Bug#702821: libapache2-mod-perl2: FTBFS: the CVE-2013-1667 fix breaks t/perl/hash_attack.t
Dominic Hargreaves
dom at earth.li
Fri Mar 15 23:33:55 UTC 2013
On Tue, Mar 12, 2013 at 01:07:37PM +0100, Thijs Kinkhorst wrote:
> On Mon, March 11, 2013 21:47, Niko Tyni wrote:
> > Cc'ing the security team. Once we have a fix, I suppose we'll need to
> > fix libapache2-mod-perl2 via stable-security?
>
> Yes please.
Hi security team,
Forgot to include you in my last update, but: there is a working fix
now in git
http://anonscm.debian.org/gitweb/?p=pkg-perl/packages/libapache2-mod-perl2.git;a=shortlog;h=refs/heads/squeeze
You can see some dialogue about the correctness of the patches in the
bug log.
May I upload this to squeeze-security?
Cheers,
Dominic.
--
Dominic Hargreaves | http://www.larted.org.uk/~dom/
PGP key 5178E2A5 from the.earth.li (keyserver,web,email)
More information about the pkg-perl-maintainers
mailing list