(post): perl-interpreter %if %use_systemd # For systemd.macros @@ -184,6 +184,10 @@ fi %changelog +* Fri Jul 14 2017 Petr Pisar - 7.6-6 +- perl dependency renamed to perl-interpreter manually + + * Thu Jul 13 2017 Petr Pisar - 7.6-5 - perl dependency renamed to perl-interpreter From a52007af463ac9162e0826e401532ab472c6141c Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 26 Jul 2017 03:40:33 +0000 Subject: [PATCH 088/129] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index 4e45991..24a15c8 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.6 -Release: 6%{?dist} +Release: 7%{?dist} Summary: Advanced Web Statistics License: GPLv3+ Group: Applications/Internet @@ -184,6 +184,9 @@ fi %changelog +* Wed Jul 26 2017 Fedora Release Engineering - 7.6-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + * Fri Jul 14 2017 Petr Pisar - 7.6-6 - perl dependency renamed to perl-interpreter manually From 9a764ca2a23d354453efcc23d96ea7bc822a46d5 Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Tue, 2 Jan 2018 15:26:46 +0100 Subject: [PATCH 089/129] Fix two path traversal flaws were discovered in awstats Fixes: CVE-2017-1000501 https://bugzilla.redhat.com/show_bug.cgi?id=1529349 --- ...orted-by-cPanel-Security-Team-can-ex.patch | 71 +++++++++++++++++++ ...erability-reported-by-cPanel-Securit.patch | 70 ++++++++++++++++++ awstats.spec | 4 ++ 3 files changed, 145 insertions(+) create mode 100644 FIX-Security-reported-by-cPanel-Security-Team-can-ex.patch create mode 100644 Fix-another-vulnerability-reported-by-cPanel-Securit.patch diff --git a/FIX-Security-reported-by-cPanel-Security-Team-can-ex.patch b/FIX-Security-reported-by-cPanel-Security-Team-can-ex.patch new file mode 100644 index 0000000..1233b64 --- /dev/null +++ b/FIX-Security-reported-by-cPanel-Security-Team-can-ex.patch @@ -0,0 +1,71 @@ +From cf219843a74c951bf5986f3a7fffa3dcf99c3899 Mon Sep 17 00:00:00 2001 +From: Laurent Destailleur +Date: Sun, 17 Dec 2017 12:55:48 +0100 +Subject: [PATCH] FIX Security reported by cPanel Security Team (can execute + arbitraty code) + +--- + wwwroot/cgi-bin/awstats.pl | 19 ++++++++++++++----- + 1 file changed, 14 insertions(+), 5 deletions(-) + +diff --git a/wwwroot/cgi-bin/awstats.pl b/wwwroot/cgi-bin/awstats.pl +index 091d6823..fca4900f 100755 +--- a/wwwroot/cgi-bin/awstats.pl ++++ b/wwwroot/cgi-bin/awstats.pl +@@ -1780,7 +1780,7 @@ sub Read_Config { + }else{if ($Debug){debug("Unable to open config file: $searchdir$SiteConfig", 2);}} + } + +- #CL - Added to open config if full path is passed to awstats ++ #CL - Added to open config if full path is passed to awstats + if ( !$FileConfig ) { + + my $SiteConfigBis = File::Spec->rel2abs($SiteConfig); +@@ -2205,7 +2205,10 @@ sub Parse_Config { + } + + # Plugins +- if ( $param =~ /^LoadPlugin/ ) { push @PluginsToLoad, $value; next; } ++ if ( $param =~ /^LoadPlugin/ ) { ++ $value =~ s/[^a-zA-Z0-9_\/\.\+:=\?\s%\-]//g; # Sanitize plugin name and string param because it is used later in an eval. ++ push @PluginsToLoad, $value; next; ++ } + + # Other parameter checks we need to put after MaxNbOfExtra and MinHitExtra + if ( $param =~ /^MaxNbOf(\w+)/ ) { $MaxNbOf{$1} = $value; next; } +@@ -3251,7 +3254,7 @@ sub Read_Plugins { + } + my $ret; # To get init return + my $initfunction = +- "\$ret=Init_$pluginname('$pluginparam')"; ++ "\$ret=Init_$pluginname('$pluginparam')"; # Note that pluginname and pluginparam were sanitized when reading cong file entry 'LoadPlugin' + my $initret = eval("$initfunction"); + if ( $initret && $initret eq 'xxx' ) { + $initret = +@@ -17140,7 +17143,10 @@ if ( $ENV{'GATEWAY_INTERFACE'} ) { # Run from a browser as CGI + # No update but report by default when run from a browser + $UpdateStats = ( $QueryString =~ /update=1/i ? 1 : 0 ); + +- if ( $QueryString =~ /config=([^&]+)/i ) { $SiteConfig = &Sanitize("$1"); } ++ if ( $QueryString =~ /config=([^&]+)/i ) { ++ $SiteConfig = &Sanitize("$1"); ++ $SiteConfig =~ s/\.\.//g; # Avoid directory transversal ++ } + if ( $QueryString =~ /diricons=([^&]+)/i ) { $DirIcons = "$1"; } + if ( $QueryString =~ /pluginmode=([^&]+)/i ) { + $PluginMode = &Sanitize( "$1", 1 ); +@@ -17227,7 +17233,10 @@ else { # Run from command line + # Update with no report by default when run from command line + $UpdateStats = 1; + +- if ( $QueryString =~ /config=([^&]+)/i ) { $SiteConfig = &Sanitize("$1"); } ++ if ( $QueryString =~ /config=([^&]+)/i ) { ++ $SiteConfig = &Sanitize("$1"); ++ $SiteConfig =~ s/\.\.//g; ++ } + if ( $QueryString =~ /diricons=([^&]+)/i ) { $DirIcons = "$1"; } + if ( $QueryString =~ /pluginmode=([^&]+)/i ) { + $PluginMode = &Sanitize( "$1", 1 ); +-- +2.15.1 + diff --git a/Fix-another-vulnerability-reported-by-cPanel-Securit.patch b/Fix-another-vulnerability-reported-by-cPanel-Securit.patch new file mode 100644 index 0000000..3a3e588 --- /dev/null +++ b/Fix-another-vulnerability-reported-by-cPanel-Securit.patch @@ -0,0 +1,70 @@ +From 06c0ab29c1e5059d9e0279c6b64d573d619e1651 Mon Sep 17 00:00:00 2001 +From: Laurent Destailleur +Date: Wed, 27 Dec 2017 13:39:57 +0100 +Subject: [PATCH] Fix another vulnerability reported by cPanel Security Team + (can execute arbitraty code) + +--- + wwwroot/cgi-bin/awstats.pl | 14 +++++++++----- + 1 file changed, 9 insertions(+), 5 deletions(-) + +diff --git a/wwwroot/cgi-bin/awstats.pl b/wwwroot/cgi-bin/awstats.pl +index fca4900f..4f14c6ee 100755 +--- a/wwwroot/cgi-bin/awstats.pl ++++ b/wwwroot/cgi-bin/awstats.pl +@@ -17145,7 +17145,6 @@ if ( $ENV{'GATEWAY_INTERFACE'} ) { # Run from a browser as CGI + + if ( $QueryString =~ /config=([^&]+)/i ) { + $SiteConfig = &Sanitize("$1"); +- $SiteConfig =~ s/\.\.//g; # Avoid directory transversal + } + if ( $QueryString =~ /diricons=([^&]+)/i ) { $DirIcons = "$1"; } + if ( $QueryString =~ /pluginmode=([^&]+)/i ) { +@@ -17191,10 +17190,13 @@ if ( $ENV{'GATEWAY_INTERFACE'} ) { # Run from a browser as CGI + # If migrate + if ( $QueryString =~ /(^|-|&|&)migrate=([^&]+)/i ) { + $MigrateStats = &Sanitize("$2"); ++ + $MigrateStats =~ /^(.*)$PROG(\d{0,2})(\d\d)(\d\d\d\d)(.*)\.txt$/; +- $SiteConfig = $5 ? $5 : 'xxx'; ++ $SiteConfig = &Sanitize($5 ? $5 : 'xxx'); + $SiteConfig =~ s/^\.//; # SiteConfig is used to find config file + } ++ ++ $SiteConfig =~ s/\.\.//g; # Avoid directory transversal + } + else { # Run from command line + $DebugMessages = 1; +@@ -17204,9 +17206,10 @@ else { # Run from command line + + # If migrate + if ( $ARGV[$_] =~ /(^|-|&|&)migrate=([^&]+)/i ) { +- $MigrateStats = "$2"; ++ $MigrateStats = &Sanitize("$2"); ++ + $MigrateStats =~ /^(.*)$PROG(\d{0,2})(\d\d)(\d\d\d\d)(.*)\.txt$/; +- $SiteConfig = $5 ? $5 : 'xxx'; ++ $SiteConfig = &Sanitize($5 ? $5 : 'xxx'); + $SiteConfig =~ s/^\.//; # SiteConfig is used to find config file + next; + } +@@ -17235,7 +17238,6 @@ else { # Run from command line + + if ( $QueryString =~ /config=([^&]+)/i ) { + $SiteConfig = &Sanitize("$1"); +- $SiteConfig =~ s/\.\.