[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1PIPdQ-0003uY-Pd@titan.mandriva.com>
Date: Tue, 16 Nov 2010 18:48:00 +0100
From: security@...driva.com
To: bugtraq@...urityfocus.com
Subject: [ MDVSA-2010:237 ] perl-CGI
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2010:237
http://www.mandriva.com/security/
_______________________________________________________________________
Package : perl-CGI
Date : November 16, 2010
Affected: 2009.0, 2010.0, 2010.1, Corporate 4.0, Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
A new version of the CGI Perl module has been released to CPAN,
which fixes several security bugs which directly affect Bugzilla
(these two security bugs where first discovered as affecting Bugzilla,
then identified as being bugs in CGI.pm itself).
Packages for 2009.0 are provided as of the Extended Maintenance
Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490
The updated packages have been upgraded to perl-CGI 3.50 to solve
these security issues.
_______________________________________________________________________
References:
http://www.bugzilla.org/security/3.2.8/
http://www.nntp.perl.org/group/perl.perl5.changes/2010/11/msg28043.html
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2009.0:
54cece3ad5ca0d9a605acb06b4712dbe 2009.0/i586/perl-CGI-3.50-0.1mdv2009.0.noarch.rpm
b1973045ea14cf9a8b1dc83ac8a4fde6 2009.0/i586/perl-CGI-Fast-3.50-0.1mdv2009.0.noarch.rpm
62127170b0a14878ce3abbe005cab32a 2009.0/SRPMS/perl-CGI-3.50-0.1mdv2009.0.src.rpm
Mandriva Linux 2009.0/X86_64:
2037517b54e8d66f0723def93e517a98 2009.0/x86_64/perl-CGI-3.50-0.1mdv2009.0.noarch.rpm
6d973b61b591423cc5a6cefc45e79246 2009.0/x86_64/perl-CGI-Fast-3.50-0.1mdv2009.0.noarch.rpm
62127170b0a14878ce3abbe005cab32a 2009.0/SRPMS/perl-CGI-3.50-0.1mdv2009.0.src.rpm
Mandriva Linux 2010.0:
9ce05f7633402cb6a4034c6904b2b1c8 2010.0/i586/perl-CGI-3.500.0-0.1mdv2010.0.noarch.rpm
89d297ceeceaec673712990953d69c55 2010.0/i586/perl-CGI-Fast-3.500.0-0.1mdv2010.0.noarch.rpm
cf30d84a555bb43eec281632224fdebc 2010.0/SRPMS/perl-CGI-3.500.0-0.1mdv2010.0.src.rpm
Mandriva Linux 2010.0/X86_64:
49ed79c77ef68d48764265f25e628720 2010.0/x86_64/perl-CGI-3.500.0-0.1mdv2010.0.noarch.rpm
df6034c9f43698c09e2c39b7f74b97c7 2010.0/x86_64/perl-CGI-Fast-3.500.0-0.1mdv2010.0.noarch.rpm
cf30d84a555bb43eec281632224fdebc 2010.0/SRPMS/perl-CGI-3.500.0-0.1mdv2010.0.src.rpm
Mandriva Linux 2010.1:
aa106446efb83bb806133032ee27d8ed 2010.1/i586/perl-CGI-3.500.0-0.1mdv2010.1.noarch.rpm
1cfde3769b9b04fc9c80eac20c8d52db 2010.1/i586/perl-CGI-Fast-3.500.0-0.1mdv2010.1.noarch.rpm
687a844f7fc927d1c00c963d4339b2fe 2010.1/SRPMS/perl-CGI-3.500.0-0.1mdv2010.1.src.rpm
Mandriva Linux 2010.1/X86_64:
b12af6b51121538c51243fd9dcd24262 2010.1/x86_64/perl-CGI-3.500.0-0.1mdv2010.1.noarch.rpm
8638143729dea17fc546677d1e9ebae0 2010.1/x86_64/perl-CGI-Fast-3.500.0-0.1mdv2010.1.noarch.rpm
687a844f7fc927d1c00c963d4339b2fe 2010.1/SRPMS/perl-CGI-3.500.0-0.1mdv2010.1.src.rpm
Corporate 4.0:
56b0deb154ab35a724a8b7d3f6c95fac corporate/4.0/i586/perl-CGI-3.50-0.1.20060mlcs4.noarch.rpm
ff3f4ac61aa4586b956d328a923cc179 corporate/4.0/i586/perl-CGI-Fast-3.50-0.1.20060mlcs4.noarch.rpm
ba49f7da52a13223ac83910dd849f794 corporate/4.0/SRPMS/perl-CGI-3.50-0.1.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
50945ecb0af6e4a8c60a8440f75603ee corporate/4.0/x86_64/perl-CGI-3.50-0.1.20060mlcs4.noarch.rpm
0c778aebfef45e4387b43b83769e61a3 corporate/4.0/x86_64/perl-CGI-Fast-3.50-0.1.20060mlcs4.noarch.rpm
ba49f7da52a13223ac83910dd849f794 corporate/4.0/SRPMS/perl-CGI-3.50-0.1.20060mlcs4.src.rpm
Mandriva Enterprise Server 5:
a2a125c0033735e3ca343f2fae5fa963 mes5/i586/perl-CGI-3.50-0.1mdvmes5.1.noarch.rpm
83befd3d04dbb1cbfe7f2cc80ac2ab68 mes5/i586/perl-CGI-Fast-3.50-0.1mdvmes5.1.noarch.rpm
68570870b628412f0c5597b5dca0dc7c mes5/SRPMS/perl-CGI-3.50-0.1mdvmes5.1.src.rpm
Mandriva Enterprise Server 5/X86_64:
b3529e11d2034fc58fa661824d89bda0 mes5/x86_64/perl-CGI-3.50-0.1mdvmes5.1.noarch.rpm
31b335a4ff312e234cf74775d0025826 mes5/x86_64/perl-CGI-Fast-3.50-0.1mdvmes5.1.noarch.rpm
68570870b628412f0c5597b5dca0dc7c mes5/SRPMS/perl-CGI-3.50-0.1mdvmes5.1.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFM4pNpmqjQ0CJFipgRAmtrAKCTIC+iX+1dOrrpyEyhICQgIsUlSgCglsGg
+63HCTLteKPvspFlPbqx2Lk=
=RIbC
-----END PGP SIGNATURE-----
Powered by blists - more mailing lists