[ubuntu/hardy-security] logrotate 3.7.1-3ubuntu0.8.04.1 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Thu Jul 21 16:03:51 UTC 2011


logrotate (3.7.1-3ubuntu0.8.04.1) hardy-security; urgency=low

  * SECURITY UPDATE: race condition and symlink attacks
    - debian/patches/CVE-2011-1098-1548.patch: prevent races and symlink
      attacks in logrotate.c.
    - CVE-2011-1098
    - CVE-2011-1548
  * SECURITY UPDATE: denial of service via invalid characters in log
    filename
    - debian/patches/CVE-2011-1155.patch: properly escape filenames in
      logrotate.c.
    - CVE-2011-1155

Date: Fri, 17 Jun 2011 14:25:03 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/hardy/+source/logrotate/3.7.1-3ubuntu0.8.04.1
-------------- next part --------------
Format: 1.7
Date: Fri, 17 Jun 2011 14:25:03 -0400
Source: logrotate
Binary: logrotate
Architecture: source
Version: 3.7.1-3ubuntu0.8.04.1
Distribution: hardy-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 logrotate  - Log rotation utility
Changes: 
 logrotate (3.7.1-3ubuntu0.8.04.1) hardy-security; urgency=low
 .
   * SECURITY UPDATE: race condition and symlink attacks
     - debian/patches/CVE-2011-1098-1548.patch: prevent races and symlink
       attacks in logrotate.c.
     - CVE-2011-1098
     - CVE-2011-1548
   * SECURITY UPDATE: denial of service via invalid characters in log
     filename
     - debian/patches/CVE-2011-1155.patch: properly escape filenames in
       logrotate.c.
     - CVE-2011-1155
Files: 
 f6e13020e5977fe13299da135f1ff5f8 1396 admin important logrotate_3.7.1-3ubuntu0.8.04.1.dsc
 50b014cb880b9f441fe297ad8506bf72 26061 admin important logrotate_3.7.1-3ubuntu0.8.04.1.diff.gz
Original-Maintainer: Paul Martin <pm at debian.org>


More information about the Hardy-changes mailing list