Patchwork [0/1] logrotate: fix for CVE-2011-1548

mail settings
Date June 18, 2013, 2:28 a.m.
Message ID <>
Download mbox
Permalink /patch/51867/
State New
Headers show


git:// wenzong/logrotate

Comments - June 18, 2013, 2:28 a.m.
From: Wenzong Fan <>

If a logfile is a symlink, it may be read when being compressed, being
copied (copy, copytruncate) or mailed. Secure data (eg. password files)
may be exposed.
Portback nofollow.patch from:

The following changes since commit 1dd643b142c69ac9035e29bff11d02201638dc65:

  licences: Add SGI license (2013-06-17 16:45:37 +0100)

are available in the git repository at:

  git:// wenzong/logrotate

Wenzong Fan (1):
  logrotate: fix for CVE-2011-1548

 .../logrotate-3.8.1/logrotate-CVE-2011-1548.patch  |   43 ++++++++++++++++++++
 meta/recipes-extended/logrotate/ |    1 +
 2 files changed, 44 insertions(+)
 create mode 100644 meta/recipes-extended/logrotate/logrotate-3.8.1/logrotate-CVE-2011-1548.patch