Change log for awstats package in Debian
| 1 → 35 of 35 results | First • Previous • Next • Last |
| Published in bookworm-release |
awstats (7.8-3+deb12u1) bookworm; urgency=medium
* Non-maintainer upload.
* debian/awstats.postinst: part of the code was moved to the awstats.preinst
file, to avoid creating the
/etc/logrotate.d/httpd-prerotate/awstats.dpkg-new file, and thus requiring
user interaction when updating. See #1037213.
* debian/awstats.preinst: created.
-- Lourisvaldo Figueredo Junior <email address hidden> Mon, 09 Oct 2023 21:04:39 -0300
awstats (7.9-1) unstable; urgency=medium
* New maintainer (Closes: #755797)
* New upstream release.
* Remove patches (fixed upstream) fix-cross-site-scripting.patch and
0013-Only-look-for-configuration-in-dedicated-awstats-dir.patch
* Bug #1037213 has been fixed in 7.8-4 Closes: #1037213)
-- Christian Marillat <email address hidden> Mon, 28 Aug 2023 09:03:39 +0200
Available diffs
- diff from 7.8-3 to 7.9-1 (23.7 KiB)
awstats (7.8-4) unstable; urgency=medium
* QA upload.
* debian/awstats.postinst: part of the code was moved to the awstats.preinst
file, to avoid creating the
/etc/logrotate.d/httpd-prerotate/awstats.dpkg-new file, and thus requiring
user interaction when updating. See #1037213.
* debian/awstats.preinst: created.
-- Lourisvaldo Figueredo Junior <email address hidden> Sun, 09 Jul 2023 11:42:22 -0300
| Published in bullseye-release |
awstats (7.8-2+deb11u1) bullseye; urgency=medium * QA upload. * fix cross site scripting (CVE-2022-46391) (Closes: #1025410) -- Salvatore Bonaccorso <email address hidden> Wed, 07 Dec 2022 21:47:25 +0100
awstats (7.8-3) unstable; urgency=medium * QA upload. [ Debian Janitor ] * Bump debhelper from old 12 to 13. * Avoid invoking dpkg-parsechangelog. [ Salvatore Bonaccorso ] * fix cross site scripting (CVE-2022-46391) (Closes: #1025410) -- Salvatore Bonaccorso <email address hidden> Sun, 04 Dec 2022 20:52:31 +0100
Available diffs
- diff from 7.8-2 to 7.8-3 (1.5 KiB)
| Published in buster-release |
awstats (7.6+dfsg-2+deb10u1) buster; urgency=medium
* QA upload.
* CVE-2020-29600: cgi-bin/awstats.pl?config= accepts an absolute
pathname, even though it was intended to only read a file in the
/etc/awstats/awstats.conf format. NOTE: this issue exists because of
an incomplete fix for CVE-2017-1000501. Closes: #891469
* CVE-2020-35176: in AWStats through 7.8, cgi-bin/awstats.pl?config=
accepts a partial absolute pathname (omitting the initial /etc), even
though it was intended to only read a file in the
/etc/awstats/awstats.conf format. NOTE: this issue exists because of
an incomplete fix for CVE-2017-1000501 and CVE-2020-29600.
Closes: #977190
-- Håvard Flaget Aasen <email address hidden> Tue, 02 Feb 2021 09:35:23 +0100
awstats (7.8-2) unstable; urgency=high
* QA upload.
* CVE-2020-35176: in AWStats through 7.8, cgi-bin/awstats.pl?config=
accepts a partial absolute pathname (omitting the initial /etc), even
though it was intended to only read a file in the
/etc/awstats/awstats.conf format. NOTE: this issue exists because of
an incomplete fix for CVE-2017-1000501 and CVE-2020-29600.
Closes: #977190
-- Håvard Flaget Aasen <email address hidden> Tue, 02 Feb 2021 08:56:57 +0100
Available diffs
- diff from 7.8-1 to 7.8-2 (1.0 KiB)
awstats (7.8-1) unstable; urgency=medium
* QA upload.
[ Ondřej Nový ]
* d/copyright: Use https protocol in Format field
* d/changelog: Remove trailing whitespaces
* d/watch: Use https protocol
[ Debian Janitor ]
* Drop no longer supported add-log-mailing-address setting from
debian/changelog.
* Move source package lintian overrides to debian/source.
* Bump debhelper from old 9 to 12.
* Set debhelper-compat version in Build-Depends.
