Accepted awstats 6.5-1ubuntu1 (source)
Martin Pitt
martin.pitt at ubuntu.com
Mon May 22 21:00:24 BST 2006
Accepted:
OK: awstats_6.5-1ubuntu1.dsc
-> Component: main Section: web
OK: awstats_6.5-1ubuntu1.diff.gz
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 22 May 2006 21:51:34 +0200
Source: awstats
Binary: awstats
Architecture: source
Version: 6.5-1ubuntu1
Distribution: dapper
Urgency: low
Maintainer: Debian AWStats Team <pkg-awstats-devel at lists.alioth.debian.org>
Changed-By: Martin Pitt <martin.pitt at ubuntu.com>
Description:
awstats - powerful and featureful web server log analyzer
Changes:
awstats (6.5-1ubuntu1) dapper; urgency=low
.
* SECURITY UPDATE: Cross-site scripting.
* debian/patches/1001_sanitize_more.patch:
- Use the Sanitize function to filter out arbitrary HTML from 'diricons'
parameter (analoguous to CVE-2006-1945, which is already fixed in this
version).
- Sanitize MigrateStats parameter (XSS if statistics updates are enabled).
[CVE-2006-2237]
- Patch from upstream CVS, taken from Debian's 6.5-2 version.
Files:
306dddac8b3fa0bfdff8f00ce8303e3f 775 web optional awstats_6.5-1ubuntu1.dsc
bf42480f19b115c5ec256482d7b5a068 18353 web optional awstats_6.5-1ubuntu1.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFEchfODecnbV4Fd/IRAtguAJ9GVj0NEnJyrv31R4XN/9/qS96kTgCfUBD7
jHyzddhfRCtTCyf+9iPf6Ns=
=fRgf
-----END PGP SIGNATURE-----
More information about the dapper-changes
mailing list