-
Committer:
Bazaar Package Importer
-
Author(s):
Marc Deslauriers
-
Date:
2011-06-17 14:25:03 UTC
-
mfrom:
(4.1.1 hardy-proposed)
-
Revision ID:
james.westby@ubuntu.com-20110617142503-g2sm73ozab2v7c8q
Tags: 3.7.1-3ubuntu0.8.04.1
* SECURITY UPDATE: race condition and symlink attacks
- debian/patches/CVE-2011-1098-1548.patch: prevent races and symlink
attacks in logrotate.c.
- CVE-2011-1098
- CVE-2011-1548
* SECURITY UPDATE: denial of service via invalid characters in log
filename
- debian/patches/CVE-2011-1155.patch: properly escape filenames in
logrotate.c.
- CVE-2011-1155