[ubuntu/oneiric] logrotate 3.7.8-6ubuntu4 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Fri Jun 17 18:35:19 UTC 2011 

logrotate (3.7.8-6ubuntu4) oneiric; urgency=low

  * SECURITY UPDATE: arbitrary code execution via shell metacharacters in
    log filename
    - debian/patches/CVE-2011-1154.patch: improve shred logic in
      logrotate.c.
    - CVE-2011-1154
  * SECURITY UPDATE: denial of service via invalid characters in log
    filename
    - debian/patches/CVE-2011-1155.patch: properly escape filenames in
      logrotate.c.
    - CVE-2011-1155

Date: Fri, 17 Jun 2011 13:36:27 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/oneiric/+source/logrotate/3.7.8-6ubuntu4
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 17 Jun 2011 13:36:27 -0400
Source: logrotate
Binary: logrotate
Architecture: source
Version: 3.7.8-6ubuntu4
Distribution: oneiric
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 logrotate  - Log rotation utility
Changes: 
 logrotate (3.7.8-6ubuntu4) oneiric; urgency=low
 .
   * SECURITY UPDATE: arbitrary code execution via shell metacharacters in
     log filename
     - debian/patches/CVE-2011-1154.patch: improve shred logic in
       logrotate.c.
     - CVE-2011-1154
   * SECURITY UPDATE: denial of service via invalid characters in log
     filename
     - debian/patches/CVE-2011-1155.patch: properly escape filenames in
       logrotate.c.
     - CVE-2011-1155
Checksums-Sha1: 
 83ade1d087123da9ac244feae341f7abcf52ed3d 1806 logrotate_3.7.8-6ubuntu4.dsc
 f697cab128ec603ed71d73aad6cf0dd0ceb7a46c 24804 logrotate_3.7.8-6ubuntu4.debian.tar.gz
Checksums-Sha256: 
 dde8ddc694866829b3470c42a4f9a0aa34f3a49e841881c447ffd39e042ac20c 1806 logrotate_3.7.8-6ubuntu4.dsc
 53527971ddfab7bf60323533a2dfa14929c0be6729328c34cfc5f03ed3840fe2 24804 logrotate_3.7.8-6ubuntu4.debian.tar.gz
Files: 
 5307467d15c1536b931a3e3ed23d658b 1806 admin important logrotate_3.7.8-6ubuntu4.dsc
 891845cfae6c6c2364fc968cc208df06 24804 admin important logrotate_3.7.8-6ubuntu4.debian.tar.gz
Original-Maintainer: Paul Martin <pm at debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBCgAGBQJN+54UAAoJEGVp2FWnRL6TH4QP/0bV1aYG03mzBOzd8lZdtJej
LQ0V6v7cqcunUr69DCO/QH9qAa4HPGcPfa6X++LTkJwtiE9oBnAN4wAxzNwC4VNl
zwjpWUND/qungXQV5QpFOVHc0H1jEwOjJoRqypUWr7fcIZ7uOlwRRUZHQR1/OPW2
gn/lrcYEcYV2mXca3TQWUTaggCREE1IJEyUAXE+AHQdBggCof83Mb+O3IvWv3Tog
oeZS8b9kTAbpJ+I8qdIMgeqbG9p5u+ACeNIkUqvLhw5HA3J6CSRpv6IiVRHXBrbj
UcmbD2MuD0JT11TrV0WzQmCMk/2GuiBXSz1IC7jHT6BhbgbfDZq7FufKP1r3ITDM
8C73Q5IC6vDld8+uU41St9nnk1jIXhp8qOBPCdidkXN/1xIQwYifjvfBy5FZ2XhR
gCoJNTeS0kKkEjocBeb4HDtOkhgnENkzUP6UX2AziRADpGgJEqpClhDdaNi49Jys
q1E8lVvG8gr7KPE145ZDnKs/JKYIxqUsENJ0d4HtRXAnQElJiGgkVkJApe9MfPAb
aJFxZWFwg8AEcufAQ7Bi5ask0CiYpLBeMoyARvsrAUVA6t+needSt287/Y4LdzRc
6YXROXZGEYh0in+BCfpwFfC3nsk4WrtGxWV+G30qafYrIM4WxrBUM9PXRvnkOJBc
uyXrEPESA/ZN8p+fF3J6
=h96J
-----END PGP SIGNATURE-----

More information about the Oneiric-changes mailing list