Gentoo Linux Security Advisory 201203-20 - A vulnerability in Logwatch might allow remote attackers to execute arbitrary code. Versions less than 7.4.0 are affected.
2857d0863456f791c8117b5d6179a722b3f16f159232cab236f84eb3e5883240
Ubuntu Security Notice 1078-1 - Dominik George discovered that logwatch did not properly sanitize log file names that were passed to the shell as part of a command. If a remote attacker were able to generate specially crafted filenames (for example, via Samba logging), they could execute arbitrary code with root privileges.
0f547aa43b22177b3cdef403c9b0e44b89e5196125c31c09f67ed05eff3feaf3