Bug#552531: libhtml-parser-perl: decode_entities confused by trailing incomplete entity can lead to DoS attacks
Salvatore Bonaccorso
salvatore.bonaccorso at gmail.com
Tue Oct 27 21:02:21 UTC 2009
Hi
I have now prepared and updated the patch for the version in lenny,
attached to this mail is the debdiff to the current version in stable.
Security Team, could you review the changes? If you agree, how to to
proceed? (Note: I cannot upload it then by myself since I'm not yet a
DD).
Bests
Salvatore
-------------- next part --------------
A non-text attachment was scrubbed...
Name: debdiff_libhtml-parser-perl_3.56-1_3.5.6-1+lenny1.diff
Type: text/x-diff
Size: 5163 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-perl-maintainers/attachments/20091027/69975972/attachment-0001.diff>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-perl-maintainers/attachments/20091027/69975972/attachment-0001.pgp>
More information about the pkg-perl-maintainers
mailing list