I've tested this with stable/testing/unstable and can't get this
vulnerability to work, it simply returns the stats for the default
config.
Not sure about old-security though.
Neil
--
__
.ยด `. [EMAIL PROTECTED] | Application Manager
: :' ! | Secure-Testing Team member
Package: awstats
Severity: normal
Version: 6.4-1.1
Tags: security
awstats displays an error message that discloses a path. Apparently some
people think this is enough of a security issue to issue it a CAN
number, which is how it came to my attention. Whether we consider this a
bug for Debian is
2 matches
Mail list logo