On Thu, Jan 26, 2006 at 10:26:35PM +0100, Sven Koch wrote: > Apachetop 0.12.6 is available at > http://www.webta.org/projects/apachetop/wiki/Download > > >From its changelog: > v0.12.6 (27th October, 2005) > * fixed security issue which described at CVE-2005-2660 > > http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2660
Thanks for the report. We already fixed that bug in the code in Apachetop 0.12.5-3, quoting the changelog: -- apachetop (0.12.5-3) unstable; urgency=high * Fix insecure temporary file usage. [CAN-2005-2660] * Support "gamin" in addition to "fam". (Closes: #329367) * Attempt to open both /var/log/apache2/access.log and /var/log/apache/access.log when given no filename as input. (Closes: #319272) -- Steve Kemp <[EMAIL PROTECTED]> Fri, 30 Sep 2005 13:59:09 +0000 -- I'll definitely make a new upload with the upstream release, but the security issue is already fixed. (We even released a DSA for it: http://www.debian.org/security/2005/dsa-839 ) Steve -- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]