update to new release; CVE-2011-1018: Privilege escalation due improper sanitization of special characters in log file names

2011-02-28 15:30:51 +01:00 · 2011-02-28 15:30:51 +01:00 · 0329ca9010
commit 0329ca9010
parent 843bab381e
3 changed files with 12 additions and 6 deletions
--- a/.gitignore
+++ b/.gitignore
@ -2,3 +2,4 @@ logwatch-7.3.6.tar.gz
 /logwatch-20110113.tar.xz
 /logwatch-20110201.tar.xz
 /logwatch-svn25.tar.xz
+/logwatch-svn46.tar.xz
--- a/logwatch.spec
+++ b/logwatch.spec
@ -1,15 +1,15 @@
 Summary: A log file analysis program
 Name: logwatch
 Version: 7.3.6
-Release: 65.20110203svn25%{?dist}
+Release: 66.20110228svn46%{?dist}
 License: MIT
 Group: Applications/System
 URL: http://www.logwatch.org/
 # The source for this package was pulled from upstream's vcs.  Use the
 # following commands to generate the tarball:
-#  svn export -r 25 https://logwatch.svn.sourceforge.net/svnroot/logwatch logwatch-svn25
-#  tar cJvf logwatch-svn25.tar.xz logwatch-svn25
-Source0: logwatch-svn25.tar.xz
+#  svn export -r 46 https://logwatch.svn.sourceforge.net/svnroot/logwatch logwatch-svn46
+#  tar cJvf logwatch-svn46.tar.xz logwatch-svn46
+Source0: logwatch-svn46.tar.xz
 #Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz
 # Needs proper fix. Not applied by the upstream.
 Patch0: logwatch-vsftpd.patch
@ -30,7 +30,7 @@ that you wish with the detail that you wish.  Easy to use - works right out
 of the package on many systems.

 %prep
-%setup -q -n logwatch-svn25
+%setup -q -n logwatch-svn46
 %patch0 -p1
 %patch1 -p1
 rm -f scripts/services/*.orig
@ -127,6 +127,11 @@ echo "# Configuration overrides for specific logfiles/services may be placed her
 %doc LICENSE

 %changelog
+* Mon Feb 28 2011 Karel Klic <kklic@redhat.com> -  7.3.6-66.20110228svn46
+- Updated to the latest svn revision
+- Fixes CVE-2011-1018: Privilege escalation due improper sanitization
+  of special characters in log file names (rhbz#680237)
+
 * Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 7.3.6-65.20110203svn25
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild

--- a/2
+++ b/2
@ -1 +1 @@
-d87d004fa8136dc318e58e3994a0a900  logwatch-svn25.tar.xz
+5a1557fec8155b72a56d14628abb6766  logwatch-svn46.tar.xz