Control: tags -1 + confirmed On Thu, 2020-10-29 at 07:43 +0100, Xavier Guimard wrote: > libdbi-perl is still vulnerable to CVE-2014-10401: DBD::File drivers > can open files from folders other than those specifically passed via > the f_dir attribute.
+ * lib/DBD/File.pm: fix CVE-2014-10401 (Closes: #972180) That bug report claims to be related to CVE-2014-1040*2*, which is the result of an incomplete initial fix for CVE-2014-10401. That seems worth clarifying, but in any case please go ahead. Regards, Adam