Ubuntu
awstats package

Branches for Breezy

Name		Status	Last Modified	Last Commit
lp:ubuntu/breezy/awstats		1 Development	2009-06-15 18:55:27 UTC 2009-06-15	4. * SECURITY UPDATE: Fix arbitrary comm... Author: Martin Pitt Revision Date: 2005-08-11 18:23:09 UTC * SECURITY UPDATE: Fix arbitrary command injection. * Add debian/patches/03_remove_eval.patch: - Replace all eval() calls for dynamically constructed function names with soft references. This fixes arbitrary command injection with specially crafted referer URLs which contain Perl code. - Patch taken from upstream CVS, and contained in 6.5 release. * References: CAN-2005-1527 http://www.idefense.com/application/poi/display?id=290&type=vulnerabilities
lp:ubuntu/breezy-security/awstats		1 Development	2009-06-15 18:55:33 UTC 2009-06-15	7. * SECURITY UPDATE: Fix XSS vulnerabil... Author: Kees Cook Revision Date: 2006-10-06 12:53:15 UTC * SECURITY UPDATE: Fix XSS vulnerability and full path exposure. * Add 'debian/patches/05_backport_6.6_xss-fixes.patch' to filter XSS and adjust error message reports. Backported from upstream changes. * References CVE-2006-3681 CVE-2006-3682 http://awstats.cvs.sourceforge.net/awstats/awstats/wwwroot/cgi-bin/awstats.pl?r1=1.867&r2=1.871