//g; + } + if ( $QueryString =~ /diricons=([^&]+)/i ) { $DirIcons = "$1"; } + if ( $QueryString =~ /pluginmode=([^&]+)/i ) { +@@ -17301,6 +17303,8 @@ else { # Run from command line + $ShowDirectOrigin = 1; + $QueryString =~ s/showdirectorigin[^&]*//i; + } ++ ++ $SiteConfig =~ s/\.\.//g; + } + if ( $QueryString =~ /(^|&|&)staticlinks/i ) { + $StaticLinks = "$PROG.$SiteConfig"; +-- +2.15.1 + diff --git a/awstats.spec b/awstats.spec index 24a15c8..e54c670 100644 --- a/awstats.spec +++ b/awstats.spec @@ -15,6 +15,8 @@ Patch1: awstats-7.0-httpd-2.4.patch %endif Patch2: awstats-awstats_path.patch +Patch3: FIX-Security-reported-by-cPanel-Security-Team-can-ex.patch +Patch4: Fix-another-vulnerability-reported-by-cPanel-Securit.patch # distribution specific definitions %define use_systemd (0%{?fedora} || 0%{?rhel} >= 7) @@ -68,6 +70,8 @@ http://localhost/awstats/awstats.pl %patch1 -p 1 %endif %patch2 -p 1 +%patch3 -p 1 +%patch4 -p 1 # Fix style sheets. perl -pi -e 's,/icon,/awstatsicons,g' wwwroot/css/* From 58bf101083597c0142a6198e91da39443d54beae Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Tue, 2 Jan 2018 17:09:15 +0100 Subject: [PATCH 090/129] awstats-7.6-8 - Fix two path traversal issues in awstat.pl - CVE-2017-1000501 (#1529349) --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index e54c670..225f6b1 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.6 -Release: 7%{?dist} +Release: 8%{?dist} Summary: Advanced Web Statistics License: GPLv3+ Group: Applications/Internet @@ -188,6 +188,9 @@ fi %changelog +* Tue Jan 02 2018 Petr Lautrbach - 7.6-8 +- Fix two path traversal issues in awstat.pl - CVE-2017-1000501 (#1529349) + * Wed Jul 26 2017 Fedora Release Engineering - 7.6-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild From 7ea2408d4a6e5d21a01919fbe74ef265f00326ed Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Mon, 8 Jan 2018 14:06:10 +0100 Subject: [PATCH 091/129] awstats-7.7-1 --- .gitignore | 1 + ...orted-by-cPanel-Security-Team-can-ex.patch | 71 ------------------- ...erability-reported-by-cPanel-Securit.patch | 70 ------------------ awstats.spec | 11 ++- sources | 2 +- 5 files changed, 7 insertions(+), 148 deletions(-) delete mode 100644 FIX-Security-reported-by-cPanel-Security-Team-can-ex.patch delete mode 100644 Fix-another-vulnerability-reported-by-cPanel-Securit.patch diff --git a/.gitignore b/.gitignore index 452eb0a..ed55366 100644 --- a/.gitignore +++ b/.gitignore @@ -5,3 +5,4 @@ awstats-7.0.tar.gz /awstats-7.3.tar.gz /awstats-7.4.tar.gz /awstats-7.6.tar.gz +/awstats-7.7.tar.gz diff --git a/FIX-Security-reported-by-cPanel-Security-Team-can-ex.patch b/FIX-Security-reported-by-cPanel-Security-Team-can-ex.patch deleted file mode 100644 index 1233b64..0000000 --- a/FIX-Security-reported-by-cPanel-Security-Team-can-ex.patch +++ /dev/null @@ -1,71 +0,0 @@ -From cf219843a74c951bf5986f3a7fffa3dcf99c3899 Mon Sep 17 00:00:00 2001 -From: Laurent Destailleur -Date: Sun, 17 Dec 2017 12:55:48 +0100 -Subject: [PATCH] FIX Security reported by cPanel Security Team (can execute - arbitraty code) - ---- - wwwroot/cgi-bin/awstats.pl | 19 ++++++++++++++----- - 1 file changed, 14 insertions(+), 5 deletions(-) - -diff --git a/wwwroot/cgi-bin/awstats.pl b/wwwroot/cgi-bin/awstats.pl -index 091d6823..fca4900f 100755 ---- a/wwwroot/cgi-bin/awstats.pl -+++ b/wwwroot/cgi-bin/awstats.pl -@@ -1780,7 +1780,7 @@ sub Read_Config { - }else{if ($Debug){debug("Unable to open config file: $searchdir$SiteConfig", 2);}} - } - -- #CL - Added to open config if full path is passed to awstats -+ #CL - Added to open config if full path is passed to awstats - if ( !$FileConfig ) { - - my $SiteConfigBis = File::Spec->rel2abs($SiteConfig); -@@ -2205,7 +2205,10 @@ sub Parse_Config { - } - - # Plugins -- if ( $param =~ /^LoadPlugin/ ) { push @PluginsToLoad, $value; next; } -+ if ( $param =~ /^LoadPlugin/ ) { -+ $value =~ s/[^a-zA-Z0-9_\/\.\+:=\?\s%\-]//g; # Sanitize plugin name and string param because it is used later in an eval. -+ push @PluginsToLoad, $value; next; -+ } - - # Other parameter checks we need to put after MaxNbOfExtra and MinHitExtra - if ( $param =~ /^MaxNbOf(\w+)/ ) { $MaxNbOf{$1} = $value; next; } -@@ -3251,7 +3254,7 @@ sub Read_Plugins { - } - my $ret; # To get init return - my $initfunction = -- "\$ret=Init_$pluginname('$pluginparam')"; -+ "\$ret=Init_$pluginname('$pluginparam')"; # Note that pluginname and pluginparam were sanitized when reading cong file entry 'LoadPlugin' - my $initret = eval("$initfunction"); - if ( $initret && $initret eq 'xxx' ) { - $initret = -@@ -17140,7 +17143,10 @@ if ( $ENV{'GATEWAY_INTERFACE'} ) { # Run from a browser as CGI - # No update but report by default when run from a browser - $UpdateStats = ( $QueryString =~ /update=1/i ? 1 : 0 ); - -- if ( $QueryString =~ /config=([^&]+)/i ) { $SiteConfig = &Sanitize("$1"); } -+ if ( $QueryString =~ /config=([^&]+)/i ) { -+ $SiteConfig = &Sanitize("$1"); -+ $SiteConfig =~ s/\.\.//g; # Avoid directory transversal -+ } - if ( $QueryString =~ /diricons=([^&]+)/i ) { $DirIcons = "$1"; } - if ( $QueryString =~ /pluginmode=([^&]+)/i ) { - $PluginMode = &Sanitize( "$1", 1 ); -@@ -17227,7 +17233,10 @@ else { # Run from command line - # Update with no report by default when run from command line - $UpdateStats = 1; - -- if ( $QueryString =~ /config=([^&]+)/i ) { $SiteConfig = &Sanitize("$1"); } -+ if ( $QueryString =~ /config=([^&]+)/i ) { -+ $SiteConfig = &Sanitize("$1"); -+ $SiteConfig =~ s/\.\.//g; -+ } - if ( $QueryString =~ /diricons=([^&]+)/i ) { $DirIcons = "$1"; } - if ( $QueryString =~ /pluginmode=([^&]+)/i ) { - $PluginMode = &Sanitize( "$1", 1 ); --- -2.15.1 - diff --git a/Fix-another-vulnerability-reported-by-cPanel-Securit.patch b/Fix-another-vulnerability-reported-by-cPanel-Securit.patch deleted file mode 100644 index 3a3e588..0000000 --- a/Fix-another-vulnerability-reported-by-cPanel-Securit.patch +++ /dev/null @@ -1,70 +0,0 @@ -From 06c0ab29c1e5059d9e0279c6b64d573d619e1651 Mon Sep 17 00:00:00 2001 -From: Laurent Destailleur -Date: Wed, 27 Dec 2017 13:39:57 +0100 -Subject: [PATCH] Fix another vulnerability reported by cPanel Security Team - (can execute arbitraty code) - ---- - wwwroot/cgi-bin/awstats.pl | 14 +++++++++----- - 1 file changed, 9 insertions(+), 5 deletions(-) - -diff --git a/wwwroot/cgi-bin/awstats.pl b/wwwroot/cgi-bin/awstats.pl -index fca4900f..4f14c6ee 100755 ---- a/wwwroot/cgi-bin/awstats.pl -+++ b/wwwroot/cgi-bin/awstats.pl -@@ -17145,7 +17145,6 @@ if ( $ENV{'GATEWAY_INTERFACE'} ) { # Run from a browser as CGI - - if ( $QueryString =~ /config=([^&]+)/i ) { - $SiteConfig = &Sanitize("$1"); -- $SiteConfig =~ s/\.\.//g; # Avoid directory transversal - } - if ( $QueryString =~ /diricons=([^&]+)/i ) { $DirIcons = "$1"; } - if ( $QueryString =~ /pluginmode=([^&]+)/i ) { -@@ -17191,10 +17190,13 @@ if ( $ENV{'GATEWAY_INTERFACE'} ) { # Run from a browser as CGI - # If migrate - if ( $QueryString =~ /(^|-|&|&)migrate=([^&]+)/i ) { - $MigrateStats = &Sanitize("$2"); -+ - $MigrateStats =~ /^(.