- #921 Failure in the help text for geoip_generator.pl
- #909 awstats_buildstaticpages.pl noisy debug output.
- #680 Invalid data passed to Time::Local causes global destruction.
+- #212 Fix CVE-2006-2237
***** 7.3 *****
if ( $level <= $DEBUGFORCED ) {
my $debugstring = $_[0];
if ( !$DebugResetDone ) {
- open( DEBUGFORCEDFILE, "debug.log" );
+ open( DEBUGFORCEDFILE, "<debug.log" );
close DEBUGFORCEDFILE;
chmod 0666, "debug.log";
$DebugResetDone = 1;
my $searchdir = $_;
if ( $searchdir && $searchdir !~ /[\\\/]$/ ) { $searchdir .= "/"; }
- if ( -f $searchdir.$PROG.".".$SiteConfig.".conf" && open( CONFIG, "$searchdir$PROG.$SiteConfig.conf" ) ) {
+ if ( -f $searchdir.$PROG.".".$SiteConfig.".conf" && open( CONFIG, "<$searchdir$PROG.$SiteConfig.conf" ) ) {
$FileConfig = "$searchdir$PROG.$SiteConfig.conf";
$FileSuffix = ".$SiteConfig";
if ($Debug){debug("Opened config: $searchdir$PROG.$SiteConfig.conf", 2);}
next;
}
local( *CONFIG_INCLUDE ); # To avoid having parent file closed when include file is closed
- if ( open( CONFIG_INCLUDE, $includeFile ) ) {
+ if ( open( CONFIG_INCLUDE, "<$includeFile" ) ) {
&Parse_Config( *CONFIG_INCLUDE, $level + 1, $includeFile );
close(CONFIG_INCLUDE);
}
projects / thirdparty / AWStats.git / commitdiff
