rpms/logwatch/devel logwatch-7.1-http.patch, NONE, 1.1 logwatch.spec, 1.31, 1.32

fedora-cvs-commits at redhat.com fedora-cvs-commits at redhat.com
Fri Dec 23 09:45:27 UTC 2005 

Author: varekova

Update of /cvs/dist/rpms/logwatch/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv14148

Modified Files:
	logwatch.spec 
Added Files:
	logwatch-7.1-http.patch 
Log Message:
- fix http exploits problem (bug 176324 - comment 2)



logwatch-7.1-http.patch:
 http |   26 +++++++++++++-------------
 1 files changed, 13 insertions(+), 13 deletions(-)

--- NEW FILE logwatch-7.1-http.patch ---
--- logwatch-7.1/scripts/services/http.ex	2005-10-19 07:27:21.000000000 +0200
+++ logwatch-7.1/scripts/services/http	2005-12-23 10:25:28.000000000 +0100
@@ -265,9 +265,9 @@
 my @exploits = (
    'null',
    '/\.\./\.\./\.\./',
-   '\.\./\.\./config.sys',
-   '/\.\./\.\./\.\./autoexec.bat',
-   '/\.\./\.\./windows/user.dat',
+   '\.\./\.\./config\.sys',
+   '/\.\./\.\./\.\./autoexec\.bat',
+   '/\.\./\.\./windows/user\.dat',
    '\\\x02\\\xb1',
    '\\\x04\\\x01',
    '\\\x05\\\x01',
@@ -284,18 +284,18 @@
    '\/c\+dir\+c',
    '\.htpasswd',
    'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa',
-   'author.exe',
-   'boot.ini',
-   'cmd.exe',
+   'author\.exe',
+   'boot\.ini',
+   'cmd\.exe',
    'c%20dir%20c',
-   'default.ida',
-   'fp30reg.dll',
-   'httpodbc.dll',
-   'nsiislog.dll',
+   'default\.ida',
+   'fp30reg\.dll',
+   'httpodbc\.dll',
+   'nsiislog\.dll',
    'passwd$',
-   'root.exe',
-   'shtml.exe',
-   'win.ini',
+   'root\.exe',
+   'shtml\.exe',
+   'win\.ini',
    'xxxxxxxxxxxxxxxxxxxxxx',
 );
 


Index: logwatch.spec
===================================================================
RCS file: /cvs/dist/rpms/logwatch/devel/logwatch.spec,v
retrieving revision 1.31
retrieving revision 1.32
diff -u -r1.31 -r1.32
--- logwatch.spec	9 Dec 2005 22:41:49 -0000	1.31
+++ logwatch.spec	23 Dec 2005 09:45:24 -0000	1.32
@@ -1,7 +1,7 @@
 Summary: A log file analysis program.
 Name: logwatch
 Version: 7.1
-Release: 4.1
+Release: 5
 License: MIT
 Group: Applications/System
 URL: http://www.logwatch.org/
@@ -14,6 +14,7 @@
 Patch6: logwatch-7.1-secure.patch
 Patch7: logwatch-7.1-iptables.patch
 Patch8: logwatch-7.1-audit.patch
+Patch9: logwatch-7.1-http.patch
 
 Requires: textutils sh-utils grep mailx
 BuildRoot: %{_tmppath}/logwatch-build
@@ -35,6 +36,7 @@
 %patch6 -p1
 %patch7 -p1
 %patch8 -p1
+%patch9 -p1
 
 %install
 
@@ -136,6 +138,9 @@
 %doc License project/CHANGES project/TODO
 
 %changelog
+* Fri Dec 23 2005 Ivana Varekova <varekova at redhat.com> 7.1-5
+- fix http exploits problem (bug 176324 - comment 2)
+
 * Fri Dec 09 2005 Jesse Keating <jkeating at redhat.com>
 - rebuilt

More information about the fedora-cvs-commits mailing list