Summary: | <perl-core/CGI-3.510: HTTP header injection and response splitting (CVE-2010-4411) | ||||||
---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | Paweł Hajdan, Jr. (RETIRED) <phajdan.jr> | ||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | minor | CC: | axiator | ||||
Priority: | High | ||||||
Version: | unspecified | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
URL: | http://openwall.com/lists/oss-security/2010/12/01/3 | ||||||
Whiteboard: | B4 [noglsa] | ||||||
Package list: | Runtime testing required: | --- | |||||
Attachments: |
|
Description
Paweł Hajdan, Jr. (RETIRED)
2011-01-14 21:19:39 UTC
Note: I'm not sure about the Gentoo package name, it might be dev-perl/Cgi-Simple :-/ Fixed in =dev-lang/perl-5.12.2-r6 =virtual/perl-CGI-3.510 =perl-core/CGI-3.510 (In reply to comment #2) > =dev-lang/perl-5.12.2-r6 > =virtual/perl-CGI-3.510 > =perl-core/CGI-3.510 Arches, please test and stabilize the above. ppc/ppc64 stable Created attachment 259925 [details] Build log On amd64 is ok, but i see: /usr/share/man/man1/pl2pm.1 /usr/share/man/man1/prove.1 /usr/share/man/man1/ptar.1 /usr/share/man/man1/ptardiff.1 no documentation in utils/cpanp-run-perl /usr/share/man/man1/cpanp.1 /usr/share/man/man1/cpan2dist.1 and installhtml: ./pod/perlhack.pod: cannot resolve L<writemain> in paragraph 125. installhtml: ./pod/perlhack.pod: cannot resolve L<Test Anything Protocol|TAP> in paragraph 455. /usr/share/man/man1/cpanp-run-perl.1 does not exist! >>> Completed installing perl-5.12.2-r6 into /tmp/portage/dev-lang/perl-5.12.2-r6/image/ What about this? amd64 done I couldn't reproduce the warnings but they don't seem serious anyway Tested on x86, all good here. (In reply to comment #7) > Tested on x86, all good here. > +1 stable x86, thanks David and Agostino Stable for HPPA. alpha/arm/ia64/m68k/s390/sh/sparc stable Thanks, everyone. GLSA Vote: yes. Thanks tove! GLSA vote: NO. GLSA vote: NO, closing [noglsa]. |