-
Committer:
Bazaar Package Importer
-
Author(s):
Marc Deslauriers
-
Date:
2011-06-17 13:50:33 UTC
-
mfrom:
(14.1.1 lucid-proposed)
-
Revision ID:
james.westby@ubuntu.com-20110617135033-rdl8reidb06ptbin
Tags: 3.7.8-4ubuntu2.2
* SECURITY UPDATE: arbitrary code execution via shell metacharacters in
log filename
- debian/patches/CVE-2011-1154.patch: improve shred logic in
logrotate.c.
- CVE-2011-1154
* SECURITY UPDATE: denial of service via invalid characters in log
filename
- debian/patches/CVE-2011-1155.patch: properly escape filenames in
logrotate.c.
- CVE-2011-1155