-
Committer:
Bazaar Package Importer
-
Author(s):
Paul Martin
-
Date:
2009-08-14 23:22:04 UTC
-
mfrom:
(1.1.4 upstream)
-
mto:
(4.1.5 squeeze)
-
mto:
This revision was merged to the branch mainline in
revision
13.
-
Revision ID:
james.westby@ubuntu.com-20090814232204-fcf21panblf2trxc
Tags: 3.7.8-4
* New patch:
+ security-388608.patch: A race condition in the creation of
compressed and copied log files makes it possible to overwrite
arbitrary files by generating a link or symlink during a window
of opportunity between logrotate renaming a log file and creating
the copy of the next. (Closes: #388608) Once again, many thanks to
Florian Zumbiehl for forcing me to think.
* Uploading to unstable.