[ubuntu/hardy-security] awstats, awstats (delayed) 6.7.dfsg-1ubuntu0.2 (Accepted)

Ubuntu Installer archive at ubuntu.com
Mon Jan 24 14:04:05 UTC 2011


awstats (6.7.dfsg-1ubuntu0.2) hardy-security; urgency=low

  * SECURITY UPDATE: directory traversal via crafted LoadPlugin directory
    - debian/patches/3000_CVE-2010-4369.patch: properly sanitize plugin
      name in wwwroot/cgi-bin/awstats.pl.
    - CVE-2010-4369

Date: Tue, 11 Jan 2011 17:39:15 -0600
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/hardy/+source/awstats/6.7.dfsg-1ubuntu0.2
-------------- next part --------------
Format: 1.7
Date: Tue, 11 Jan 2011 17:39:15 -0600
Source: awstats
Binary: awstats
Architecture: source
Version: 6.7.dfsg-1ubuntu0.2
Distribution: hardy-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 awstats    - powerful and featureful web server log analyzer
Changes: 
 awstats (6.7.dfsg-1ubuntu0.2) hardy-security; urgency=low
 .
   * SECURITY UPDATE: directory traversal via crafted LoadPlugin directory
     - debian/patches/3000_CVE-2010-4369.patch: properly sanitize plugin
       name in wwwroot/cgi-bin/awstats.pl.
     - CVE-2010-4369
Files: 
 492ba4f3e2f2ffe51aa9a97fca7783c6 1620 web optional awstats_6.7.dfsg-1ubuntu0.2.dsc
 4776192ee160583ce30b21f5fbe66003 23771 web optional awstats_6.7.dfsg-1ubuntu0.2.diff.gz
Original-Maintainer: Debian AWStats Team <pkg-awstats-devel at lists.alioth.debian.org>


More information about the Hardy-changes mailing list