Bug#661536: libdbd-pg-perl: FTBFS with hardening flags enabled: -Werror=format-security
Niko Tyni
ntyni at debian.org
Sat Mar 10 07:07:56 UTC 2012
retitle 661536 libdbd-pg-perl: CVE-2012-1151: Format string vulnerabilities in server error parsing
thanks
On Fri, Mar 09, 2012 at 08:33:32AM +0200, Niko Tyni wrote:
> forwarded 661536 https://rt.cpan.org/Public/Bug/Display.html?id=75642
> severity 661536 grave
> tag 661536 security patch
> found 661536 2.17.1-2
> thanks
>
> On Mon, Feb 27, 2012 at 09:31:31PM +0000, Dominic Hargreaves wrote:
> > Source: libdbd-pg-perl
> > Severity: normal
> > Version: 2.18.1-1
> >
> > With hardening flags enabled, this package FTBFS:
> These format strings can be injected by a malicious server,
> so raising the severity. A DSA will be issued for squeeze.
This is CVE-2012-1151.
http://seclists.org/oss-sec/2012/q1/609
--
Niko Tyni ntyni at debian.org
More information about the pkg-perl-maintainers
mailing list