---------------------------------------------------------------------
Fedora Legacy Test Update Notification
FEDORALEGACY-2006-178989
Bugzilla https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=178989
2006-02-20
---------------------------------------------------------------------

Name        : perl-DBI
Versions    : rh73: perl-DBI-1.21-1.1.legacy
Versions    : rh9: perl-DBI-1.32-5.1.legacy
Versions    : fc1: perl-DBI-1.37-1.1.legacy
Versions    : fc2: perl-DBI-1.40-4.1.legacy
Summary     : A database access API for Perl.
Description :
DBI is a database access Application Programming Interface (API) for
the Perl programming language. The DBI API specification defines a set
of functions, variables and conventions that provide a consistent
database interface independent of the actual database being used.

---------------------------------------------------------------------
Update Information:

An updated perl-DBI package that fixes a temporary file flaw in
DBI::ProxyServer is now available.

DBI is a database access Application Programming Interface (API) for
the Perl programming language.

The Debian Security Audit Project discovered that the DBI library
creates a temporary PID file in an insecure manner. A local user could
overwrite or create files as a different user who happens to run an
application which uses DBI::ProxyServer. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CVE-2005-0077 to
this issue.

Users should update to this erratum package which disables the temporary
PID file unless configured.

---------------------------------------------------------------------
Changelogs

rh73:
* Sat Feb 18 2006 Marc Deslauriers <[EMAIL PROTECTED]>
1.21-1.1.legacy
- Added fix for CVE-2005-0077

rh9:
* Sat Feb 18 2006 Marc Deslauriers <[EMAIL PROTECTED]>
1.32-5.1.legacy
- Added fix for CVE-2005-0077

fc1:
* Sat Feb 18 2006 Marc Deslauriers <[EMAIL PROTECTED]>
1.37-1.1.legacy
- Added fix for CVE-2005-0077

fc2:
* Sat Feb 18 2006 Marc Deslauriers <[EMAIL PROTECTED]>
1.40-4.1.legacy
- Added fix for CVE-2005-0077

---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedoralegacy.org/
(sha1sums)

rh73:
847cb03e61abf1bbb965b2fa6e7c0f812e7edde1
redhat/7.3/updates-testing/i386/perl-DBI-1.21-1.1.legacy.i386.rpm
7c0c13670d8da3620d6bdc0d24f96201ff3feee8
redhat/7.3/updates-testing/SRPMS/perl-DBI-1.21-1.1.legacy.src.rpm

rh9:
2e473b5822a019a10b7b9577f4de60933e75fecc
redhat/9/updates-testing/i386/perl-DBI-1.32-5.1.legacy.i386.rpm
19934b803bf33b0cc93466ae43e2ac14302ac0df
redhat/9/updates-testing/SRPMS/perl-DBI-1.32-5.1.legacy.src.rpm

fc1:
50a02fd2d68f47d35f76bc690281253bbdf9a486
fedora/1/updates-testing/i386/perl-DBI-1.37-1.1.legacy.i386.rpm
0018ffba083fd98b88a4bcec3383005ed32d5e6a
fedora/1/updates-testing/SRPMS/perl-DBI-1.37-1.1.legacy.src.rpm

fc2:
69a623c7db409341705bfc125b5fd6f0c056af7b
fedora/2/updates-testing/i386/perl-DBI-1.40-4.1.legacy.i386.rpm
4443111b0e9137bd1624183b9d209b2cada204dd
fedora/2/updates-testing/SRPMS/perl-DBI-1.40-4.1.legacy.src.rpm

---------------------------------------------------------------------

Please test and comment in bugzilla.

Attachment: signature.asc
Description: OpenPGP digital signature

--
fedora-legacy-list mailing list
fedora-legacy-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-legacy-list

Reply via email to