-
logrotate (3.7.8-6) unstable; urgency=low
* New patch:
+ ucf-taboos.patch. Add common ucf files to default taboo list. Thanks
to Noah Massey.
-- Paul Martin <email address hidden> Sat, 17 Apr 2010 22:01:47 +0100
-
logrotate (3.7.8-5) unstable; urgency=low
* New patch:
+ parser571033.patch: fix the config parser to not get confused when
a wildcard produces no results. (Closes: 571033)
* Switch to dpkg-source 3.0 (quilt) format
* Bump debhelper version to 7 (dh_clean -k -> dh_prep).
* Update standards version to 3.8.4 (no changes).
-- Paul Martin <email address hidden> Sat, 20 Mar 2010 19:37:26 +0000
-
logrotate (3.7.8-4) unstable; urgency=high
* New patch:
+ security-388608.patch: A race condition in the creation of
compressed and copied log files makes it possible to overwrite
arbitrary files by generating a link or symlink during a window
of opportunity between logrotate renaming a log file and creating
the copy of the next. (Closes: #388608) Once again, many thanks to
Florian Zumbiehl for forcing me to think.
* Uploading to unstable.
-- Paul Martin <email address hidden> Fri, 14 Aug 2009 23:22:04 +0100
-
logrotate (3.7.7-5) unstable; urgency=high
* Backport patch from 3.7.8-3 (in experimental):
+ nofollow.patch: If a logfile is a symlink, it may be read when
being compressed, being copied (copy, copytruncate) or mailed.
Secure data (eg. password files) may be exposed. Thanks to
Florian Zumbiehl for getting me thinking about this one.
-- Paul Martin <email address hidden> Thu, 06 Aug 2009 16:41:26 +0100
-
logrotate (3.7.7-3) unstable; urgency=low
* Fix sharedcycles. (Closes: #512152)
-- Paul Martin <email address hidden> Sun, 18 Jan 2009 00:48:49 +0000