Overview
logrotate: Multiple security fixes

This update for logrotate provides the following fixes:

* The shred_file function in logrotate might allow
context-dependent attackers to execute arbitrary commands
via shell metacharacters in a log filename, as
demonstrated by a filename that is automatically
constructed on the basis of a hostname or virtual machine
name (CVE-2011-1154) (bnc#679661)

* Race condition in the createOutputFile function in
logrotate allows local users to read log data by opening
a file before the intended permissions are in place
(CVE-2011-1098) (bnc#677336)

* The writeState function in logrotate might allow
context-dependent attackers to cause a denial of service
(rotation outage) via a (1) \n (newline) or (2) \
(backslash) character in a log filename, as demonstrated
by a filename that is automatically constructed on the
basis of a hostname or virtual machine name
(CVE-2011-1155) (bnc#679662)

Fixed bugs
bnc#677336
VUL-1: logrotate: information disclosure
bnc#679661
VUL-0: logrotate: shell command injection via shred option
bnc#679662
VUL-1: logrotate: DoS via crafted log file name
CVE#CVE-2011-1154
The shred_file function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a log filename, as demonstrated by a filename that is automatically constructed on the
CVE#CVE-2011-1155
The writeState function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to cause a denial of service (rotation outage) via a (1) n (newline) or (2) (backslash) character in a log filename, as demonstrated by a file
CVE#CVE-2011-1098
Race condition in the createOutputFile function in logrotate.c in logrotate 3.7.9 and earlier allows local users to read log data by opening a file before the intended permissions are in place.
Selected Binaries
openSUSE Build Service is sponsored by
Places