CVSROOT: /cvs
Module name: ports
Changes by: [email protected] 2019/04/18 11:20:51
Modified files:
net/librenms : Makefile distinfo
net/librenms/patches: patch-includes_common_php
net/librenms/pkg: PLIST
Added files:
net/librenms/patches: patch-includes_html_output_capture_inc_php
patch-includes_html_pages_about_inc_php
Removed files:
net/librenms/patches: patch-html_includes_output_capture_inc_php
patch-html_pages_about_inc_php
Log message:
update to librenms-1.50.1
- Affects users of webservers not using .htaccess:
Moved php files outside of public html directory (Apache was protected
by .htaccess)
Some files could be accessed directly, leaking some information, like
the version in about.inc.php but not statistics because it doesn't have
DB access.
- Affects all users:
Some files did not check for authentication and could disclose some info.
Better checks before including files from user input
Fix unescaped variables in ajax_search.php
