Bug#607479: libfcgi-perl/CVE-2011-2766 authentication bypass
Moritz Muehlenhoff
jmm at inutil.org
Fri Oct 14 15:54:44 UTC 2011
On Wed, Oct 12, 2011 at 12:03:50PM +0300, Damyan Ivanov wrote:
> > Hello Damyan, are you planning to do this or do you need someone
> > else to take over? IMO this one warrants a DSA.
>
> Thanks for the nudge. I have pushed the squeeze branch of
> http://anonscm.debian.org/gitweb/?p=pkg-perl/packages/libfcgi-perl.git;a=summary
> with the changes so others can take over for the actual uploading if I am away.
>
> The squeeze version still has Vcs-Svn in its control file. Would it be
> acceptable to change that too?
Yes. Please upload to security-master. Note that it needs to be build
with "-sa", since libfcgi-perl is new in stable-security.
Cheers,
Moritz
More information about the pkg-perl-maintainers
mailing list