Bug#702914: libnet-server-perl: CVE-2013-1841: Improper reverse DNS matching check for the given hostname

Petter Reinholdtsen pere at hungry.com
Thu May 28 10:43:37 BST 2020


Control: found -1 2.007-1

As far as I can tell from the rt.cpan.org tracking site, this issue
was present in version 2.007.  Since then a new version 2.008 and 2.009
has been released.  Anyone know if the issue was fixed in any of those?

The upstream revision log state this:

2.009  Aug 09 2017
        - Several long awaited fixes
        - Log when a child exits abnormally. RT #86815
        - Added delete-child hook
        - Add cleanup_dead_child_hook to PreFork server
        - Removed stray warn
        - Use File::Temp instead of POSIX::tmpnam
        - UNIX read_until to allow for SSL under unix sockets

2.008  May 12 2014
        - Long awaited patch for the IO::Socket::SSL default verify mode bug
        - Add Time::HiRes as a dep
        - Update to new github hosted repository with all legacy code imported
        - Beginnings of change to dzil based releases
        - There are several dozen outstanding bugs that will be addressed in
          the next release

-- 
Happy hacking
Petter Reinholdtsen



More information about the pkg-perl-maintainers mailing list