tag 606370 + patch tag 606995 + patch thanks On Mon, 27 Dec 2010 16:23:40 +0200, Niko Tyni wrote:
> > > > > http://security-tracker.debian.org/tracker/CVE-2010-2761 > > > > > http://security-tracker.debian.org/tracker/CVE-2010-4410 > > > > > http://security-tracker.debian.org/tracker/CVE-2010-4411 > > > > I'm not quite sure yet what CVE-2010-4411 refers to. It seems that the > > > > fix for CVE-2010-2761 was not complete, but it is not a different, new > > > > issue? > > > > https://github.com/markstos/CGI.pm/commit/77b3b2056c003edee034a2a890212edab800900d Thanks for digging this out; I was looking a few times and never understood CVE-2010-4411 ... > Assuming this is the case, I'm attaching preliminary patches for Thanks! > I haven't looked at libcgi-simple-perl at all. I think Damyan has started to look at it. Cheers, gregor -- .''`. http://info.comodo.priv.at/ -- GPG key IDs: 0x8649AA06, 0x00F3CFE4 : :' : Debian GNU/Linux user, admin, & developer - http://www.debian.org/ `. `' Member of VIBE!AT & SPI, fellow of Free Software Foundation Europe `- NP: Beatles
signature.asc
Description: Digital signature