Bug#719098: Please remove me from Uploaders
Thank you for the many years you cared for the package, Martin! Am 08.08.2013 um 15:06 schrieb martin f krafft : > Package: ipcalc > Severity: wishlist > > Due to time constraints, I would like to retire as co-maintainer. > Please remove me from the list of uploaders. > > Thanks, > > -- > .''`. martin f. krafft Related projects: > : :' : proud Debian developer http://debiansystem.info > `. `'` http://people.debian.org/~madduckhttp://vcs-pkg.org > `- Debian - when you have better things to do than fixing systems -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#436199: ipcalc: CGI script refers to non-existant file
Dear Bartosz, I have a new release (version 0.42) ready, which fixes the other known bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=332468 Are you also interested in fixing this new issue in the debian package? I would include the missing background image in the upstream tar ball, but I think we would need to patch the cgi script for the package, to make it refer to the directory where the artwork will be located. At the moment it is in the doc directory and unreachable for the web server. Right? Greetings, Krischan On Mon, Aug 06, 2007 at 08:37:10AM +0100, Adrian Bridgett wrote: > Package: ipcalc > Version: 0.41-1 > Severity: minor > > I saw these errors in my apache log: > > Fri Aug 03 07:40:49 2007] [error] [client 10.2.0.171] script not found > or unable to stat: /usr/lib/cgi-bin/bg.gif, referer: > https://example.org/cgi-bin/ipcalc > > this appears to be because the ipcalc CGI script refers to "bg.gif" as > a background image (and that file cannot be found). > > Thanks, > > Adrian > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#381469: (kein Betreff)
Date: Thu, 27 Jul 2006 14:56:58 +0200
From: Krischan Jodies <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Cross Site Scripting vulnerability in ipcalc
Dear Bartosz,
ipcalc made it to bugtraq this week, because someone discovered a xss
vulnerability in the cgi script. We have this script in debian stable:
oscar:~# dpkg -L ipcalc
/.
/usr
/usr/bin
/usr/bin/ipcalc
/usr/share
/usr/share/doc
/usr/share/doc/ipcalc
/usr/share/doc/ipcalc/README
/usr/share/doc/ipcalc/README.Debian
/usr/share/doc/ipcalc/copyright
/usr/share/doc/ipcalc/changelog.Debian.gz
/usr/share/man
/usr/share/man/man1
/usr/share/man/man1/ipcalc.1.gz
/usr/share/man/man1/ipcalc_cgi.1.gz
/usr/lib
/usr/lib/cgi-bin
/usr/lib/cgi-bin/ipcalc
The fix is trivial, and I would suggest to apply it to the stable version:
oscar:/home/kjodies# diff -u ipcalc ipcalc.new
--- ipcalc 2006-07-27 14:52:31.453712512 +0200
+++ ipcalc.new 2006-07-27 14:53:16.011938632 +0200
@@ -11,7 +11,7 @@
$|=1;
$ipcalc = "/usr/bin/ipcalc";
-$actionurl = $ENV{'REQUEST_URI'};
+$actionurl = $ENV{'SCRIPT_URL'};
use CGI;
$query = new CGI;
$host = $query->param('host');
For unstable I published a new release:
http://jodies.de/ipcalc-archive/ipcalc-0.41.tar.gz
It contains no changes except the above patch.
Greetings,
Krischan
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