* Update renamed lintian tag names in lintian overrides.
* Use canonical URL in Vcs-Git.
* Remove obsolete fields Name from debian/upstream/metadata.
[ Sylvain Beucler ]
* Fix /etc/logrotate.d/httpd-prerotate script installation
(Closes: #890414)
* New 7.8 upstream release. (Closes: #775481)
* Refresh patches.
-- Sylvain Beucler <email address hidden> Wed, 09 Dec 2020 15:57:39 +0100
Available diffs
- diff from 7.6+dfsg-2 to 7.8-1 (79.7 KiB)
| Published in jessie-release |
awstats (7.2+dfsg-1+deb8u1) jessie-security; urgency=high
* Non-maintainer upload by the Security Team.
* Fix traversal flaw in the handling of the "config" and "migrate"
parameters (CVE-2017-1000501) (Closes: #885835)
-- Abhijith PA <email address hidden> Mon, 15 Jan 2018 11:18:18 +0530
| Published in stretch-release |
awstats (7.6+dfsg-1+deb9u1) stretch-security; urgency=high
* Non-maintainer upload by the Security Team.
* Fix traversal flaw in the handling of the "config" and "migrate"
parameters (CVE-2017-1000501) (Closes: #885835)
-- Abhijith PA <email address hidden> Mon, 15 Jan 2018 02:48:32 +0000
awstats (7.6+dfsg-2) unstable; urgency=medium
* QA upload.
* Set maintainer to the QA team.
* Import fixes from Ubuntu.
+ CVE-2017-1000501, closes: #885835
+ but the fix for #858461 is incomplete
* Drop ancient versioned Recommends on an essential package.
-- Adam Borowski <email address hidden> Fri, 02 Feb 2018 02:21:35 +0100
Available diffs
awstats (7.6+dfsg-1) unstable; urgency=medium * Imported Upstream version 7.6+dfsg * Refresh patches * Bump up Standards-Version (to 3.9.8) * Fix spelling in README.Debian -- Sergey B Kirpichev <email address hidden> Mon, 12 Dec 2016 13:51:39 +0300
Available diffs
- diff from 7.5+dfsg-1 to 7.6+dfsg-1 (129.6 KiB)
awstats (7.5+dfsg-1) unstable; urgency=medium
* Fix FTBFS (when built twice in a row): remove
awgraphapplet-*.jar in the clean target
* Fix encoding in German translation (Closes: #789361,
thanks to Thorsten Glaser)
* Imported Upstream version 7.5+dfsg
* Refresh patches
-- Sergey B Kirpichev <email address hidden> Mon, 09 May 2016 16:20:22 +0300
Available diffs
- diff from 7.4+dfsg-1 to 7.5+dfsg-1 (41.5 KiB)
awstats (7.4+dfsg-1) unstable; urgency=medium * Imported Upstream version 7.4+dfsg * Remove patches, applied by upstream * Refresh patches * Adopt debian/awstats.docs for new README name * Update installation instructions (Closes: #756501) * Use the upstream version in the path name for awgraphapplet.jar -- Sergey B Kirpichev <email address hidden> Mon, 27 Jul 2015 13:56:07 +0300
Available diffs
- diff from 7.3+dfsg-1 to 7.4+dfsg-1 (53.3 KiB)
awstats (7.3+dfsg-1) unstable; urgency=medium
* Remove donation link in index.html (fix lintian
E: privacy-breach-donation) in favor of debian/upstream/metadata
* Install prerotate script (Closes: #714231)
* Imported Upstream version 7.3+dfsg
* Refresh patches
* Add/cleanup Forwarded: patch headers
* Fix permissions
* Removed Facebook's Share/Like buttons (fix
lintian E:privacy-breach-facebook)
* Remove external image links for paypal donation (lintian
E: privacy-breach-donation)
* Removed twitter and google plus js (privacy breach)
* Removed google search js (privacy breach)
* removed pixel.gif
* Set Forwarded: no for privacy patches
* debian/upstream -> debian/upstream/metadata
* Override lintian: debian-watch-may-check-gpg-signature and
source-contains-prebuilt-java-object
* Replace awstats_logo6.png by symlink
* Bump up Standards-Version (to 3.9.6)
-- Sergey B Kirpichev <email address hidden> Mon, 27 Oct 2014 21:32:34 +0300
Available diffs
- diff from 7.2+dfsg-1 to 7.3+dfsg-1 (1008.2 KiB)
