~ubuntu-branches/ubuntu/oneiric/logrotate/oneiric

Viewing all changes in revision 18.

  • Committer: Bazaar Package Importer
  • Author(s): Marc Deslauriers
  • Date: 2011-06-17 13:36:27 UTC
  • Revision ID: james.westby@ubuntu.com-20110617133627-kmp1yvvfsxanvxhl
Tags: 3.7.8-6ubuntu4
* SECURITY UPDATE: arbitrary code execution via shell metacharacters in
  log filename
  - debian/patches/CVE-2011-1154.patch: improve shred logic in
    logrotate.c.
  - CVE-2011-1154
* SECURITY UPDATE: denial of service via invalid characters in log
  filename
  - debian/patches/CVE-2011-1155.patch: properly escape filenames in
    logrotate.c.
  - CVE-2011-1155

expand all expand all

Show diffs side-by-side

added added

removed removed

Lines of Context: