awstats (6.5-1ubuntu1.4) dapper-security; urgency=low
* SECURITY UPDATE: directory traversal via crafted LoadPlugin directory
- debian/patches/3000_CVE-2010-4369.patch: properly sanitize plugin
name in wwwroot/cgi-bin/awstats.pl.
- CVE-2010-4369
Date: Tue, 11 Jan 2011 17:42:12 -0600
Changed-By: Marc Deslauriers <[email protected]>
Maintainer: Debian AWStats Team <[email protected]>
https://launchpad.net/ubuntu/dapper/+source/awstats/6.5-1ubuntu1.4
Format: 1.7
Date: Tue, 11 Jan 2011 17:42:12 -0600
Source: awstats
Binary: awstats
Architecture: source
Version: 6.5-1ubuntu1.4
Distribution: dapper-security
Urgency: low
Maintainer: Debian AWStats Team <[email protected]>
Changed-By: Marc Deslauriers <[email protected]>
Description:
awstats - powerful and featureful web server log analyzer
Changes:
awstats (6.5-1ubuntu1.4) dapper-security; urgency=low
.
* SECURITY UPDATE: directory traversal via crafted LoadPlugin directory
- debian/patches/3000_CVE-2010-4369.patch: properly sanitize plugin
name in wwwroot/cgi-bin/awstats.pl.
- CVE-2010-4369
Files:
403908718ed4d34bb4c728223e810a12 1426 web optional awstats_6.5-1ubuntu1.4.dsc
a821b60de3f940338b9e43e5ff5d29f1 20512 web optional
awstats_6.5-1ubuntu1.4.diff.gz
--
dapper-changes mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/dapper-changes
