[SRM] perl lenny upload (CVE-2010-2761 CVE-2010-4410 CVE-2010-4411 CVE-2010-1974)

Adam D. Barratt adam at adam-barratt.org.uk
Mon Jan 17 13:11:45 UTC 2011


On Mon, January 17, 2011 11:09, Niko Tyni wrote:
> On Sun, Jan 16, 2011 at 10:05:59PM +0000, Adam D. Barratt wrote:
>> On Sat, 2011-01-15 at 21:51 +0200, Niko Tyni wrote:
>> > On Fri, Jan 14, 2011 at 09:28:09AM +0200, Niko Tyni wrote:
>> > > I'll try to get a perl lenny upload (#606995) in stable NEW by
>> Monday.
>> [...]
>> >  perl (5.10.0-19lenny3) stable; urgency=low
>> >  .
>> >    * [SECURITY] CVE-2010-2761 CVE-2010-4410 CVE-2010-4411:
>> >      fix CGI.pm MIME boundary and multiline header vulnerabilities.
>> >      (Closes: #606995)
>> >    * [SECURITY] CVE-2010-1974: Update to Safe-2.25, fixing code
>> injection
>> >      and execution vulnerabilities. (Closes: #582978)
>
>> Based on your testing, including both patches will be fine.  Thanks for
>> working on this.
>
> Thanks, uploaded (with a fixed CVE id for the Safe.pm issue.)

Flagged for acceptance at the next dinstall.

Regards,

Adam





More information about the Perl-maintainers mailing list