[Secure-testing-team] Bug#606370: CVE-2010-2761 CVE-2010-4410 CVE-2010-4411
Moritz Muehlenhoff
jmm at debian.org
Wed Dec 8 18:47:18 UTC 2010
Package: libcgi-pm-perl
Version: 3.49-1
Severity: grave
Tags: security
Three security issues have been reported in libcgi-pm-perl:
http://security-tracker.debian.org/tracker/CVE-2010-2761
http://security-tracker.debian.org/tracker/CVE-2010-4410
http://security-tracker.debian.org/tracker/CVE-2010-4411
The first two issues are fixed in 3.50 (already in sid), but
the second is still pending a final fix (see the referenced
link). Please get in touch with the release team to check,
whether migrating 3.50 plus the fix for CVE-2010-4411 or
uploading a tpu fix with 3.49 plus the security fixes is the
best way to resolve this.
Cheers,
Moritz
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core)
Locale: LANG=C, LC_CTYPE=de_DE.ISO-8859-15 at euro (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/bash
More information about the Secure-testing-team
mailing list