Bug#359232: libcrypt-cbc-perl security update broken.
Jonathan McDowell
noodles at earth.li
Mon Mar 27 12:17:01 UTC 2006
Package: libcrypt-cbc-perl
Severity: grave
Version: 2.12-1sarge1
The security update of libcrypt-cbc-perl to 2.12-1sarge1 causes
breakage; when the upgrade is applied I see the following errors:
Use of uninitialized value in pattern match (m//) at /usr/share/perl5/Crypt/CBC.pm line 240, <GEN0> line 4.
Use of uninitialized value in pattern match (m//) at /usr/share/perl5/Crypt/CBC.pm line 240, <GEN0> line 4.
Use of uninitialized value in concatenation (.) or string at /usr/share/perl5/Crypt/CBC.pm line 171, <GEN0> line 4.
This is using the module with libopensrs-perl (backported to sarge) and
causes the authentication to OpenSRS to fail. Downgrading to 2.12-1
fixes things.
I'll try to do some more investigation later if I have time; apologies
for the limited details here.
J.
--
Counselor, can I, uh, use your | .''`. Debian GNU/Linux Developer
com-badge? - Riker | : :' : Happy to accept PGP signed
| `. `' or encrypted mail - RSA +
| `- DSA keys on the keyservers.
More information about the pkg-perl-maintainers
mailing list