[ubuntu/natty-security] logrotate 3.7.8-6ubuntu3.1 (Accepted)

Thu, 21 Jul 2011 09:03:43 -0700 

logrotate (3.7.8-6ubuntu3.1) natty-security; urgency=low

  * SECURITY UPDATE: arbitrary code execution via shell metacharacters in
    log filename
    - debian/patches/CVE-2011-1154.patch: improve shred logic in
      logrotate.c.
    - CVE-2011-1154
  * SECURITY UPDATE: denial of service via invalid characters in log
    filename
    - debian/patches/CVE-2011-1155.patch: properly escape filenames in
      logrotate.c.
    - CVE-2011-1155

Date: Fri, 17 Jun 2011 13:44:50 -0400
Changed-By: Marc Deslauriers <[email protected]>
Maintainer: Ubuntu Developers <[email protected]>
https://launchpad.net/ubuntu/natty/+source/logrotate/3.7.8-6ubuntu3.1

Format: 1.8
Date: Fri, 17 Jun 2011 13:44:50 -0400
Source: logrotate
Binary: logrotate
Architecture: source
Version: 3.7.8-6ubuntu3.1
Distribution: natty-security
Urgency: low
Maintainer: Ubuntu Developers <[email protected]>
Changed-By: Marc Deslauriers <[email protected]>
Description: 
 logrotate  - Log rotation utility
Changes: 
 logrotate (3.7.8-6ubuntu3.1) natty-security; urgency=low
 .
   * SECURITY UPDATE: arbitrary code execution via shell metacharacters in
     log filename
     - debian/patches/CVE-2011-1154.patch: improve shred logic in
       logrotate.c.
     - CVE-2011-1154
   * SECURITY UPDATE: denial of service via invalid characters in log
     filename
     - debian/patches/CVE-2011-1155.patch: properly escape filenames in
       logrotate.c.
     - CVE-2011-1155
Checksums-Sha1: 
 29e07bca3ca4f837b5643c19fd32695594a504e6 1814 logrotate_3.7.8-6ubuntu3.1.dsc
 b9cd0d2c094e892112f5b584778e4330617e0c43 24632 
logrotate_3.7.8-6ubuntu3.1.debian.tar.gz
Checksums-Sha256: 
 84b3e6a7fc274273699a1589c784b1f9b92f7740418fe6465909beecbb83f069 1814 
logrotate_3.7.8-6ubuntu3.1.dsc
 e3e0b90a51295ecb161236a63a4b5a070e1fb89e06aa6e1735c584403c4f35cd 24632 
logrotate_3.7.8-6ubuntu3.1.debian.tar.gz
Files: 
 feea9c1dc21549c748d4035c675c9698 1814 admin important 
logrotate_3.7.8-6ubuntu3.1.dsc
 316420e7ba63fa496a4a174db982eb43 24632 admin important 
logrotate_3.7.8-6ubuntu3.1.debian.tar.gz
Original-Maintainer: Paul Martin <[email protected]>

-- 
Natty-changes mailing list
[email protected]
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/natty-changes

Reply via email to