Hi,
Since awstats is currently unmaintained, can you request a new CVE for
this at https://cveform.mitre.org/ ?
This way it'll be properly monitored and taken care of in distros.
Cheers!
Sylvain
On Sun, 25 Feb 2018 21:33:34 +0100 =?utf-8?b?VG9tYcW+IMWgb2xj?=
wrote:
Package: awstats
Package: awstats
Version: 7.6+dfsg-2
Severity: normal
Dear Maintainer,
the patch for CVE-2017-1000501 seems to have been incomplete. Please see this
report upstream:
https://github.com/eldy/awstats/issues/90
awstats will parse arbitrary files passed in the "config" parameter if the
default
2 matches
Mail list logo
