[ubuntu/maverick-security] logrotate 3.7.8-6ubuntu1.1 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Thu Jul 21 16:03:38 UTC 2011 

logrotate (3.7.8-6ubuntu1.1) maverick-security; urgency=low

  * SECURITY UPDATE: arbitrary code execution via shell metacharacters in
    log filename
    - debian/patches/CVE-2011-1154.patch: improve shred logic in
      logrotate.c.
    - CVE-2011-1154
  * SECURITY UPDATE: denial of service via invalid characters in log
    filename
    - debian/patches/CVE-2011-1155.patch: properly escape filenames in
      logrotate.c.
    - CVE-2011-1155

Date: Fri, 17 Jun 2011 13:46:45 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/logrotate/3.7.8-6ubuntu1.1
-------------- next part --------------
Format: 1.8
Date: Fri, 17 Jun 2011 13:46:45 -0400
Source: logrotate
Binary: logrotate
Architecture: source
Version: 3.7.8-6ubuntu1.1
Distribution: maverick-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 logrotate  - Log rotation utility
Changes: 
 logrotate (3.7.8-6ubuntu1.1) maverick-security; urgency=low
 .
   * SECURITY UPDATE: arbitrary code execution via shell metacharacters in
     log filename
     - debian/patches/CVE-2011-1154.patch: improve shred logic in
       logrotate.c.
     - CVE-2011-1154
   * SECURITY UPDATE: denial of service via invalid characters in log
     filename
     - debian/patches/CVE-2011-1155.patch: properly escape filenames in
       logrotate.c.
     - CVE-2011-1155
Checksums-Sha1: 
 d032bd6acd0a008200e337f7eda4ff078dc9bc26 1814 logrotate_3.7.8-6ubuntu1.1.dsc
 4db7ef1b7488407b4b65d2c309fc4fe19335f23e 24558 logrotate_3.7.8-6ubuntu1.1.debian.tar.gz
Checksums-Sha256: 
 38b6953e3110e52014be98db47db6110c3113f67bf45e5d2a628557f5f71b325 1814 logrotate_3.7.8-6ubuntu1.1.dsc
 3e020147938ac2c235230bad330973b42473932d775e2f1bdba8e481f0034215 24558 logrotate_3.7.8-6ubuntu1.1.debian.tar.gz
Files: 
 30da949e7620dc3f0ca5650957271f24 1814 admin important logrotate_3.7.8-6ubuntu1.1.dsc
 3fbab6e33ffb40865f3babf54fe42b8a 24558 admin important logrotate_3.7.8-6ubuntu1.1.debian.tar.gz
Original-Maintainer: Paul Martin <pm at debian.org>

More information about the Maverick-changes mailing list