[Mageia-dev] [RPM] cauldron core/release logrotate-3.8.0-1.mga2
nicolas vigier
boklm at mars-attacks.org
Wed Jul 6 11:29:56 CEST 2011
On Wed, 06 Jul 2011, Ahmad Samir wrote:
> On 4 July 2011 08:25, Mageia Team <buildsystem-daemon at mageia.org> wrote:
> > Name : logrotate Relocations: (not relocatable)
> > Version : 3.8.0 Vendor: Mageia.Org
> > Release : 1.mga2 Build Date: Mon Jul 4 08:24:04 2011
> > Install Date: (not installed) Build Host: ecosse
> > Group : File tools Source RPM: (none)
> > Size : 55428 License: GPLv2
> > Signature : (none)
> > Packager : Mageia Team <http://www.mageia.org>
> > URL : https://fedorahosted.org/logrotate/
> > Summary : Rotates, compresses, removes and mails system log files
> > Description :
> > The logrotate utility is designed to simplify the administration of
> > log files on a system which generates a lot of log files. Logrotate
> > allows for the automatic rotation compression, removal and mailing of
> > log files. Logrotate can be set to handle a log file daily, weekly,
> > monthly or when the log file gets to a certain size. Normally,
> > logrotate runs as a daily cron job.
> >
> > Install the logrotate package if you need a utility to deal with the
> > log files on your system.
> >
> > ahmad <ahmad> 3.8.0-1.mga2:
> > + Revision: 117993
> > - Update to 3.8.0, fixes:
> > CVE-2011-1098
> > CVE-2011-1154
> > CVE-2011-1155
> > - Drop patch0, fixed upstream
> > - Add BR acl-devel and compile with WITH_ACL
> > - Put 'make test' in a %check section
>
> FWIW, I couldn't extract the commits from upstream SVN[1] that fixed
> those three CVE's (the upstream svn log isn't that clear to me..), so
> I can't backport the fixes to mga1.
There are patchs on redhat bugzilla.
CVE-2011-1098:
https://bugzilla.redhat.com/show_bug.cgi?id=680798
CVE-2011-1154:
https://bugzilla.redhat.com/show_bug.cgi?id=680796
CVE-2011-1155:
https://bugzilla.redhat.com/show_bug.cgi?id=680797
More information about the Mageia-dev
mailing list