[Pkg-monitoring-maintainers] Bug#760372: loganalyzer: CVE-2014-6070
Salvatore Bonaccorso
carnil at debian.org
Wed Sep 3 11:04:37 UTC 2014
Source: loganalyzer
Version: 3.6.5+dfsg-7
Severity: important
Tags: security upstream fixed-upstream
Hi,
the following vulnerability was published for loganalyzer. But I was
not yet able to verify the vulnerability, but it is said to be fixed
in 3.6.6 upstream.
CVE-2014-6070[0]:
Syslog LogAnalyzer persistent XSS injection
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2014-6070
[1] http://seclists.org/fulldisclosure/2014/Sep/17
[2] http://loganalyzer.adiscon.com/downloads/
Regards,
Salvatore
More information about the Pkg-monitoring-maintainers
mailing list