LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Little things that matter in language design

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Fedora alert FEDORA-2008-10962 (awstats)



From:
    	      updates@fedoraproject.org


To:
    	      fedora-package-announce@redhat.com


Subject:
    	      [SECURITY] Fedora 9 Update: awstats-6.8-3.fc9


Date:
    	      Mon, 08 Dec 2008 13:06:27 +0000


Message-ID:
    	      <20081208130628.0D39420896E@bastion.fedora.phx.redhat.com>


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-10962
2008-12-08 11:44:37
--------------------------------------------------------------------------------

Name        : awstats
Product     : Fedora 9
Version     : 6.8
Release     : 3.fc9
URL         : http://awstats.sourceforge.net
Summary     : Advanced Web Statistics
Description :
Advanced Web Statistics is a powerful and featureful tool that generates
advanced web server graphic statistics. This server log analyzer works
from command line or as a CGI and shows you all information your log contains,
in graphical web pages. It can analyze a lot of web/wap/proxy servers like
Apache, IIS, Weblogic, Webstar, Squid, ... but also mail or ftp servers.

This program can measure visits, unique vistors, authenticated users, pages,
domains/countries, OS busiest times, robot visits, type of files, search
engines/keywords used, visits duration, HTTP errors and more...
Statistics can be updated from a browser or your scheduler.
The program also supports virtual servers, plugins and a lot of features.

With the default configuration, the statistics are available:
http://localhost/awstats/awstats.pl

--------------------------------------------------------------------------------
Update Information:

Use Debian's patch for CVE-2008-3714 (rh#474396)
--------------------------------------------------------------------------------
ChangeLog:

* Sat Dec  6 2008 Aurelien Bompard <abompard@fedoraproject.org> 6.8-3
- Use Debian's patch for CVE-2008-3714 (rh#474396)
* Sat Aug 23 2008 Aurelien Bompard <abompard@fedoraproject.org> 6.8-2
- Add upstream patch for CVE-2008-3714
* Mon Jul 21 2008 Aurelien Bompard <abompard@fedoraproject.org> 6.8-1
- version 6.8
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #474396 - CVE-2008-5080 awstats: incomplete fix for CVE-2008-3714 XSS issue
        https://bugzilla.redhat.com/show_bug.cgi?id=474396
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update awstats' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-ann...
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds