---------------------------------------------------------------------Fedora Update Notification
FEDORA-2007-576
2007-06-11
---------------------------------------------------------------------Product     : Fedora Core 5
Name        : mod_perl
Version     : 2.0.2
Release     : 5.2.fc5
Summary     : An embedded Perl interpreter for the Apache Web server
Description :
Mod_perl incorporates a Perl interpreter into the Apache web server,
so that the Apache web server can directly execute Perl code.
Mod_perl links the Perl runtime library into the Apache web server and
provides an object-oriented Perl interface for Apache's C language
API.  The end result is a quicker CGI script turnaround process, since
no external Perl interpreter has to be started.

Install mod_perl if you're installing the Apache web server and you'd
like for it to directly incorporate a Perl interpreter.

---------------------------------------------------------------------Update Information:

This update fixes a security issue in mod_perl.

An issue was found in the "namespace_from_uri" method of the
ModPerl::RegistryCooker class. If a server implemented a
mod_perl registry module using this method, a remote
attacker requesting a carefully crafted URI can cause
resource consumption, which could lead to a denial of
service. (CVE-2007-1349)
---------------------------------------------------------------------* Fri Jun  8 2007 Joe Orton  2.0.2-5.2.fc5
- add security fix for CVE-2007-1349
- drop perl(warnings) provide (#228429) 
- drop perl(HTTP::Request::Common) provide

---------------------------------------------------------------------This update can be downloaded from:
    
1b92c1ea6bd0f91f41ec010ecb55804c551afd74  SRPMS/mod_perl-2.0.2-5.2.fc5.src.rpm
1b92c1ea6bd0f91f41ec010ecb55804c551afd74  noarch/mod_perl-2.0.2-5.2.fc5.src.rpm
c29bde551de3e22168d7ec13270632980ab35db7  ppc/debug/mod_perl-debuginfo-2.0.2-5.2.fc5.ppc.rpm
f66643fd198d576dec55ed72617b019a171ab1f6  ppc/mod_perl-devel-2.0.2-5.2.fc5.ppc.rpm
56dba75ca6a4f68116c9803e21996b7e3c7e4a9a  ppc/mod_perl-2.0.2-5.2.fc5.ppc.rpm
9bf9a6e3ee0e700da174cca618e30ac84b5ec4e2  x86_64/mod_perl-devel-2.0.2-5.2.fc5.x86_64.rpm
b3ab3711356698f8aa9d626c25f78edbe0d3190a  x86_64/mod_perl-2.0.2-5.2.fc5.x86_64.rpm
b3801f05e3ec4e061b5ac70ecf958fbdfd61fbeb  x86_64/debug/mod_perl-debuginfo-2.0.2-5.2.fc5.x86_64.rpm
d59cb0f72b48b7e5a28e4ad4d6d7469aed05d12c  i386/mod_perl-devel-2.0.2-5.2.fc5.i386.rpm
4fd5523eee7cfea55321c6630be82e9bce971b88  i386/debug/mod_perl-debuginfo-2.0.2-5.2.fc5.i386.rpm
d41ac0744c6a69d7266accd3a6336d9861bebd4b  i386/mod_perl-2.0.2-5.2.fc5.i386.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at .
---------------------------------------------------------------------_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce

Fedora Core 5 Update: mod_perl-2.0.2-5.2.fc5

June 11, 2007
This update fixes a security issue in mod_perl. An issue was found in the "namespace_from_uri" method of the ModPerl::RegistryCooker class

Summary

Mod_perl incorporates a Perl interpreter into the Apache web server,

so that the Apache web server can directly execute Perl code.

Mod_perl links the Perl runtime library into the Apache web server and

provides an object-oriented Perl interface for Apache's C language

API. The end result is a quicker CGI script turnaround process, since

no external Perl interpreter has to be started.

Install mod_perl if you're installing the Apache web server and you'd

like for it to directly incorporate a Perl interpreter.

This update fixes a security issue in mod_perl.

An issue was found in the "namespace_from_uri" method of the

ModPerl::RegistryCooker class. If a server implemented a

mod_perl registry module using this method, a remote

attacker requesting a carefully crafted URI can cause

resource consumption, which could lead to a denial of

service. (CVE-2007-1349)

- add security fix for CVE-2007-1349

- drop perl(warnings) provide (#228429)

- drop perl(HTTP::Request::Common) provide

1b92c1ea6bd0f91f41ec010ecb55804c551afd74 SRPMS/mod_perl-2.0.2-5.2.fc5.src.rpm

1b92c1ea6bd0f91f41ec010ecb55804c551afd74 noarch/mod_perl-2.0.2-5.2.fc5.src.rpm

c29bde551de3e22168d7ec13270632980ab35db7 ppc/debug/mod_perl-debuginfo-2.0.2-5.2.fc5.ppc.rpm

f66643fd198d576dec55ed72617b019a171ab1f6 ppc/mod_perl-devel-2.0.2-5.2.fc5.ppc.rpm

