-
Committer:
Bazaar Package Importer
-
Author(s):
Marc Deslauriers
-
Date:
2011-06-17 13:36:27 UTC
-
Revision ID:
james.westby@ubuntu.com-20110617133627-kmp1yvvfsxanvxhl
Tags: 3.7.8-6ubuntu4
* SECURITY UPDATE: arbitrary code execution via shell metacharacters in
log filename
- debian/patches/CVE-2011-1154.patch: improve shred logic in
logrotate.c.
- CVE-2011-1154
* SECURITY UPDATE: denial of service via invalid characters in log
filename
- debian/patches/CVE-2011-1155.patch: properly escape filenames in
logrotate.c.
- CVE-2011-1155