Closed Beuc closed 3 years ago
It's probably CVE-2020-29600 / CVE-2020-35176 (config
parameter) that are related to CVE-2017-1000501 that was deemed to be incomplete.
I believe this is a just a bad git-log import. I opened this issue to clarify, but it is now causing more confusion, so let's close this.
Hi,
Looking at: https://www.awstats.org/docs/awstats_changelog.txt I see for 7.8 (second-to-last entry):
Is this a new vulnerability fixed in 7.8? Or is this a wrong copy/paste from 06c0ab29c1e5059d9e0279c6b64d573d619e1651 (of CVE-2017-1000501 / 7.7 )? Or is this a reference to #90 and its complementary fix?
Thanks for your work on awstats.