56dba75ca6a4f68116c9803e21996b7e3c7e4a9a ppc/mod_perl-2.0.2-5.2.fc5.ppc.rpm

9bf9a6e3ee0e700da174cca618e30ac84b5ec4e2 x86_64/mod_perl-devel-2.0.2-5.2.fc5.x86_64.rpm

b3ab3711356698f8aa9d626c25f78edbe0d3190a x86_64/mod_perl-2.0.2-5.2.fc5.x86_64.rpm

b3801f05e3ec4e061b5ac70ecf958fbdfd61fbeb x86_64/debug/mod_perl-debuginfo-2.0.2-5.2.fc5.x86_64.rpm

d59cb0f72b48b7e5a28e4ad4d6d7469aed05d12c i386/mod_perl-devel-2.0.2-5.2.fc5.i386.rpm

4fd5523eee7cfea55321c6630be82e9bce971b88 i386/debug/mod_perl-debuginfo-2.0.2-5.2.fc5.i386.rpm

d41ac0744c6a69d7266accd3a6336d9861bebd4b i386/mod_perl-2.0.2-5.2.fc5.i386.rpm

This update can be installed with the 'yum' update program. Use 'yum update

package-name' at the command line. For more information, refer to 'Managing

Software with yum,' available at .

Fedora-package-announce mailing list

Fedora-package-announce@redhat.com

http://www.redhat.com/mailman/listinfo/fedora-package-announce

FEDORA-2007-576 2007-06-11 Name : mod_perl Version : 2.0.2 Release : 5.2.fc5 Summary : An embedded Perl interpreter for the Apache Web server Description : Mod_perl incorporates a Perl interpreter into the Apache web server, so that the Apache web server can directly execute Perl code. Mod_perl links the Perl runtime library into the Apache web server and provides an object-oriented Perl interface for Apache's C language API. The end result is a quicker CGI script turnaround process, since no external Perl interpreter has to be started. Install mod_perl if you're installing the Apache web server and you'd like for it to directly incorporate a Perl interpreter. This update fixes a security issue in mod_perl. An issue was found in the "namespace_from_uri" method of the ModPerl::RegistryCooker class. If a server implemented a mod_perl registry module using this method, a remote attacker requesting a carefully crafted URI can cause resource consumption, which could lead to a denial of service. (CVE-2007-1349) - add security fix for CVE-2007-1349 - drop perl(warnings) provide (#228429) - drop perl(HTTP::Request::Common) provide 1b92c1ea6bd0f91f41ec010ecb55804c551afd74 SRPMS/mod_perl-2.0.2-5.2.fc5.src.rpm 1b92c1ea6bd0f91f41ec010ecb55804c551afd74 noarch/mod_perl-2.0.2-5.2.fc5.src.rpm c29bde551de3e22168d7ec13270632980ab35db7 ppc/debug/mod_perl-debuginfo-2.0.2-5.2.fc5.ppc.rpm f66643fd198d576dec55ed72617b019a171ab1f6 ppc/mod_perl-devel-2.0.2-5.2.fc5.ppc.rpm 56dba75ca6a4f68116c9803e21996b7e3c7e4a9a ppc/mod_perl-2.0.2-5.2.fc5.ppc.rpm 9bf9a6e3ee0e700da174cca618e30ac84b5ec4e2 x86_64/mod_perl-devel-2.0.2-5.2.fc5.x86_64.rpm b3ab3711356698f8aa9d626c25f78edbe0d3190a x86_64/mod_perl-2.0.2-5.2.fc5.x86_64.rpm b3801f05e3ec4e061b5ac70ecf958fbdfd61fbeb x86_64/debug/mod_perl-debuginfo-2.0.2-5.2.fc5.x86_64.rpm d59cb0f72b48b7e5a28e4ad4d6d7469aed05d12c i386/mod_perl-devel-2.0.2-5.2.fc5.i386.rpm 4fd5523eee7cfea55321c6630be82e9bce971b88 i386/debug/mod_perl-debuginfo-2.0.2-5.2.fc5.i386.rpm d41ac0744c6a69d7266accd3a6336d9861bebd4b i386/mod_perl-2.0.2-5.2.fc5.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at . Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce

Change Log

References

Update Instructions

Severity
Name : mod_perl
Version : 2.0.2
Release : 5.2.fc5
Summary : An embedded Perl interpreter for the Apache Web server

Related News

19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved