1
awstats (6.4-2) unstable; urgency=low
5
* Suggest libgeo-ipfree-perl. Closes: #316126 (thanks to Gunnar Wolf
7
* Fixed README.Debian path to configure.pl. Closes: #313093 (thanks to
8
Michael De Nil <michael@flex-it.be>).
11
* Acknowledge NMU. Closes: bug#322591.
12
* Bump up watch version, and adjust the default command (we have moved
14
* Add proto to URL in long description.
15
* User newer chown syntax in postinst (thanks to lintian).
17
-- Jonas Smedegaard <dr@jones.dk> Mon, 19 Sep 2005 22:41:16 +0200
19
awstats (6.4-1.1) unstable; urgency=high
21
* Non-maintainer upload
22
* SECURITY UPDATE: Fix arbitrary command injection. (Closes: #322591)
23
Thanks to Martin Pitt for reporting the issue and providing the
25
* Add debian/patches/03_remove_eval.patch:
26
- Replace all eval() calls for dynamically constructed function names with
27
soft references. This fixes arbitrary command injection with specially
28
crafted referer URLs which contain Perl code.
29
- Patch taken from upstream CVS, and contained in 6.5 release.
32
http://www.idefense.com/application/poi/display?id=290&type=vulnerabilities
34
-- Frank Lichtenheld <djpig@debian.org> Sun, 4 Sep 2005 19:17:31 +0200
36
awstats (6.4-1) unstable; urgency=low
38
* New upstream release.
39
* Redirect errors of offline scripts to STDERR. Closes: bug#296435
40
(tanks to Charles Fry <debian@frogcircus.org>).
41
* Fix typo in README.Debian (thanks to Emmanuel Lacour
42
<elacour@easter-eggs.com>).
44
-- Jonas Smedegaard <dr@jones.dk> Sat, 26 Mar 2005 06:51:21 +0100
1
46
awstats (6.3-1) unstable; urgency=high
3
48
* New upstream release. Closes: bug#293702, #293668 (thanks to Nelson