*)$PROG(\d{0,2})(\d\d)(\d\d\d\d)(.*)\.txt$/; -- $SiteConfig = $5 ? $5 : 'xxx'; -+ $SiteConfig = &Sanitize($5 ? $5 : 'xxx'); - $SiteConfig =~ s/^\.//; # SiteConfig is used to find config file - } -+ -+ $SiteConfig =~ s/\.\.//g; # Avoid directory transversal - } - else { # Run from command line - $DebugMessages = 1; -@@ -17204,9 +17206,10 @@ else { # Run from command line - - # If migrate - if ( $ARGV[$_] =~ /(^|-|&|&)migrate=([^&]+)/i ) { -- $MigrateStats = "$2"; -+ $MigrateStats = &Sanitize("$2"); -+ - $MigrateStats =~ /^(.*)$PROG(\d{0,2})(\d\d)(\d\d\d\d)(.*)\.txt$/; -- $SiteConfig = $5 ? $5 : 'xxx'; -+ $SiteConfig = &Sanitize($5 ? $5 : 'xxx'); - $SiteConfig =~ s/^\.//; # SiteConfig is used to find config file - next; - } -@@ -17235,7 +17238,6 @@ else { # Run from command line - - if ( $QueryString =~ /config=([^&]+)/i ) { - $SiteConfig = &Sanitize("$1"); -- $SiteConfig =~ s/\.\.//g; - } - if ( $QueryString =~ /diricons=([^&]+)/i ) { $DirIcons = "$1"; } - if ( $QueryString =~ /pluginmode=([^&]+)/i ) { -@@ -17301,6 +17303,8 @@ else { # Run from command line - $ShowDirectOrigin = 1; - $QueryString =~ s/showdirectorigin[^&]*//i; - } -+ -+ $SiteConfig =~ s/\.\.//g; - } - if ( $QueryString =~ /(^|&|&)staticlinks/i ) { - $StaticLinks = "$PROG.$SiteConfig"; --- -2.15.1 - diff --git a/awstats.spec b/awstats.spec index 225f6b1..ed0b542 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats -Version: 7.6 -Release: 8%{?dist} +Version: 7.7 +Release: 1%{?dist} Summary: Advanced Web Statistics License: GPLv3+ Group: Applications/Internet @@ -15,8 +15,6 @@ Patch1: awstats-7.0-httpd-2.4.patch %endif Patch2: awstats-awstats_path.patch -Patch3: FIX-Security-reported-by-cPanel-Security-Team-can-ex.patch -Patch4: Fix-another-vulnerability-reported-by-cPanel-Securit.patch # distribution specific definitions %define use_systemd (0%{?fedora} || 0%{?rhel} >= 7) @@ -70,8 +68,6 @@ http://localhost/awstats/awstats.pl %patch1 -p 1 %endif %patch2 -p 1 -%patch3 -p 1 -%patch4 -p 1 # Fix style sheets. perl -pi -e 's,/icon,/awstatsicons,g' wwwroot/css/* @@ -188,6 +184,9 @@ fi %changelog +* Mon Jan 08 2018 Petr Lautrbach - 7.7-1 +- Version 7.7 + * Tue Jan 02 2018 Petr Lautrbach - 7.6-8 - Fix two path traversal issues in awstat.pl - CVE-2017-1000501 (#1529349) diff --git a/sources b/sources index fb6bcc0..a8fba76 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (awstats-7.6.tar.gz) = ebce29dcbdc1f0eef68f1faf6a511212daba3e3621db682dce692dffa584e0c456fb260b9f8e1b7ac25a2a7d5d2bea5034692d2395d4e56a16fa5a36844c79d5 +SHA512 (awstats-7.7.tar.gz) = 8bf32b0650ef0cc900a16eead866da3847d81c2696e7a90fb49833679c958768833d781e5b4becd9b4f6748c7266e2887ff7ff33d98293ce3a0296a810fbe899 From f8dd1fa770d67d4f01a800cd00848e7ac2c151d3 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 7 Feb 2018 03:28:25 +0000 Subject: [PATCH 092/129] - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index ed0b542..6352eb4 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.7 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Advanced Web Statistics License: GPLv3+ Group: Applications/Internet @@ -184,6 +184,9 @@ fi %changelog +* Wed Feb 07 2018 Fedora Release Engineering - 7.7-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + * Mon Jan 08 2018 Petr Lautrbach - 7.7-1 - Version 7.7 From 88af95f6d69a407e57e5b1124da72d6a2df94382 Mon Sep 17 00:00:00 2001 From: Igor Gnatenko Date: Tue, 13 Feb 2018 23:04:59 +0100 Subject: [PATCH 093/129] Remove BuildRoot definition None of currently supported distributions need that. It was needed last for EL5 which is EOL now Signed-off-by: Igor Gnatenko --- awstats.spec | 1 - 1 file changed, 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index 6352eb4..4e2e48b 100644 --- a/awstats.spec +++ b/awstats.spec @@ -20,7 +20,6 @@ Patch2: awstats-awstats_path.patch %define use_systemd (0%{?fedora} || 0%{?rhel} >= 7) BuildArch: noarch -BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: coreutils BuildRequires: findutils BuildRequires: perl-interpreter From a2caf3eb9d2cd7d27d1053cdf9b2be63fb2090c0 Mon Sep 17 00:00:00 2001 From: Igor Gnatenko Date: Wed, 14 Feb 2018 07:52:29 +0100 Subject: [PATCH 094/129] Remove %clean section None of currently supported distributions need that. Last one was EL5 which is EOL for a while. Signed-off-by: Igor Gnatenko --- awstats.spec | 3 --- 1 file changed, 3 deletions(-) diff --git a/awstats.spec b/awstats.spec index 4e2e48b..2bddce1 100644 --- a/awstats.spec +++ b/awstats.spec @@ -135,9 +135,6 @@ for i in browser/adobe.png browser/seamonkey.png os/win*.png os/macos*.png cpu/i done cd - -%clean -rm -rf $RPM_BUILD_ROOT - %post if [ $1 -eq 1 ]; then From d5cbadd8a931f57efaef48d11f49f4df2eb31379 Mon Sep 17 00:00:00 2001 From: Jitka Plesnikova Date: Wed, 27 Jun 2018 21:27:07 +0200 Subject: [PATCH 095/129] Perl 5.28 rebuild --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index 2bddce1..e09cf7a 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.7 -Release: 2%{?dist} +Release: 3%{?dist} Summary: Advanced Web Statistics License: GPLv3+ Group: Applications/Internet @@ -180,6 +180,9 @@ fi %changelog +* Wed Jun 27 2018 Jitka Plesnikova - 7.7-3 +- Perl 5.28 rebuild + * Wed Feb 07 2018 Fedora Release Engineering - 7.7-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild From dacb8a8b214614712c609c2c4d105dd6f30f60a2 Mon Sep 17 00:00:00 2001 From: Jason Tibbitts Date: Tue, 10 Jul 2018 00:15:39 -0500 Subject: [PATCH 096/129] Remove needless use of %defattr --- awstats.spec | 1 - 1 file changed, 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index e09cf7a..baec518 100644 --- a/awstats.spec +++ b/awstats.spec @@ -157,7 +157,6 @@ fi %files -%defattr(-,root,root,755) # Apache configuration file %config(noreplace) %{_sysconfdir}/httpd/conf.d/%{name}.conf %config(noreplace) %attr(750,root,root) %{_sysconfdir}/cron.hourly/%{name} From 44ce0d3e8df67ee4cf65b91d71fe027eae94111f Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Thu, 12 Jul 2018 20:52:22 +0000 Subject: [PATCH 097/129] - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index baec518..352d75e 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.7 -Release: 3%{?dist} +Release: 4%{?dist} Summary: Advanced Web Statistics License: GPLv3+ Group: Applications/Internet @@ -179,6 +179,9 @@ fi %changelog +* Thu Jul 12 2018 Fedora Release Engineering - 7.7-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + * Wed Jun 27 2018 Jitka Plesnikova - 7.7-3 - Perl 5.28 rebuild From e26c1fc0d968da73b07af00f240f633384920c92 Mon Sep 17 00:00:00 2001 From: Igor Gnatenko Date: Mon, 28 Jan 2019 20:17:39 +0100 Subject: [PATCH 098/129] Remove obsolete Group tag References: https://fedoraproject.org/wiki/Changes/Remove_Group_Tag --- awstats.spec | 1 - 1 file changed, 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index 352d75e..9b55616 100644 --- a/awstats.spec +++ b/awstats.spec @@ -3,7 +3,6 @@ Version: 7.7 Release: 4%{?dist} Summary: Advanced Web Statistics License: GPLv3+ -Group: Applications/Internet URL: http://awstats.sourceforge.net Source0: http://downloads.sourceforge.net/project/awstats/AWStats/%{version}/awstats-%{version}.tar.gz Source1: %{name}.cron From 2172faf890ad4285b07c1d3fa8ec91bd195da7b9 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Thu, 31 Jan 2019 14:18:13 +0000 Subject: [PATCH 099/129] - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index 9b55616..ced7549 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.7 -Release: 4%{?dist} +Release: 5%{?dist} Summary: Advanced Web Statistics License: GPLv3+ URL: http://awstats.sourceforge.net @@ -178,6 +178,9 @@ fi %changelog +* Thu Jan 31 2019 Fedora Release Engineering - 7.7-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + * Thu Jul 12 2018 Fedora Release Engineering - 7.7-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild From c5f34890257c4933eb55a50b5ee308ec4886fac8 Mon Sep 17 00:00:00 2001 From: Jitka Plesnikova Date: Thu, 30 May 2019 14:04:28 +0200 Subject: [PATCH 100/129] Perl 5.30 rebuild --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index ced7549..21be088 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.7 -Release: 5%{?dist} +Release: 6%{?dist} Summary: Advanced Web Statistics License: GPLv3+ URL: http://awstats.sourceforge.net @@ -178,6 +178,9 @@ fi %changelog +* Thu May 30 2019 Jitka Plesnikova - 7.7-6 +- Perl 5.30 rebuild + * Thu Jan 31 2019 Fedora Release Engineering - 7.7-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild From abbf3c24fde7d712fa2efcdcdb5fdeb634e7b81c Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 24 Jul 2019 18:56:04 +0000 Subject: [PATCH 101/129] - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index 21be088..3f2ec09 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.7 -Release: 6%{?dist} +Release: 7%{?dist} Summary: Advanced Web Statistics License: GPLv3+ URL: http://awstats.sourceforge.net @@ -178,6 +178,9 @@ fi %changelog +* Wed Jul 24 2019 Fedora Release Engineering - 7.7-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + * Thu May 30 2019 Jitka Plesnikova - 7.7-6 - Perl 5.30 rebuild From 380df24dafde543f59f27f1ab3efaba3e9dae221 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Tue, 28 Jan 2020 12:36:09 +0000 Subject: [PATCH 102/129] - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index 3f2ec09..60e263f 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.7 -Release: 7%{?dist} +Release: 8%{?dist} Summary: Advanced Web Statistics License: GPLv3+ URL: http://awstats.sourceforge.net @@ -178,6 +178,9 @@ fi %changelog +* Tue Jan 28 2020 Fedora Release Engineering - 7.7-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + * Wed Jul 24 2019 Fedora Release Engineering - 7.7-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild From ccb5d31bc537b01885fb3697507d8165346f1474 Mon Sep 17 00:00:00 2001 From: Jitka Plesnikova Date: Mon, 22 Jun 2020 17:53:28 +0200 Subject: [PATCH 103/129] Perl 5.32 rebuild --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index 60e263f..43b1865 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.7 -Release: 8%{?dist} +Release: 9%{?dist} Summary: Advanced Web Statistics License: GPLv3+ URL: http://awstats.sourceforge.net @@ -178,6 +178,9 @@ fi %changelog +* Mon Jun 22 2020 Jitka Plesnikova - 7.7-9 +- Perl 5.32 rebuild + * Tue Jan 28 2020 Fedora Release Engineering - 7.7-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild From 8901f70547d3e09a645c13b1c71482d2447a04c1 Mon Sep 17 00:00:00 2001 From: Jitka Plesnikova Date: Fri, 26 Jun 2020 17:28:36 +0200 Subject: [PATCH 104/129] Perl 5.32 re-rebuild of bootstrapped packages --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index 43b1865..d7fbda8 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.7 -Release: 9%{?dist} +Release: 10%{?dist} Summary: Advanced Web Statistics License: GPLv3+ URL: http://awstats.sourceforge.net @@ -178,6 +178,9 @@ fi %changelog +* Fri Jun 26 2020 Jitka Plesnikova - 7.7-10 +- Perl 5.32 re-rebuild of bootstrapped packages + * Mon Jun 22 2020 Jitka Plesnikova - 7.7-9 - Perl 5.32 rebuild From 22249c0ff40c5df0fa3afeacc588f6430e46412b Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Mon, 27 Jul 2020 12:49:06 +0000 Subject: [PATCH 105/129] - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index d7fbda8..2e6ef0b 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.7 -Release: 10%{?dist} +Release: 11%{?dist} Summary: Advanced Web Statistics License: GPLv3+ URL: http://awstats.sourceforge.net @@ -178,6 +178,9 @@ fi %changelog +* Mon Jul 27 2020 Fedora Release Engineering - 7.7-11 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + * Fri Jun 26 2020 Jitka Plesnikova - 7.7-10 - Perl 5.32 re-rebuild of bootstrapped packages From 7bcf539103b804e7aa5cedc141e81b90366211ef Mon Sep 17 00:00:00 2001 From: Tim Jackson Date: Sun, 9 Aug 2020 23:01:33 +0200 Subject: [PATCH 106/129] Update to 7.8 Fix a few rpmlint issues --- .gitignore | 1 + awstats-awstats_path.patch | 38 ------------------------------------- awstats.spec | 39 +++++++++++++++++++------------------- sources | 2 +- 4 files changed, 22 insertions(+), 58 deletions(-) delete mode 100644 awstats-awstats_path.patch diff --git a/.gitignore b/.gitignore index ed55366..f81cfd7 100644 --- a/.gitignore +++ b/.gitignore @@ -6,3 +6,4 @@ awstats-7.0.tar.gz /awstats-7.4.tar.gz /awstats-7.6.tar.gz /awstats-7.7.tar.gz +/awstats-7.8.tar.gz diff --git a/awstats-awstats_path.patch b/awstats-awstats_path.patch deleted file mode 100644 index ba708d6..0000000 --- a/awstats-awstats_path.patch +++ /dev/null @@ -1,38 +0,0 @@ -From: Chris Caron -Date: Tue, 29 Nov 2016 20:33:53 -0500 -Subject: update default path to be more compatible with Linux distro -Website: http://nuxref.com - -Make it so you don't have to pass in the -awstats=/path/to/awstats.pl -every time any script is called. - ---- - -diff -Naur awstats-7.4/tools/awstats_buildstaticpages.pl awstats-7.4.patched/tools/awstats_buildstaticpages.pl ---- awstats-7.4/tools/awstats_buildstaticpages.pl 2014-09-23 03:16:09.000000000 -0400 -+++ awstats-7.4.patched/tools/awstats_buildstaticpages.pl 2016-11-29 20:33:53.203777945 -0500 -@@ -299,6 +299,10 @@ - # Check if AWSTATS prog is found - my $AwstatsFound=0; - if (-s "$Awstats") { $AwstatsFound=1; } -+elsif (-s "/usr/share/awstats/wwwroot/cgi-bin/awstats.pl") { -+ $Awstats="/usr/share/awstats/wwwroot/cgi-bin/awstats.pl"; -+ $AwstatsFound=1; -+} - elsif (-s "/usr/local/awstats/wwwroot/cgi-bin/awstats.pl") { - $Awstats="/usr/local/awstats/wwwroot/cgi-bin/awstats.pl"; - $AwstatsFound=1; -diff -Naur awstats-7.4/tools/awstats_updateall.pl awstats-7.4.patched/tools/awstats_updateall.pl ---- awstats-7.4/tools/awstats_updateall.pl 2014-09-23 03:16:09.000000000 -0400 -+++ awstats-7.4.patched/tools/awstats_updateall.pl 2016-11-29 20:34:58.026745752 -0500 -@@ -129,6 +129,10 @@ - # Check if AWSTATS prog is found - my $AwstatsFound=0; - if (-s "$Awstats") { $AwstatsFound=1; } -+ elsif (-s "/usr/share/awstats/wwwroot/cgi-bin/awstats.pl") { -+ $Awstats="/usr/share/awstats/wwwroot/cgi-bin/awstats.pl"; -+ $AwstatsFound=1; -+ } - elsif (-s "/usr/local/awstats/wwwroot/cgi-bin/awstats.pl") { - $Awstats="/usr/local/awstats/wwwroot/cgi-bin/awstats.pl"; - $AwstatsFound=1; diff --git a/awstats.spec b/awstats.spec index 2e6ef0b..bb71164 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats -Version: 7.7 -Release: 11%{?dist} +Version: 7.8 +Release: 1%{?dist} Summary: Advanced Web Statistics License: GPLv3+ URL: http://awstats.sourceforge.net @@ -8,13 +8,11 @@ Source0: http://downloads.sourceforge.net/project/awstats/AWStats/%{version}/ Source1: %{name}.cron Patch0: awstats-awredir.pl-sanitize-parameters.patch -%if 0%{?rhel} == 7 || 0%{?fedora} +%if 0%{?rhel} >= 7 || 0%{?fedora} # fix configuration for httpd 2.4 (#871366) Patch1: awstats-7.0-httpd-2.4.patch %endif -Patch2: awstats-awstats_path.patch - # distribution specific definitions %define use_systemd (0%{?fedora} || 0%{?rhel} >= 7) @@ -26,7 +24,7 @@ BuildRequires: perl-generators BuildRequires: recode Requires: perl(:MODULE_COMPAT_%(eval "`perl -V:version`"; echo $version)) Requires: perl-Net-IP, perl-Net-DNS, perl-Geo-IP -Requires: crontabs +Requires: crontabs Requires(post): perl-interpreter %if %use_systemd @@ -43,15 +41,15 @@ Provides: awstats-selinux = %{version}-%{release} %description -Advanced Web Statistics is a powerful and featureful tool that generates -advanced web server graphic statistics. This server log analyzer works -from command line or as a CGI and shows you all information your log contains, -in graphical web pages. It can analyze a lot of web/wap/proxy servers like -Apache, IIS, Weblogic, Webstar, Squid, ... but also mail or ftp servers. +Advanced Web Statistics is a powerful and full-featured tool that generates +advanced web server graphical statistics. This server log analyzer works +from the command line or as a CGI and shows all information your log contains, +in graphical web pages. It can analyze a lot of web/wap/proxy servers such as +Apache, IIS, Weblogic, Webstar, Squid, ... but also mail or FTP servers. -This program can measure visits, unique vistors, authenticated users, pages, +This program can measure visits, unique visitors, authenticated users, pages, domains/countries, OS busiest times, robot visits, type of files, search -engines/keywords used, visits duration, HTTP errors and more... +engines/keywords used, visit duration, HTTP errors and more... Statistics can be updated from a browser or your scheduler. The program also supports virtual servers, plugins and a lot of features. @@ -62,10 +60,9 @@ http://localhost/awstats/awstats.pl %prep %setup -q %patch0 -p 1 -%if 0%{?rhel} == 7 || 0%{?fedora} +%if 0%{?rhel} >= 7 || 0%{?fedora} %patch1 -p 1 %endif -%patch2 -p 1 # Fix style sheets. perl -pi -e 's,/icon,/awstatsicons,g' wwwroot/css/* @@ -76,7 +73,8 @@ find tools/xslt -type f | xargs chmod -x perl -pi -e 's/\r//g' docs/COPYING.TXT docs/LICENSE.TXT docs/pad_awstats.xml docs/awstats_changelog.txt docs/styles.css tools/httpd_conf tools/logresolvemerge.pl tools/awstats_exportlib.pl tools/awstats_buildstaticpages.pl tools/maillogconvert.pl tools/urlaliasbuilder.pl wwwroot/cgi-bin/awredir.pl # Encoding recode ISO-8859-1..UTF-8 docs/awstats_changelog.txt - +# Stray version control file +rm -f tools/webmin/.gitignore %install rm -rf $RPM_BUILD_ROOT @@ -116,9 +114,9 @@ perl -pi -e ' ' $RPM_BUILD_ROOT/%{_sysconfdir}/%{name}/%{name}.model.conf install -p -m 644 $RPM_BUILD_ROOT/%{_sysconfdir}/%{name}/%{name}.{model,localhost.localdomain}.conf -# Fix scripts +# Fix AWStats path in scripts perl -pi -e 's|/usr/local/awstats|%{_datadir}/awstats|g' \ - $RPM_BUILD_ROOT%{_datadir}/%{name}/tools/{*.pl} + $RPM_BUILD_ROOT%{_datadir}/%{name}/tools/*.pl # Apache configuration install -p -m 644 tools/httpd_conf $RPM_BUILD_ROOT/%{_sysconfdir}/httpd/conf.d/%{name}.conf @@ -130,7 +128,7 @@ install -m 0750 -p %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/cron.hourly/%{name} # https://bugzilla.redhat.com/show_bug.cgi?id=1196549 cd $RPM_BUILD_ROOT%{_datadir}/%{name}/wwwroot/icon for i in browser/adobe.png browser/seamonkey.png os/win*.png os/macos*.png cpu/intel.png cpu/ibm.png; do - cp -v os/unknown.png $i + cp -v os/unknown.png $i done cd - @@ -178,6 +176,9 @@ fi %changelog +* Fri Aug 07 2020 Tim Jackson - 7.8-1 +- Version 7.8 + * Mon Jul 27 2020 Fedora Release Engineering - 7.7-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild diff --git a/sources b/sources index a8fba76..318d463 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (awstats-7.7.tar.gz) = 8bf32b0650ef0cc900a16eead866da3847d81c2696e7a90fb49833679c958768833d781e5b4becd9b4f6748c7266e2887ff7ff33d98293ce3a0296a810fbe899 +SHA512 (awstats-7.8.tar.gz) = b532f74a8b420841b1ae7eea73fd341049925af01688a06114f53807c14c6a4edc4ca4f671b2b9c1aee8024ba25ccf69b6eae391250e5722d2fd719de4cf87e2 From 0d5fc4d6007f9e870cf05e045f21d3ddc39fff2b Mon Sep 17 00:00:00 2001 From: Tim Jackson Date: Wed, 30 Dec 2020 22:56:37 +0100 Subject: [PATCH 107/129] Fix CVE-2020-35176 --- awstats-CVE-2020-35176.patch | 20 ++++++++++++++++++++ awstats.spec | 9 ++++++++- 2 files changed, 28 insertions(+), 1 deletion(-) create mode 100644 awstats-CVE-2020-35176.patch diff --git a/awstats-CVE-2020-35176.patch b/awstats-CVE-2020-35176.patch new file mode 100644 index 0000000..c954a95 --- /dev/null +++ b/awstats-CVE-2020-35176.patch @@ -0,0 +1,20 @@ +diff --git a/wwwroot/cgi-bin/awstats.pl b/wwwroot/cgi-bin/awstats.pl +index e709b7f5..8341c0a5 100755 +--- a/wwwroot/cgi-bin/awstats.pl ++++ b/wwwroot/cgi-bin/awstats.pl +@@ -1711,13 +1711,13 @@ sub Read_Config { + # Check config file in common possible directories : + # Windows : "$DIR" (same dir than awstats.pl) + # Standard, Mandrake and Debian package : "/etc/awstats" +- # Other possible directories : "/usr/local/etc/awstats", "/etc" ++ # Other possible directories : "/usr/local/etc/awstats", + # FHS standard, Suse package : "/etc/opt/awstats" + my $configdir = shift; + my @PossibleConfigDir = ( + "$DIR", + "/etc/awstats", +- "/usr/local/etc/awstats", "/etc", ++ "/usr/local/etc/awstats", + "/etc/opt/awstats" + ); + diff --git a/awstats.spec b/awstats.spec index bb71164..cef08ed 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.8 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Advanced Web Statistics License: GPLv3+ URL: http://awstats.sourceforge.net @@ -13,6 +13,9 @@ Patch0: awstats-awredir.pl-sanitize-parameters.patch Patch1: awstats-7.0-httpd-2.4.patch %endif +# https://github.com/eldy/awstats/pull/196/commits/0d4d4c05f8e73be8f71dd361dc55cbd52858b823.diff +Patch2: awstats-CVE-2020-35176.patch + # distribution specific definitions %define use_systemd (0%{?fedora} || 0%{?rhel} >= 7) @@ -62,6 +65,7 @@ http://localhost/awstats/awstats.pl %patch0 -p 1 %if 0%{?rhel} >= 7 || 0%{?fedora} %patch1 -p 1 +%patch2 -p 1 %endif # Fix style sheets. @@ -176,6 +180,9 @@ fi %changelog +* Wed Dec 30 2020 Tim Jackson - 7.8-2 +- Fix CVE-2020-35176 + * Fri Aug 07 2020 Tim Jackson - 7.8-1 - Version 7.8 From c489a83890d541120ae3a0d189249a73a290062e Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Tue, 26 Jan 2021 00:51:23 +0000 Subject: [PATCH 108/129] - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index cef08ed..e25342a 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.8 -Release: 2%{?dist} +Release: 3%{?dist} Summary: Advanced Web Statistics License: GPLv3+ URL: http://awstats.sourceforge.net @@ -180,6 +180,9 @@ fi %changelog +* Tue Jan 26 2021 Fedora Release Engineering - 7.8-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + * Wed Dec 30 2020 Tim Jackson - 7.8-2 - Fix CVE-2020-35176 From b50ed5b8a7f7ea9994ad67dcaa71693e497e1708 Mon Sep 17 00:00:00 2001 From: Jitka Plesnikova Date: Fri, 21 May 2021 13:04:46 +0200 Subject: [PATCH 109/129] Perl 5.34 rebuild --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index e25342a..f9119c3 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.8 -Release: 3%{?dist} +Release: 4%{?dist} Summary: Advanced Web Statistics License: GPLv3+ URL: http://awstats.sourceforge.net @@ -180,6 +180,9 @@ fi %changelog +* Fri May 21 2021 Jitka Plesnikova - 7.8-4 +- Perl 5.34 rebuild + * Tue Jan 26 2021 Fedora Release Engineering - 7.8-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild From 58658004c44b93b2f514dcafd6370252161268f1 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 21 Jul 2021 13:22:59 +0000 Subject: [PATCH 110/129] - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild Signed-off-by: Fedora Release Engineering From e1e5347cce95667cd1bb3207479214588f74a4b1 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 21 Jul 2021 18:19:14 +0000 Subject: [PATCH 111/129] - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index f9119c3..abc50ce 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.8 -Release: 4%{?dist} +Release: 5%{?dist} Summary: Advanced Web Statistics License: GPLv3+ URL: http://awstats.sourceforge.net @@ -180,6 +180,9 @@ fi %changelog +* Wed Jul 21 2021 Fedora Release Engineering - 7.8-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + * Fri May 21 2021 Jitka Plesnikova - 7.8-4 - Perl 5.34 rebuild From efa8b85692b1dfdffa292b300e09413a0eee3ca6 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 19 Jan 2022 22:02:55 +0000 Subject: [PATCH 112/129] - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index abc50ce..f6582f2 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.8 -Release: 5%{?dist} +Release: 6%{?dist} Summary: Advanced Web Statistics License: GPLv3+ URL: http://awstats.sourceforge.net @@ -180,6 +180,9 @@ fi %changelog +* Wed Jan 19 2022 Fedora Release Engineering - 7.8-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + * Wed Jul 21 2021 Fedora Release Engineering - 7.8-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild From 93ff49ea631261d1af7cb3e4679d47293a86954e Mon Sep 17 00:00:00 2001 From: Troy Dawson Date: Mon, 31 Jan 2022 09:04:32 -0800 Subject: [PATCH 113/129] epel8-playground decommissioned : https://pagure.io/epel/issue/136 --- .cvsignore | 0 Makefile | 21 --------------------- dead.package | 1 + sources | 0 4 files changed, 1 insertion(+), 21 deletions(-) delete mode 100644 .cvsignore delete mode 100644 Makefile create mode 100644 dead.package delete mode 100644 sources diff --git a/.cvsignore b/.cvsignore deleted file mode 100644 index e69de29..0000000 diff --git a/Makefile b/Makefile deleted file mode 100644 index 3a4d010..0000000 --- a/Makefile +++ /dev/null @@ -1,21 +0,0 @@ -# Makefile for source rpm: awstats -# $Id$ -NAME := awstats -SPECFILE = $(firstword $(wildcard *.spec)) - -define find-makefile-common -for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done -endef - -MAKEFILE_COMMON := $(shell $(find-makefile-common)) - -ifeq ($(MAKEFILE_COMMON),) -# attept a checkout -define checkout-makefile-common -test -f CVS/Rootx && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2 -endef - -MAKEFILE_COMMON := $(shell $(checkout-makefile-common)) -endif - -include $(MAKEFILE_COMMON) diff --git a/dead.package b/dead.package new file mode 100644 index 0000000..a72aec0 --- /dev/null +++ b/dead.package @@ -0,0 +1 @@ +epel8-playground decommissioned : https://pagure.io/epel/issue/136 diff --git a/sources b/sources deleted file mode 100644 index e69de29..0000000 From c891dfd3fff8d5d976f922788d8c9f7db231d6b6 Mon Sep 17 00:00:00 2001 From: Jitka Plesnikova Date: Mon, 30 May 2022 19:45:44 +0200 Subject: [PATCH 114/129] Perl 5.36 rebuild --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index f6582f2..725eacd 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.8 -Release: 6%{?dist} +Release: 7%{?dist} Summary: Advanced Web Statistics License: GPLv3+ URL: http://awstats.sourceforge.net @@ -180,6 +180,9 @@ fi %changelog +* Mon May 30 2022 Jitka Plesnikova - 7.8-7 +- Perl 5.36 rebuild + * Wed Jan 19 2022 Fedora Release Engineering - 7.8-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild From 34f5c33ee6dfa970076eddb669f83ac242b90e43 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 20 Jul 2022 21:40:43 +0000 Subject: [PATCH 115/129] Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index 725eacd..33c3bd3 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.8 -Release: 7%{?dist} +Release: 8%{?dist} Summary: Advanced Web Statistics License: GPLv3+ URL: http://awstats.sourceforge.net @@ -180,6 +180,9 @@ fi %changelog +* Wed Jul 20 2022 Fedora Release Engineering - 7.8-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + * Mon May 30 2022 Jitka Plesnikova - 7.8-7 - Perl 5.36 rebuild From d4c9b5f75af743d292303d8b6de3a780fc90f2c6 Mon Sep 17 00:00:00 2001 From: Tim Jackson Date: Mon, 9 Jan 2023 21:55:28 +0100 Subject: [PATCH 116/129] Fix CVE-2022-46391 (rhbz #2150632) Clean up spec file, removing conditionals for now-obsolete releases --- awstats-CVE-2022-46391.patch | 13 +++++++++++++ awstats.spec | 28 ++++++++++------------------ 2 files changed, 23 insertions(+), 18 deletions(-) create mode 100644 awstats-CVE-2022-46391.patch diff --git a/awstats-CVE-2022-46391.patch b/awstats-CVE-2022-46391.patch new file mode 100644 index 0000000..bed1e7b --- /dev/null +++ b/awstats-CVE-2022-46391.patch @@ -0,0 +1,13 @@ +diff --git a/wwwroot/cgi-bin/plugins/hostinfo.pm b/wwwroot/cgi-bin/plugins/hostinfo.pm +index 95b2c20b7..1f0ac6994 100644 +--- a/wwwroot/cgi-bin/plugins/hostinfo.pm ++++ b/wwwroot/cgi-bin/plugins/hostinfo.pm +@@ -181,7 +181,7 @@ sub BuildFullHTMLOutput_hostinfo { + + &tab_head("Full Whois Field",0,0,'whois'); + if ($w && $w->response()) { +- print "
".($w->response())."
\n"; ++ print "
".CleanXSS($w->response())."
\n"; + } + else { + print "
The Whois command failed.
Did the server running AWStats is allowed to send WhoIs queries (If a firewall is running, port 43 should be opened from inside to outside) ?