awstats (7.2+dfsg-1) unstable; urgency=low * Repackage upstream sources with uscan * Adopt README.source for new release * Imported Upstream version 7.2+dfsg * Refresh patches * Upgrade licences (upstream and debian/) to GPL v3+. * Fix lintian error: vcs-field-not-canonical -- Sergey B Kirpichev <email address hidden> Sat, 16 Nov 2013 14:57:22 +0400
Available diffs
- diff from 7.1.1~dfsg-2 to 7.2+dfsg-1 (51.8 KiB)
awstats (7.1.1~dfsg-2) unstable; urgency=low * Remove unsupported copyright_hints (autogenerated) * Use patch (not perl) to apply Debian-specific configuration changes * Add debian/awstats.examples * Drop absoleted binary-post-install/awstats target * drop binary-fixup target * Add patch with build.xml * Drop obsoleted control.in * Transition to dh build system, drop CDBS dependence * Override dh_compress * Fix permissions on doc/awstats/examples/*.pl -- Sergey B Kirpichev <email address hidden> Mon, 07 Oct 2013 20:43:11 +0400
Available diffs
- diff from 7.1.1~dfsg-1 to 7.1.1~dfsg-2 (14.4 KiB)
awstats (7.1.1~dfsg-1) unstable; urgency=low * New upstream release (Closes: #703596) -- Sergey B Kirpichev <email address hidden> Fri, 29 Mar 2013 01:06:00 +0400
Available diffs
- diff from 7.1~dfsg-1 to 7.1.1~dfsg-1 (4.4 KiB)
| Superseded in sid-release |
awstats (7.1~dfsg-1) unstable; urgency=low
* Ensure that backwards compatible Java bytecode is built (Closes:
#687414)
* Add option to easy switch off awstats crontabs. Install symlink for
awstats binary to /usr/bin. Closes: #641481.
* Drop deprecated DMUA flag
* Link missing mime-icons to notavailable.png (Closes: #690379)
* Fix lintian unused-license-paragraph-in-dep5-copyright (Add comment
for Files: wwwroot/icon/mime/*)
* Fix lintian copyright-refers-to-symlink-license (GPL -> GPL-1+)
* Install manpage
* Imported Upstream version 7.1~dfsg
* Update patches for new release
* Fix executable bit on awstats.pl
* Bump up Standards-Version (to 3.9.4)
* Change license for wwwroot/icon/mime/* icons (Closes: #698921)
* Update watch file for 7.x
* Add debian/icons/firefox.png to include-binaries
* Update DEB_UPSTREAM_TARBALL* stuff in rules
-- Sergey B Kirpichev <email address hidden> Fri, 22 Feb 2013 19:33:53 +0400
Available diffs
awstats (7.0~dfsg-7) unstable; urgency=low
* Document -configdir option in README.Debian (Closes: #280067)
* Show config name on error in update.sh (Closes: #675174, thanks to
<email address hidden>)
* Create an index.$lang.html file in buildstatic.sh (Closes: #673317,
thanks to Antoine Beaupré)
-- Sergey B Kirpichev <email address hidden> Wed, 13 Jun 2012 21:44:08 +0400
Available diffs
awstats (7.0~dfsg-6) unstable; urgency=low * Document pipe's usage in LogFile directive (Closes: #435028) * Reformat debian/copyright according to accepted DEP5 spec * Bump up Standards-Version to 3.9.3 (no changes) -- Sergey B Kirpichev <email address hidden> Mon, 05 Mar 2012 15:38:42 +0400
Available diffs
- diff from 7.0~dfsg-5 to 7.0~dfsg-6 (1.5 KiB)
awstats (7.0~dfsg-5) unstable; urgency=low
* Add MAILTO=root to awstats.cron.d (Closes: #652665, thanks to
Dominique Brazziel)
* Add todo for #302210
* 1019_allow_frame_resize.patch: Allow resize of mainleft/right frames
(Closes: #293218)
-- Sergey B Kirpichev <email address hidden> Wed, 28 Dec 2011 17:14:12 +0400
Available diffs
awstats (7.0~dfsg-4) unstable; urgency=low
* Apply some compatibility fixes for perl 5.14: introduce 1018_perl5-
14.patch (Closes: #650492, #652070, thanks to Atsuhito Kohda)
* Fixed Bug-Debian info for 016_downloads_list_page.patch
-- Sergey B Kirpichev <email address hidden> Wed, 14 Dec 2011 22:36:06 +0400
