tags 435028 + confirmed forwarded 435028 https://sourceforge.net/tracker/?func=detail&aid=2769526&group_id=13764&atid=113764 thanks
For version 6.7 (from current Lenny but last upstream version 6.9 too), the workaround is quite the same, comment the line 5589 to not parse xss pattern when invoked in cli: $QueryString = CleanXSS($QueryString); It is possible, as another workaround, to use "gzip -cd <logfile>" instead of "gzip -d < <logfile>" to not be cleaned by the CleanXSS function: # /usr/lib/cgi-bin/awstats.pl -LogFile="gzip -cd /var/log/apache2/www.xxxxx-access.log.2.gz|" -config=xxxxx Create/Update database for config "/etc/awstats/awstats.xxxxx.conf" by AWStats version 6.7 (build 1.892) From data in log file "gzip -cd /var/log/apache2/www.xxxxx-access.log.2.gz|"... Phase 1 : First bypass old records, searching new record... Searching new records from beginning of log file... Phase 2 : Now process new records (Flush history on disk after 20000 hosts)... Jumped lines in file: 0 Parsed lines in file: 1611 Found 83 dropped records, Found 0 corrupted records, Found 0 old records, Found 1528 new qualified records. I think it's a good idea (and i done it under id 2769526) to suggest upstream to change his default config file to use a non-xss filtered syntax or to adapt his code to not parse for xss pattern when invoked by cli. -- Guillaume Delacour
signature.asc
Description: PGP signature