\n"; diff --git a/awstats.spec b/awstats.spec index 33c3bd3..f2b17e7 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.8 -Release: 8%{?dist} +Release: 9%{?dist} Summary: Advanced Web Statistics License: GPLv3+ URL: http://awstats.sourceforge.net @@ -8,16 +8,15 @@ Source0: http://downloads.sourceforge.net/project/awstats/AWStats/%{version}/ Source1: %{name}.cron Patch0: awstats-awredir.pl-sanitize-parameters.patch -%if 0%{?rhel} >= 7 || 0%{?fedora} # fix configuration for httpd 2.4 (#871366) Patch1: awstats-7.0-httpd-2.4.patch -%endif # https://github.com/eldy/awstats/pull/196/commits/0d4d4c05f8e73be8f71dd361dc55cbd52858b823.diff Patch2: awstats-CVE-2020-35176.patch -# distribution specific definitions -%define use_systemd (0%{?fedora} || 0%{?rhel} >= 7) +# https://bugzilla.redhat.com/show_bug.cgi?id=2150632 +# https://github.com/eldy/AWStats/commit/38682330e1ec3f3af95f9436640358b2d9e4a965.diff +Patch3: awstats-CVE-2022-46391.patch BuildArch: noarch BuildRequires: coreutils @@ -30,13 +29,9 @@ Requires: perl-Net-IP, perl-Net-DNS, perl-Geo-IP Requires: crontabs Requires(post): perl-interpreter -%if %use_systemd # For systemd.macros BuildRequires: systemd Requires(postun): systemd -%else -Requires(postun): /sbin/service -%endif ## SELinux policy is now included upstream Obsoletes: awstats-selinux < 6.8-1 @@ -56,17 +51,16 @@ engines/keywords used, visit duration, HTTP errors and more... Statistics can be updated from a browser or your scheduler. The program also supports virtual servers, plugins and a lot of features. -With the default configuration, the statistics are available: +With the default configuration, the statistics are available at: http://localhost/awstats/awstats.pl %prep %setup -q %patch0 -p 1 -%if 0%{?rhel} >= 7 || 0%{?fedora} %patch1 -p 1 %patch2 -p 1 -%endif +%patch3 -p 1 # Fix style sheets. perl -pi -e 's,/icon,/awstatsicons,g' wwwroot/css/* @@ -148,13 +142,7 @@ if [ $1 -eq 1 ]; then fi %postun -%if %use_systemd %systemd_postun_with_restart httpd.service -%else -if [ $1 -ne 0 ]; then - /sbin/service httpd condrestart >/dev/null 2>&1 -fi -%endif %files @@ -180,6 +168,10 @@ fi %changelog +* Mon Jan 09 2023 Tim Jackson - 7.8-9 +- Fix CVE-2022-46391 (rhbz #2150632) +- Clean up spec file, removing conditionals for now-obsolete releases + * Wed Jul 20 2022 Fedora Release Engineering - 7.8-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild From aee7c4ef2398e5ac26d5f8dec77719778ed58d65 Mon Sep 17 00:00:00 2001 From: Jitka Plesnikova Date: Fri, 13 Jan 2023 09:26:23 +0100 Subject: [PATCH 117/129] Remove perl(MODULE_COMPAT), it will be replaced by generators --- awstats.spec | 1 - 1 file changed, 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index f2b17e7..b71c414 100644 --- a/awstats.spec +++ b/awstats.spec @@ -24,7 +24,6 @@ BuildRequires: findutils BuildRequires: perl-interpreter BuildRequires: perl-generators BuildRequires: recode -Requires: perl(:MODULE_COMPAT_%(eval "`perl -V:version`"; echo $version)) Requires: perl-Net-IP, perl-Net-DNS, perl-Geo-IP Requires: crontabs Requires(post): perl-interpreter From 9439ecc5c99908df10bd9fc4cbb06399e663330f Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 18 Jan 2023 22:34:41 +0000 Subject: [PATCH 118/129] Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index b71c414..522c2ac 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.8 -Release: 9%{?dist} +Release: 10%{?dist} Summary: Advanced Web Statistics License: GPLv3+ URL: http://awstats.sourceforge.net @@ -167,6 +167,9 @@ fi %changelog +* Wed Jan 18 2023 Fedora Release Engineering - 7.8-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + * Mon Jan 09 2023 Tim Jackson - 7.8-9 - Fix CVE-2022-46391 (rhbz #2150632) - Clean up spec file, removing conditionals for now-obsolete releases From 0aaaa886fb70b76930fd2b1e2a72871804679b1f Mon Sep 17 00:00:00 2001 From: Tim Jackson Date: Wed, 18 Jan 2023 23:56:18 +0100 Subject: [PATCH 119/129] Update to AWStats 7.9 --- .gitignore | 1 + ...d-2.4.patch => awstats-7.9-httpd-2.4.patch | 14 +++--------- awstats-CVE-2020-35176.patch | 20 ----------------- awstats-CVE-2022-46391.patch | 13 ----------- awstats.spec | 22 +++++++------------ sources | 2 +- 6 files changed, 13 insertions(+), 59 deletions(-) rename awstats-7.0-httpd-2.4.patch => awstats-7.9-httpd-2.4.patch (74%) delete mode 100644 awstats-CVE-2020-35176.patch delete mode 100644 awstats-CVE-2022-46391.patch diff --git a/.gitignore b/.gitignore index f81cfd7..81997fe 100644 --- a/.gitignore +++ b/.gitignore @@ -7,3 +7,4 @@ awstats-7.0.tar.gz /awstats-7.6.tar.gz /awstats-7.7.tar.gz /awstats-7.8.tar.gz +/awstats-7.9.tar.gz diff --git a/awstats-7.0-httpd-2.4.patch b/awstats-7.9-httpd-2.4.patch similarity index 74% rename from awstats-7.0-httpd-2.4.patch rename to awstats-7.9-httpd-2.4.patch index 2fe23b6..a441127 100644 --- a/awstats-7.0-httpd-2.4.patch +++ b/awstats-7.9-httpd-2.4.patch @@ -1,7 +1,6 @@ -diff -up awstats-7.0/tools/httpd_conf.http-2.4 awstats-7.0/tools/httpd_conf ---- awstats-7.0/tools/httpd_conf.http-2.4 2012-11-16 16:11:07.612386681 +0100 -+++ awstats-7.0/tools/httpd_conf 2012-11-16 16:44:24.921755562 +0100 -@@ -10,20 +10,33 @@ +--- awstats-7.9/tools/httpd_conf.orig 2014-09-23 09:16:09.000000000 +0200 ++++ awstats-7.9/tools/httpd_conf 2023-01-18 23:30:18.097762242 +0100 +@@ -10,20 +10,26 @@ # # Directives to add to your Apache conf file to allow use of AWStats as a CGI. @@ -28,14 +27,7 @@ diff -up awstats-7.0/tools/httpd_conf.http-2.4 awstats-7.0/tools/httpd_conf - Order allow,deny - Allow from all + -+ # Apache 2.4 + Require local -+ -+ -+ # Apache 2.2 -+ Order allow,deny -+ Allow from 127.0.0.1 -+ Allow from ::1 + +# Additional Perl modules diff --git a/awstats-CVE-2020-35176.patch b/awstats-CVE-2020-35176.patch deleted file mode 100644 index c954a95..0000000 --- a/awstats-CVE-2020-35176.patch +++ /dev/null @@ -1,20 +0,0 @@ -diff --git a/wwwroot/cgi-bin/awstats.pl b/wwwroot/cgi-bin/awstats.pl -index e709b7f5..8341c0a5 100755 ---- a/wwwroot/cgi-bin/awstats.pl -+++ b/wwwroot/cgi-bin/awstats.pl -@@ -1711,13 +1711,13 @@ sub Read_Config { - # Check config file in common possible directories : - # Windows : "$DIR" (same dir than awstats.pl) - # Standard, Mandrake and Debian package : "/etc/awstats" -- # Other possible directories : "/usr/local/etc/awstats", "/etc" -+ # Other possible directories : "/usr/local/etc/awstats", - # FHS standard, Suse package : "/etc/opt/awstats" - my $configdir = shift; - my @PossibleConfigDir = ( - "$DIR", - "/etc/awstats", -- "/usr/local/etc/awstats", "/etc", -+ "/usr/local/etc/awstats", - "/etc/opt/awstats" - ); - diff --git a/awstats-CVE-2022-46391.patch b/awstats-CVE-2022-46391.patch deleted file mode 100644 index bed1e7b..0000000 --- a/awstats-CVE-2022-46391.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff --git a/wwwroot/cgi-bin/plugins/hostinfo.pm b/wwwroot/cgi-bin/plugins/hostinfo.pm -index 95b2c20b7..1f0ac6994 100644 ---- a/wwwroot/cgi-bin/plugins/hostinfo.pm -+++ b/wwwroot/cgi-bin/plugins/hostinfo.pm -@@ -181,7 +181,7 @@ sub BuildFullHTMLOutput_hostinfo { - - &tab_head("Full Whois Field",0,0,'whois'); - if ($w && $w->response()) { -- print "
".($w->response())."
\n"; -+ print "
".CleanXSS($w->response())."
\n"; - } - else { - print "
The Whois command failed.
Did the server running AWStats is allowed to send WhoIs queries (If a firewall is running, port 43 should be opened from inside to outside) ?

