Back to logwatch PTS page

Accepted logwatch 7.3.6.cvs20090906-1squeeze1 (source all)

To: debian-changes@lists.debian.org
Subject: Accepted logwatch 7.3.6.cvs20090906-1squeeze1 (source all)
From: Willi Mann <willi@wm1.at>
Date: Sat, 05 Mar 2011 19:57:09 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1PvxbB-0007au-AZ@franck.debian.org>
Reply-to: debian-devel@lists.debian.org
Sender: Archive Administrator <dak@franck.debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Wed, 02 Mar 2011 08:57:07 +0100
Source: logwatch
Binary: logwatch
Architecture: source all
Version: 7.3.6.cvs20090906-1squeeze1
Distribution: stable-security
Urgency: high
Maintainer: Willi Mann <willi@wm1.at>
Changed-By: Willi Mann <willi@wm1.at>
Description: 
 logwatch   - log analyser with nice output written in Perl
Closes: 615995
Changes: 
 logwatch (7.3.6.cvs20090906-1squeeze1) stable-security; urgency=high
 .
   * CVE-2011-1018: Remote code execution by combination of
     - Logfile name by attacker's choice (e.g. samba log files) and
     - Missing sanitization of logfile names in system() call.
     - fix by encapsulating logfile names in ' and disallowing '.
       Taken from upstream.
     - closes: #615995
Checksums-Sha1: 
 be293abebeaf385322af445fb3e7069a682d7e5b 1500 logwatch_7.3.6.cvs20090906-1squeeze1.dsc
 20901e498220a3ba8f71680da1adc1ad1c13552a 338115 logwatch_7.3.6.cvs20090906.orig.tar.gz
 7022a4af62669ab181f27b06d2829c0cc85b1369 88026 logwatch_7.3.6.cvs20090906-1squeeze1.diff.gz
 982202e34d194bb1e7e68e5c7f1bce3d299cb001 396658 logwatch_7.3.6.cvs20090906-1squeeze1_all.deb
Checksums-Sha256: 
 ac32db5c066fa10f5a8ec09b9d407c05dce112772b5831a156d571bcb4f3bd9e 1500 logwatch_7.3.6.cvs20090906-1squeeze1.dsc
 8f4b237a4e58c0ce46cb0498b1220237848c697668d307277265e6962e808d0d 338115 logwatch_7.3.6.cvs20090906.orig.tar.gz
 e6f9e8393d4bd0fac098e4f457c231029262d6210bd0a7bba5066344e475cdc3 88026 logwatch_7.3.6.cvs20090906-1squeeze1.diff.gz
 b86584eb33f1d41841c84e4f36a9a1b3e07b5aa3ab7c59c4612219932568f231 396658 logwatch_7.3.6.cvs20090906-1squeeze1_all.deb
Files: 
 95f7e5ff9eb178a01784200ec1be7895 1500 admin optional logwatch_7.3.6.cvs20090906-1squeeze1.dsc
 b12229916e0a5891a8c1da59afb61e40 338115 admin optional logwatch_7.3.6.cvs20090906.orig.tar.gz
 8b106414d2c0edebe954a06cc515d7e2 88026 admin optional logwatch_7.3.6.cvs20090906-1squeeze1.diff.gz
 0b8af406daf57a6c1bb7f29131913da0 396658 admin optional logwatch_7.3.6.cvs20090906-1squeeze1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iQEcBAEBAgAGBQJNcJ62AAoJEL97/wQC1SS+h84H/iO5DIYM8SLTYiYIqlDHDDp5
YI+GdBZ23+O6SyKWRKoJjZu1iK3bxNz6dAfmT3NlKW4KimriRdyInusrY8p40Gw5
glBNLPD8O2JXJ7VNAxkKPDpot1lcZo8P7RQ2DyUEPg0DruYlybbjl5+Z9Ti2ztuf
fHdrQgyzxR4EfDZ4cJxl4X1Bu4Cp6lfS5eLwwJ4L5LNycCRnQZymVK55XWbXGRwC
Dj4CsF8gXdXSxr3ZaOiaKLwgqXHH7cR9WFl13oudxWFMV28l0V3+MtDbwCfGbr50
JOF3smN27LffsaUOaKMbi95g+KzHZe9kUIAtTNIGNY28CHivGxJyyTWRlj3Oog8=
=OeIV
-----END PGP SIGNATURE-----


Accepted:
logwatch_7.3.6.cvs20090906-1squeeze1.diff.gz
  to main/l/logwatch/logwatch_7.3.6.cvs20090906-1squeeze1.diff.gz
logwatch_7.3.6.cvs20090906-1squeeze1.dsc
  to main/l/logwatch/logwatch_7.3.6.cvs20090906-1squeeze1.dsc
logwatch_7.3.6.cvs20090906-1squeeze1_all.deb
  to main/l/logwatch/logwatch_7.3.6.cvs20090906-1squeeze1_all.deb