[Pkg-awstats-devel] awstats on etch
Andreas Henriksson
andreas at fatal.se
Fri Jan 9 17:43:11 UTC 2009
On fre, 2009-01-09 at 16:48 +0100, TommyBlue wrote:
> Hi,
> i'd like to use awstats on etch, but the 6.5 version has ad exploit:
> http://www.milw0rm.com/exploits/1755
>
Seems like you are talking about CVE-2006-2237, see:
http://www.debian.org/security/2006/dsa-1058
> is the etch version affected?
Looking at the version number in the above dsa; All versions ever
shipped with Etch should have this security fix already. (Additional
fixes has later been shipped in updated packages for Etch.)
As a general note, all packages in debian stable (or like now when
testing is frozen) gets fixed by a patch rather then shipping a new
upstream release (which might have other changes as well and has a
bigger risk of introducing regressions).
--
Regards,
Andreas Henriksson
More information about the Pkg-awstats-devel
mailing list