awstats (6.9~dfsg-1ubuntu3.10.04.1) lucid-security; urgency=low
* SECURITY UPDATE: directory traversal via crafted LoadPlugin directory
- debian/patches/3000_CVE-2010-4369.patch: properly sanitize plugin
name in wwwroot/cgi-bin/awstats.pl.
- CVE-2010-4369
Date: Tue, 11 Jan 2011 17:05:56 -0600
Changed-By: Marc Deslauriers <marc.deslauri...@ubuntu.com>
Maintainer: Ubuntu Core Develoers <ubuntu-de...@lists.ubunutu.com>
https://launchpad.net/ubuntu/lucid/+source/awstats/6.9~dfsg-1ubuntu3.10.04.1
Format: 1.8
Date: Tue, 11 Jan 2011 17:05:56 -0600
Source: awstats
Binary: awstats
Architecture: source
Version: 6.9~dfsg-1ubuntu3.10.04.1
Distribution: lucid-security
Urgency: low
Maintainer: Ubuntu Core Develoers <ubuntu-de...@lists.ubunutu.com>
Changed-By: Marc Deslauriers <marc.deslauri...@ubuntu.com>
Description:
awstats - powerful and featureful web server log analyzer
Changes:
awstats (6.9~dfsg-1ubuntu3.10.04.1) lucid-security; urgency=low
.
* SECURITY UPDATE: directory traversal via crafted LoadPlugin directory
- debian/patches/3000_CVE-2010-4369.patch: properly sanitize plugin
name in wwwroot/cgi-bin/awstats.pl.
- CVE-2010-4369
Checksums-Sha1:
fa3b53c078517f0fb550a20e45cbb8eaa76405f8 2202
awstats_6.9~dfsg-1ubuntu3.10.04.1.dsc
7afdd754b08ffc24f2d9a88fb320fc80afc59d39 45789
awstats_6.9~dfsg-1ubuntu3.10.04.1.diff.gz
Checksums-Sha256:
a496105d51efe8048ad7c81bd408523ea3fd365d2f6fccd37a9e87d5ec516674 2202
awstats_6.9~dfsg-1ubuntu3.10.04.1.dsc
8864fcb4d1c514eee4997c0ec38c2943321b5fb1b5830393c8556a19a39a2e6f 45789
awstats_6.9~dfsg-1ubuntu3.10.04.1.diff.gz
Files:
2536cf6fe0fbec527f16cf6e5e3ada47 2202 web optional
awstats_6.9~dfsg-1ubuntu3.10.04.1.dsc
f21c60b02413fc47263702e37bbd317c 45789 web optional
awstats_6.9~dfsg-1ubuntu3.10.04.1.diff.gz
Original-Maintainer: Debian AWStats Team
<pkg-awstats-de...@lists.alioth.debian.org>
--
Lucid-changes mailing list
Lucid-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/lucid-changes
