This update fixes remote code execution vulnerabilities in the WWW statistical analyzer awstats.
Please install the update packages. Some workarounds are: - Deinstall awstats if you do not need it. - Protect the awstats CGI by normal web access protection methods so that only authorized users can access it.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
openSUSE | 9.1 | noarch | awstats | < 6.6-0.1 | awstats-6.6-0.1.noarch.rpm |
openSUSE | 10.1 | noarch | awstats | < 6.6-0.1 | awstats-6.6-0.1.noarch.rpm |
openSUSE | 9.3 | noarch | awstats | < 6.6-0.1 | awstats-6.6-0.1.noarch.rpm |
openSUSE | 9.2 | noarch | awstats | < 6.6-0.1 | awstats-6.6-0.1.noarch.rpm |
openSUSE | 10.0 | noarch | awstats | < 6.6-0.1 | awstats-6.6-0.1.noarch.rpm |