Bug#631529: Missing fix for CVE-2010-1447
Dominic Hargreaves
dom at earth.li
Sat Jun 25 11:09:03 UTC 2011
On Fri, Jun 24, 2011 at 06:56:40PM +0200, Moritz Muehlenhoff wrote:
> Package: perl
> Severity: grave
> Tags: security
>
> Hi Perl maintainers,
> it turns out that CVE-2010-1447 is still missing in Lenny and
> Squeeze. It was originally attributed to Postgres, but it
> was later found out that Perl is affected as well.
>
> The attached patch is still needed in both Lenny and Squeeze.
Thanks for pointing this out. I'll verify the patch and prepare packages;
do you want them uploaded to security-master ASAP?
Cheers,
Dominic.
--
Dominic Hargreaves | http://www.larted.org.uk/~dom/
PGP key 5178E2A5 from the.earth.li (keyserver,web,email)
More information about the Perl-maintainers
mailing list