\n"; diff --git a/awstats.spec b/awstats.spec index 522c2ac..74fdbb2 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,22 +1,15 @@ Name: awstats -Version: 7.8 -Release: 10%{?dist} +Version: 7.9 +Release: 1%{?dist} Summary: Advanced Web Statistics License: GPLv3+ -URL: http://awstats.sourceforge.net -Source0: http://downloads.sourceforge.net/project/awstats/AWStats/%{version}/awstats-%{version}.tar.gz +URL: https://www.awstats.org/ +Source0: https://downloads.sourceforge.net/project/awstats/AWStats/%{version}/awstats-%{version}.tar.gz Source1: %{name}.cron Patch0: awstats-awredir.pl-sanitize-parameters.patch # fix configuration for httpd 2.4 (#871366) -Patch1: awstats-7.0-httpd-2.4.patch - -# https://github.com/eldy/awstats/pull/196/commits/0d4d4c05f8e73be8f71dd361dc55cbd52858b823.diff -Patch2: awstats-CVE-2020-35176.patch - -# https://bugzilla.redhat.com/show_bug.cgi?id=2150632 -# https://github.com/eldy/AWStats/commit/38682330e1ec3f3af95f9436640358b2d9e4a965.diff -Patch3: awstats-CVE-2022-46391.patch +Patch1: awstats-7.9-httpd-2.4.patch BuildArch: noarch BuildRequires: coreutils @@ -58,8 +51,6 @@ http://localhost/awstats/awstats.pl %setup -q %patch0 -p 1 %patch1 -p 1 -%patch2 -p 1 -%patch3 -p 1 # Fix style sheets. perl -pi -e 's,/icon,/awstatsicons,g' wwwroot/css/* @@ -167,6 +158,9 @@ fi %changelog +* Wed Jan 18 2023 Tim Jackson - 7.9-1 +- Version 7.9 + * Wed Jan 18 2023 Fedora Release Engineering - 7.8-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild diff --git a/sources b/sources index 318d463..3a8025b 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (awstats-7.8.tar.gz) = b532f74a8b420841b1ae7eea73fd341049925af01688a06114f53807c14c6a4edc4ca4f671b2b9c1aee8024ba25ccf69b6eae391250e5722d2fd719de4cf87e2 +SHA512 (awstats-7.9.tar.gz) = 1270c7486a5558a54abc7b43cd92ffcea356ff4c00271bb824758ef4f5736eff559dd38eb7bc7bff8d45efa970a60ddcc5771762a3c3a32f003b0e39c55814d9 From 9cdc31d8f8678835901387fab905bfab614e8bba Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 19 Jul 2023 14:16:22 +0000 Subject: [PATCH 120/129] Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index 74fdbb2..503000f 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.9 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Advanced Web Statistics License: GPLv3+ URL: https://www.awstats.org/ @@ -158,6 +158,9 @@ fi %changelog +* Wed Jul 19 2023 Fedora Release Engineering - 7.9-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + * Wed Jan 18 2023 Tim Jackson - 7.9-1 - Version 7.9 From a869d814c40b4bcb139fe83e2a3d88978764c860 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Fri, 19 Jan 2024 14:03:00 +0000 Subject: [PATCH 121/129] Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index 503000f..0328871 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.9 -Release: 2%{?dist} +Release: 3%{?dist} Summary: Advanced Web Statistics License: GPLv3+ URL: https://www.awstats.org/ @@ -158,6 +158,9 @@ fi %changelog +* Fri Jan 19 2024 Fedora Release Engineering - 7.9-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + * Wed Jul 19 2023 Fedora Release Engineering - 7.9-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild From c11176a78e8e7610a7b84c9e278b52e516fb6787 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Tue, 23 Jan 2024 00:00:48 +0000 Subject: [PATCH 122/129] Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index 0328871..2346cb9 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.9 -Release: 3%{?dist} +Release: 4%{?dist} Summary: Advanced Web Statistics License: GPLv3+ URL: https://www.awstats.org/ @@ -158,6 +158,9 @@ fi %changelog +* Tue Jan 23 2024 Fedora Release Engineering - 7.9-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + * Fri Jan 19 2024 Fedora Release Engineering - 7.9-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild From f7da9ef99e250b8642f3ea39571a61c74ee11beb Mon Sep 17 00:00:00 2001 From: Software Management Team Date: Thu, 30 May 2024 12:46:46 +0200 Subject: [PATCH 123/129] Eliminate use of obsolete %patchN syntax (#2283636) --- awstats.spec | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/awstats.spec b/awstats.spec index 2346cb9..c5eea9b 100644 --- a/awstats.spec +++ b/awstats.spec @@ -49,8 +49,8 @@ http://localhost/awstats/awstats.pl %prep %setup -q -%patch0 -p 1 -%patch1 -p 1 +%patch -P0 -p 1 +%patch -P1 -p 1 # Fix style sheets. perl -pi -e 's,/icon,/awstatsicons,g' wwwroot/css/* From 8ab5fcb95982eaf6300762c04bbbfcabc6fadd55 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 17 Jul 2024 17:58:07 +0000 Subject: [PATCH 124/129] Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index c5eea9b..828d511 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.9 -Release: 4%{?dist} +Release: 5%{?dist} Summary: Advanced Web Statistics License: GPLv3+ URL: https://www.awstats.org/ @@ -158,6 +158,9 @@ fi %changelog +* Wed Jul 17 2024 Fedora Release Engineering - 7.9-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + * Tue Jan 23 2024 Fedora Release Engineering - 7.9-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild From 51624c431d25a278091bc79f65eb5c21b75b8dd5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miroslav=20Such=C3=BD?= Date: Thu, 25 Jul 2024 11:25:35 +0200 Subject: [PATCH 125/129] convert GPLv3+ license to SPDX This is part of https://fedoraproject.org/wiki/Changes/SPDX_Licenses_Phase_4 --- awstats.spec | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/awstats.spec b/awstats.spec index 828d511..0788d64 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,8 +1,9 @@ Name: awstats Version: 7.9 -Release: 5%{?dist} +Release: 6%{?dist} Summary: Advanced Web Statistics -License: GPLv3+ +# Automatically converted from old format: GPLv3+ - review is highly recommended. +License: GPL-3.0-or-later URL: https://www.awstats.org/ Source0: https://downloads.sourceforge.net/project/awstats/AWStats/%{version}/awstats-%{version}.tar.gz Source1: %{name}.cron @@ -158,6 +159,9 @@ fi %changelog +* Thu Jul 25 2024 Miroslav Suchý - 7.9-6 +- convert license to SPDX + * Wed Jul 17 2024 Fedora Release Engineering - 7.9-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild From 52cc8b8398f3a83fc3d77971ab499ff92a835b70 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Thu, 16 Jan 2025 12:08:55 +0000 Subject: [PATCH 126/129] Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index 0788d64..a7a424c 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.9 -Release: 6%{?dist} +Release: 7%{?dist} Summary: Advanced Web Statistics # Automatically converted from old format: GPLv3+ - review is highly recommended. License: GPL-3.0-or-later @@ -159,6 +159,9 @@ fi %changelog +* Thu Jan 16 2025 Fedora Release Engineering - 7.9-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild + * Thu Jul 25 2024 Miroslav Suchý - 7.9-6 - convert license to SPDX From e962c4f530e0b3d3c74f00896d433b512240abb4 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 23 Jul 2025 17:31:22 +0000 Subject: [PATCH 127/129] Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index a7a424c..cf5987f 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 7.9 -Release: 7%{?dist} +Release: 8%{?dist} Summary: Advanced Web Statistics # Automatically converted from old format: GPLv3+ - review is highly recommended. License: GPL-3.0-or-later @@ -159,6 +159,9 @@ fi %changelog +* Wed Jul 23 2025 Fedora Release Engineering - 7.9-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild + * Thu Jan 16 2025 Fedora Release Engineering - 7.9-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild From 24291e1a5b927800be6734cd775e8c1d9f88565a Mon Sep 17 00:00:00 2001 From: Tim Jackson Date: Tue, 6 Jan 2026 22:57:59 +0100 Subject: [PATCH 128/129] update to 8.0 --- .gitignore | 1 + awstats.spec | 7 +++++-- sources | 2 +- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index 81997fe..bd70761 100644 --- a/.gitignore +++ b/.gitignore @@ -8,3 +8,4 @@ awstats-7.0.tar.gz /awstats-7.7.tar.gz /awstats-7.8.tar.gz /awstats-7.9.tar.gz +/awstats-8.0.tar.gz diff --git a/awstats.spec b/awstats.spec index cf5987f..6d91c63 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats -Version: 7.9 -Release: 8%{?dist} +Version: 8.0 +Release: 1%{?dist} Summary: Advanced Web Statistics # Automatically converted from old format: GPLv3+ - review is highly recommended. License: GPL-3.0-or-later @@ -159,6 +159,9 @@ fi %changelog +* Sat Nov 22 2025 Tim Jackson - 8.0-1 +* Update to 8.0 + * Wed Jul 23 2025 Fedora Release Engineering - 7.9-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild diff --git a/sources b/sources index 3a8025b..4008499 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (awstats-7.9.tar.gz) = 1270c7486a5558a54abc7b43cd92ffcea356ff4c00271bb824758ef4f5736eff559dd38eb7bc7bff8d45efa970a60ddcc5771762a3c3a32f003b0e39c55814d9 +SHA512 (awstats-8.0.tar.gz) = b14f820e2ea6895baa0034828bba422d2f0dadd70387f682c1e9f25a72d8817ecf91127e254d6c6e7e7c866e02860a05112b0ac4452da7e71b2d9a6f57f21d03 From 0e84a8ea105dfa54bee30cef30ae2e2949d46dbd Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Fri, 16 Jan 2026 04:13:28 +0000 Subject: [PATCH 129/129] Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild --- awstats.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/awstats.spec b/awstats.spec index 6d91c63..6389fe6 100644 --- a/awstats.spec +++ b/awstats.spec @@ -1,6 +1,6 @@ Name: awstats Version: 8.0 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Advanced Web Statistics # Automatically converted from old format: GPLv3+ - review is highly recommended. License: GPL-3.0-or-later @@ -159,6 +159,9 @@ fi %changelog +* Fri Jan 16 2026 Fedora Release Engineering - 8.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild + * Sat Nov 22 2025 Tim Jackson - 8.0-1 * Update to 8.0