awstats (7.0~dfsg-3) unstable; urgency=low
* Bump up Standards-Version (to 3.9.2)
* Removed .gitignore
* Replace /usr/share/doc/awstats/html/awstats_changelog.txt.gz by
symlink to avoid lintian warning
* Include patches/1016_downloads_list_page.patch to generate
"Downloads Full list" page (Closes: #638857)
* Refresh patches with --no-index --no-timestamps -pab --diffstat
* Include patches/1017_fix_html_output_markup.patch to fix some output
issues (Closes: #630943)
* Update copyright for debian/* files
* Minor tweaks of debian/README.Debian
* Add some hints to restrict access to /cgi-bin/awstats.pl (Closes:
#590953)
-- Sergey B Kirpichev <email address hidden> Sat, 29 Oct 2011 16:43:28 +0400
Available diffs
awstats (7.0~dfsg-2) unstable; urgency=low [ Sergey B Kirpichev ] * Process the /etc/awstats/awstats.conf file in update.sh/buildstatic.sh only if it's exists (Closes: #613524) * Allow change $NBOFLASTUPDATELOOKUPTOSAVE via CGI/CLI arguments (Closes: #600225). [ Jonas Smedegaard ] * Remove myself as uploader. Thanks for all the fish. [ Sergey B Kirpichev ] * Drop Debian AWStats Team from Maintainer's -- Sergey B Kirpichev <email address hidden> Wed, 06 Apr 2011 03:31:45 +0400
awstats (7.0~dfsg-1) unstable; urgency=low * New upstream release. Closes: bug#613447. [ Sergey B Kirpichev ] * Unfuzz patches. * Update patch 1008. * Drop obsolete patches. * Fix +x bit on *.js in docs/examples * Avoid asterisks in debian/NEWS entries, to please lintian. * Fix recode bulgarian tooltips file as utf-8. Closes: bug#610632. * Forward patches 0007 and 1015 upstream. * Allow DM (Debian Maintainer) uploads. [ Jonas Smedegaard ] * Update copyright file: + Rewrite using Subversion rev.173 of draft DEP5 format. + Add some previously missed authors and licenses. -- Jonas Smedegaard <email address hidden> Sat, 12 Mar 2011 19:44:25 +0100
| Published in lenny-release |
awstats (6.7.dfsg-5.1+lenny1) stable-security; urgency=high [ Sergey B Kirpichev ] * Apply patch 0009 to fix CVE-2010-4369. * Update patch 1002 to adopt CVE-2010-4368 and CVE-2010-4367 fixes in upstream. -- Jonas Smedegaard <email address hidden> Tue, 11 Jan 2011 06:21:03 +0100
awstats (6.9.5~dfsg-5) unstable; urgency=high [ Sergey B Kirpichev ] * Bump up Standards-Version to 3.9.1. * Remove examples/staticpages.sh. * Take sucurity fixes from upstream CVS: - CVE-2010-4369: patch 0009 (closes directory traversal vulnerability via crafted LoadPlugin directory). - CVE-2010-4367(and CVE-2010-4368): update patch 1002 (sanitize configdir, disable overwriting of configdir parameter in cgi mode). Closes: bug#606263. [ Jonas Smedegaard ] * Unfuzz patches. * Ease building with git-buildpackage: + Add dpkg-source local-options. + Suppress .pc dir. -- Jonas Smedegaard <email address hidden> Fri, 24 Dec 2010 00:05:07 +0100
| Superseded in sid-release |
awstats (6.9.5~dfsg-4) unstable; urgency=low
[ Jonas Smedegaard ]
* Fix bashism in buildstatic.sh.
Closes: bug#582861.
* Recommend versions of coreutils supporting mktemp --tmpdir.
Closes: bug#582602, thanks to Vincent Danjean.
[ Andreas Henriksson ]
* Remove myself from uploaders.
[ Sergey B Kirpichev ]
* Install logresolvemerge.pl in tools.
Closes: bug#275491.
* Change order of configs parsing in update.sh and buildstatic.sh.
Closes: bug#580699, thanks to Ken Neighbors.
* Improve documentation. Logfile permissions, EnableLockForUpdate
option, setup for multiple sites.
Closes: bug#580702, thanks to Ken Neighbors.
* Prevent nested includes from being prematurely closed.
Closes: bug#575545, thanks to Ken Neighbors.
* Rephrase steps needed for apache.conf installation.
Closes: bug#590947.
-- Jonas Smedegaard <email address hidden> Fri, 06 Aug 2010 23:26:53 -0400
| Superseded in sid-release |
awstats (6.9.5~dfsg-3) unstable; urgency=low
[ Sergey B Kirpichev ]
* Show error messages from cron jobs.
Closes: bug#580672, thanks to Ken Neighbors.
* Add option to disable nightly generation of static html reports.
Closes: bug#580692, thanks to Ken Neighbors.
* Option to use "nice" to lower the priority of cron scripts.
Closes: bug#580693, thanks to Ken Neighbors.
* Set default language (en) for static reports generation
* Cosmetic improvements to cron scripts.
Closes: bug#580704.
* Recognize method/protocol RTSP in uppercase.
Closes: bug#350601, thanks to Lee Maguire.
* Report permissions problem while reading awstats.custom.conf.
Closes: bug#572353, thanks to Ken Neighbors.
[ Jonas Smedegaard ]
* Reverse test logic when sourcing /etc/default/awstats to not fail if
missing.
* Respect TMPDIR for temporary files (i.e. use mktemp --tmpdir).
* Update patches:
+ Drop (unapplied) patch 0011: applied upstream at some point in the
past.
+ Unfuzz (unapplied) patch 0006.
+ Refresh patches 0006, 1015 and 1016 with compacting quilt options
--no-index --no-timestamps -pab.
-- Jonas Smedegaard <email address hidden> Wed, 19 May 2010 13:53:50 +0200
| Superseded in squeeze-release |
awstats (6.9.5~dfsg-2) unstable; urgency=low
[ Sergey B Kirpichev ]
* Fail on error in buildstatic.sh.
* Clarify patch policy.
* Set up executable bit on awstats_buildstaticpages.pl.
Closes: bug#580523, thanks to Ken Neighbors and Laurent Bonnaud.
[ Jonas Smedegaard ]
* Tidy patch README a bit - stripping note related to a specific
patch.
* Refer to FSF website (not postal address) in licensing header of
rules file.
* Release to unstable.
-- Jonas Smedegaard <email address hidden> Thu, 06 May 2010 18:04:04 +0200
| Deleted in experimental-release (Reason: None provided.) |
awstats (6.9.5~dfsg-1) experimental; urgency=low
[ Sergey B Kirpichev ]
* New upstream release.
* Fix paths for all geoip plugins.
* Rewrite patch 1004 to check full Perl version (not just minor
version, and not just drop the check - see #440035), and to fix
awstats_buildstaticpages.pl too.
Closes: #519319, thanks to Andrew Ruthven.
* Update patch 1007 (russian locale) to use abbreviated month and day
of week names, and to fix dos->unix fileformat.
* Drop patch 2001 (hiding charts in days of month statistics) as it
breaks rounding of Averages. Closes: #522467, thanks to Jools Wills.
* Add new patch 1012 to strip the trailing dot when making a reverse
on ipv6 addresses. Closes: #397544, thanks to Laurent Bigonville.
* Add new patch 1013 to fix wrong search engine logging from yahoo
sites. Closes: #347426, thanks to Erik Jacobson.
* Add new patch 1014 to add WebSec to robots list.
Closes: #284149, thanks to Baruch Even.
* Add new patch 2001 to fix awstats_buildstaticpages.pl path to
awstats.pl.
* Add/fix Description & Author fields for patches.
* Submit 1xxx patches upstream
* Renumber patches adopted upstream:
+ 1006 → 0006
+ 1007 → 0007 (upstream #2540486)
+ 1011 → 0011 (upstream #2794728)
* Improve cron job:
+ Drop log file checks.
Closes: #294586, #439889, thanks to Ralf Neubauer and others.
+ Move update to new script update.sh supporting multiple configs.
+ Add new script buildstatic.sh to generate daily static reports.
Drop TODO item about generating only static reports.
* Update README.Debian:
+ Add multisite notes. Closes: #415334, thanks to Eric Wadsworth.
+ Fix note on combined log format (Apache2 uses CLF per default).
+ Cleanup configure.pl notes
+ Use Apache 2.x in examples.
* Create /var/cache/awstats in postinst, for static html reports.
* Change DATADIR to /var/lib/awstats in sample script redostats.sh.
* Install awstats_buildstaticpages.pl as tool (not sample script).
* Add /etc/default/awstats file.
* Handle /etc/awstats/awstats.conf in update.sh and buildstatic.sh
* Suggest liburi-perl.
Closes: #558131.
[ Jonas Smedegaard ]
* Add README.source. Drop README.cdbs-tweaks.
* Mention git-orig-source build target in watch file.
* Bump standards-version to 3.8.4.
* Bump debhelper compatibility level to 6.
* Reformat debian/copyright to conform to proposal DEP5 rev. 135.
* Include actual licensing text of GPL-2+ in debian/copyright.
* Build java applet using Ant and in compliance with Debian Java
Policy.
* Fix set x bit on tools and examples (and unset elsewhere).
* Fix cron jobs to not run scripts if missing (i.e. when awstats
package is removed but not purged).
* Fix explicitly exclude awstats_buildstaticpages.pl from getting
installed as sample script.
* Drop all local CDBS snippets: included with main cdbs package now.
* Switch to source format "3.0 (quilt)".
* Drop patchsys-quilt.mk snippet: superfluous with source format "3.0
(quilt)".
* Drop invoking dh_perl explicitly (handled in cdbs since late 2003).
* Drop no longer needed .cvsignore cleanup.
* Fix fail on error uudecoding Firefox icon.
[ Andreas Henriksson ]
* Replace apache with apache2 as default config choice.
Closes: #257832.
* Fix insecure tempfile creation in example script redostats.sh.
* Install awgraphapplet.jar (built from source, avoiding upstream
shipped binary), thanks to Andreas Westwik.
* Remove Charles Fry from uploaders on his request.
Closes: #569474.
-- Jonas Smedegaard <email address hidden> Thu, 01 Apr 2010 14:27:16 +0200
awstats (6.9~dfsg-1) unstable; urgency=low
[ Sergey B Kirpichev ]
* New upstream release (Closes: #494676).
* Add myself to Uploaders field.
* Drop patches 0001 and 1005 (applied upstream).
* Unfuzz patches 1002-1004.
* Add new patch 1007 updating Russian translation. Thanks to Sergey
Kirpichev at upstream tracker #2540486.
* Add new patch 1008 enhancing the ExtraSection headings to include
the words (Top XXX) for consistency with all other section headings.
* Add new patch 1009 fixing URL to Hurd (Closes: #408086).
* Add new patch 1010 fixing dirdata permissions (Closes: #299148).
* Add new patch 1011 fixing Geo::IPfree warnings (Closes: #512373).
* Add new patch 2001 hiding charts in days of month statistics.
* Use debian defaults for geoip data files.
[ Jonas Smedegaard ]
* Repackage upstream tarball.
* Packaging moved to Git (from Subversion). Update debian/control and
git-buildpackage configfile, enabling pristine-tar support.
* Use new local CDBS snippet package-relations.mk to resolve, cleanup
and apply CDBS-declared (build-)dependencies.
* Add DEB_MAINTAINER_MODE in debian/rules (thanks to Romain Beauxis).
* Update local CDBS snippets:
+ upstream-tarball.mk: internal restructuring
+ buildinfo.mk: fix copyright years
+ copyright-check.mk: major rewrite, now generating hint file more
readily usable as template for new proposed copyright format
+ Update README.cdbs-tweaks to also cover newly added package-
relations.mk.
* Rewrite debian/copyright using new proposed syntax (v440). Update
copyright-hints.
* Unfuzz patch 1006.
* Depend on misc:depends (thanks to lintian) and cdbs:depends
(currently unused, and drop superfluous dependencies (fulfilled by
perl even in oldstable).
-- Jonas Smedegaard <email address hidden> Tue, 03 Mar 2009 18:19:24 +0100
awstats (6.7.dfsg-5.1) unstable; urgency=high
* Non-maintainer upload by the Security Team.
* Strip '"' characters during URL decoding, fixing a cross-site
scripting attack (CVE-2008-3714; CVE-2008-5080; Closes: #495432).
-- Nico Golde <email address hidden> Wed, 10 Dec 2008 13:05:43 +0100
awstats (6.7.dfsg-5) unstable; urgency=low
* Add debian/patches/0001_awstats69beta_xss.patch,
upstream security fix from 6.9 beta to fix XSS.
(Closes: #495432, upstream bug 2001151)
-- Andreas Henriksson <email address hidden> Sun, 17 Aug 2008 13:54:04 +0200
| 1 → 35 of 35 results | First • Previous • Next • Last |
