====================================================================

                             CERT-Renater

                 Note d'Information No. 2018/VULN015
_____________________________________________________________________

DATE                : 11/01/2018

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running AWStats versions prior to 7.7.

=====================================================================
https://sourceforge.net/p/awstats/news/2018/01/awstats-log-analyzer-77-has-been-released-/
_____________________________________________________________________

AWStats Log Analyzer 7.7 has been released. The package can be
downloaded from the website of the AWStats project:
http://www.awstats.org
Changes in this version are as follows :

** 7.7 **

Security fix: CVE-2017-1000501
Security fix: Missing sanitizing of parameters
Fix LogFormat=4 with url containing spaces.
Fix to window.opener vulnerability in external referral site links.
Add methodurlprot in key to define log format.
Add Dynamic DNS Lookup.
Fix edge support.

==========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44           +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41           +
+ 75013 Paris           | email: cert@support.renater.fr +
==========================================================