Debian Package Tracker

From: Willi Mann <willi@wm1.at>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted logwatch 7.3.6.cvs20090906-2 (source all)
Date: Wed, 02 Mar 2011 16:48:25 +0000
Signed by: tony mancill <tmancill@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 02 Mar 2011 08:57:07 +0100
Source: logwatch
Binary: logwatch
Architecture: source all
Version: 7.3.6.cvs20090906-2
Distribution: unstable
Urgency: high
Maintainer: Willi Mann <willi@wm1.at>
Changed-By: Willi Mann <willi@wm1.at>
Description: 
 logwatch   - log analyser with nice output written in Perl
Closes: 615995
Changes: 
 logwatch (7.3.6.cvs20090906-2) unstable; urgency=high
 .
   * CVE-2011-1018: Remote code execution by combination of
     - Logfile name by attacker's choice (e.g. samba log files) and
     - Missing sanitization of logfile names in system() call.
     - fix by encapsulating logfile names in ' and disallowing '.
       Taken from upstream.
     - closes: #615995
Checksums-Sha1: 
 0ef0c83995ba12417cdbc4cc81bbc58bd22660c0 1817 logwatch_7.3.6.cvs20090906-2.dsc
 0529236dee684b048934ba86065ea2f2b11e5365 88486 logwatch_7.3.6.cvs20090906-2.diff.gz
 c6de469267a16291becd59a3b8eb0d074633754d 400212 logwatch_7.3.6.cvs20090906-2_all.deb
Checksums-Sha256: 
 294eab0b0b144b952672d8330e795b317492ff7850e617c912f85003d9803b2e 1817 logwatch_7.3.6.cvs20090906-2.dsc
 41f00f1ba160af0914238aabbdec6910a9e95eaa56b7cd6b99e5623197353a6c 88486 logwatch_7.3.6.cvs20090906-2.diff.gz
 42c93d69d8b6360a19ff582927197f2ff693a07005c6de001ed46613b6d2d6be 400212 logwatch_7.3.6.cvs20090906-2_all.deb
Files: 
 de44b2aee52a4ecd1466781bcdcd9559 1817 admin optional logwatch_7.3.6.cvs20090906-2.dsc
 989926c7678d7cdbdc8bb282e81fc2c2 88486 admin optional logwatch_7.3.6.cvs20090906-2.diff.gz
 b7ecbd90981771f8963839f0dd1ba7b9 400212 admin optional logwatch_7.3.6.cvs20090906-2_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBCAAGBQJNbnFQAAoJECHSBYmXSz6WBhsQAMwNlJTwCZyhXYlrtoWGPaal
fy6J3L4nLqVKJBFurFBWqp/+vxrM1y6P2gkAwubUNkwdKeeZGLjhk4Y7hvx5knoK
cDAzxresIdf/K/xtA9wdYWrZI4DuUyzgTlLWMRNtSlg8pbUhcR5gEm+H+nz6DhaM
a/YT6k3nO/Upbuwx5xffAMKHLtzKBvySZPa0OstFkvVQn/dxT/7LETPNGYYgcSD2
nVkESTT6T1fcK49X4ohoenpTdzpPHR1pB6YT+lGZAePeoGFryrQf3Ri6H4rPCvAI
T3EFqBzlyLMmkmmQE3x5M0NVRMET+78poJZ19vX5S7hFZ4XTQq9KSoxudkT2JUQc
N7/UmtzOgfl3NPB9ExHbMBJU0SqCIBdTCy32XSq6+vGAG+ciCubcLswlwWxChWKN
KCt9rZUGIBRimjlZJJkE91wWgOLj2DTfKc5BnHjq6CNDP0OzxIhQ6cK0rpJzaYHB
Pqi++1fAXhJmdEVau1mfppH8BxCLNguJ3VUcTK/buCDC5NZC887h/+uWdJLxFJ77
8T7N4Ne3Ue1FEMNi9zOzkFnpFYAFvpHA+6JO4pcQA1usae3kdrw0QxiMyBFBODTJ
S5PetBrOkgpWGQcVp4P0hZVzmfjxTY0SeyXoHZzJu487WwiJt5zYvxdo4Up8UUJj
wrl7Bnbx+N+z/a0iovM5
=QzJq
-----END PGP SIGNATURE-----


Accepted:
logwatch_7.3.6.cvs20090906-2.diff.gz
  to main/l/logwatch/logwatch_7.3.6.cvs20090906-2.diff.gz
logwatch_7.3.6.cvs20090906-2.dsc
  to main/l/logwatch/logwatch_7.3.6.cvs20090906-2.dsc
logwatch_7.3.6.cvs20090906-2_all.deb
  to main/l/logwatch/logwatch_7.3.6.cvs20090906-2_all.deb
News for package logwatch
