Bug#574067: CVE-2010-0044 cookie weakness
Michael Gilbert
michael.s.gilbert at gmail.com
Tue Mar 16 02:39:21 UTC 2010
Package: libpoe-component-pubsub-perl
Version: 0.05-1
Severity: normal
Tags: security
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for safari. I'm not sure if their version of pubsub relates
to this package, but it should be checked. If it does not, please
close the bug. Thanks.
CVE-2010-0044[0]:
| PubSub in Apple Safari before 4.0.5 does not properly implement use of
| the Accept Cookies preference to block cookies, which makes it easier
| for remote web servers to track users by setting a cookie in a (1) RSS
| or (2) Atom feed.
If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0044
http://security-tracker.debian.org/tracker/CVE-2010-0044
More information about the pkg-perl-maintainers
mailing list