---------------------------------------------------------------------Fedora Update Notification
FEDORA-2007-577
2007-06-11
---------------------------------------------------------------------Product     : Fedora Core 6
Name        : mod_perl
Version     : 2.0.2
Release     : 6.2.fc6
Summary     : An embedded Perl interpreter for the Apache Web server
Description :
Mod_perl incorporates a Perl interpreter into the Apache web server,
so that the Apache web server can directly execute Perl code.
Mod_perl links the Perl runtime library into the Apache web server and
provides an object-oriented Perl interface for Apache's C language
API.  The end result is a quicker CGI script turnaround process, since
no external Perl interpreter has to be started.

Install mod_perl if you're installing the Apache web server and you'd
like for it to directly incorporate a Perl interpreter.

---------------------------------------------------------------------Update Information:

This update fixes a security issue in mod_perl.

An issue was found in the "namespace_from_uri" method of the
ModPerl::RegistryCooker class. If a server implemented a
mod_perl registry module using this method, a remote
attacker requesting a carefully crafted URI can cause
resource consumption, which could lead to a denial of
service. (CVE-2007-1349)
---------------------------------------------------------------------* Fri Jun  8 2007 Joe Orton  2.0.2-6.2.fc6
- add security fix for CVE-2007-1349
- drop perl(warnings) provide (#228429) 
- drop perl(HTTP::Request::Common) provide

---------------------------------------------------------------------This update can be downloaded from:
    
726732fb01a6655909531d653ec3cadf2ae91ff3  SRPMS/mod_perl-2.0.2-6.2.fc6.src.rpm
726732fb01a6655909531d653ec3cadf2ae91ff3  noarch/mod_perl-2.0.2-6.2.fc6.src.rpm
8ba00317fe32992136092a2a03539b7acb918fdd  ppc/debug/mod_perl-debuginfo-2.0.2-6.2.fc6.ppc.rpm
e9fc6775d76b455913d57154cb96b0d26cc7607a  ppc/mod_perl-devel-2.0.2-6.2.fc6.ppc.rpm
d8a81079b6728b5c287e2769e2cf12b66747354b  ppc/mod_perl-2.0.2-6.2.fc6.ppc.rpm
381912d7bfbe8256291b9991e1c138bef58eda54  x86_64/debug/mod_perl-debuginfo-2.0.2-6.2.fc6.x86_64.rpm
0442e64862ab200033d864faecc941db5361c069  x86_64/mod_perl-devel-2.0.2-6.2.fc6.x86_64.rpm
4bb05ea6885ef3b2f7788519194e2683578cb684  x86_64/mod_perl-2.0.2-6.2.fc6.x86_64.rpm
d5a9e1eb6535d36e60cc2880417ec5e00ea55b6c  i386/mod_perl-2.0.2-6.2.fc6.i386.rpm
3144ff4ecc48d2c83ec2e95fff3b3c245ccd53c0  i386/mod_perl-devel-2.0.2-6.2.fc6.i386.rpm
f59ed6e434be1ff6c5c081fa41f7f2ce92a383ca  i386/debug/mod_perl-debuginfo-2.0.2-6.2.fc6.i386.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at .
---------------------------------------------------------------------_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce

Fedora Core 6 Update: mod_perl-2.0.2-6.2.fc6

June 11, 2007
This update fixes a security issue in mod_perl. An issue was found in the "namespace_from_uri" method of the ModPerl::RegistryCooker class

Summary

Mod_perl incorporates a Perl interpreter into the Apache web server,

so that the Apache web server can directly execute Perl code.

Mod_perl links the Perl runtime library into the Apache web server and

provides an object-oriented Perl interface for Apache's C language

API. The end result is a quicker CGI script turnaround process, since

no external Perl interpreter has to be started.

Install mod_perl if you're installing the Apache web server and you'd

like for it to directly incorporate a Perl interpreter.

This update fixes a security issue in mod_perl.

An issue was found in the "namespace_from_uri" method of the

ModPerl::RegistryCooker class. If a server implemented a

mod_perl registry module using this method, a remote

attacker requesting a carefully crafted URI can cause

resource consumption, which could lead to a denial of

service. (CVE-2007-1349)

- add security fix for CVE-2007-1349

- drop perl(warnings) provide (#228429)

- drop perl(HTTP::Request::Common) provide

726732fb01a6655909531d653ec3cadf2ae91ff3 SRPMS/mod_perl-2.0.2-6.2.fc6.src.rpm

726732fb01a6655909531d653ec3cadf2ae91ff3 noarch/mod_perl-2.0.2-6.2.fc6.src.rpm

8ba00317fe32992136092a2a03539b7acb918fdd ppc/debug/mod_perl-debuginfo-2.0.2-6.2.fc6.ppc.rpm

e9fc6775d76b455913d57154cb96b0d26cc7607a ppc/mod_perl-devel-2.0.2-6.2.fc6.ppc.rpm

d8a81079b6728b5c287e2769e2cf12b66747354b ppc/mod_perl-2.0.2-6.2.fc6.ppc.rpm

381912d7bfbe8256291b9991e1c138bef58eda54 x86_64/debug/mod_perl-debuginfo-2.0.2-6.2.fc6.x86_64.rpm

0442e64862ab200033d864faecc941db5361c069 x86_64/mod_perl-devel-2.0.2-6.2.fc6.x86_64.rpm

4bb05ea6885ef3b2f7788519194e2683578cb684 x86_64/mod_perl-2.0.2-6.2.fc6.x86_64.rpm

d5a9e1eb6535d36e60cc2880417ec5e00ea55b6c i386/mod_perl-2.0.2-6.2.fc6.i386.rpm

3144ff4ecc48d2c83ec2e95fff3b3c245ccd53c0 i386/mod_perl-devel-2.0.2-6.2.fc6.i386.rpm

f59ed6e434be1ff6c5c081fa41f7f2ce92a383ca i386/debug/mod_perl-debuginfo-2.0.2-6.2.fc6.i386.rpm

This update can be installed with the 'yum' update program. Use 'yum update

package-name' at the command line. For more information, refer to 'Managing

Software with yum,' available at .

Fedora-package-announce mailing list

Fedora-package-announce@redhat.com

http://www.redhat.com/mailman/listinfo/fedora-package-announce

FEDORA-2007-577 2007-06-11 Name : mod_perl Version : 2.0.2 Release : 6.2.fc6 Summary : An embedded Perl interpreter for the Apache Web server Description : Mod_perl incorporates a Perl interpreter into the Apache web server, so that the Apache web server can directly execute Perl code. Mod_perl links the Perl runtime library into the Apache web server and provides an object-oriented Perl interface for Apache's C language API. The end result is a quicker CGI script turnaround process, since no external Perl interpreter has to be started. Install mod_perl if you're installing the Apache web server and you'd like for it to directly incorporate a Perl interpreter. This update fixes a security issue in mod_perl. An issue was found in the "namespace_from_uri" method of the ModPerl::RegistryCooker class. If a server implemented a mod_perl registry module using this method, a remote attacker requesting a carefully crafted URI can cause resource consumption, which could lead to a denial of service. (CVE-2007-1349) - add security fix for CVE-2007-1349 - drop perl(warnings) provide (#228429) - drop perl(HTTP::Request::Common) provide 726732fb01a6655909531d653ec3cadf2ae91ff3 SRPMS/mod_perl-2.0.2-6.2.fc6.src.rpm 726732fb01a6655909531d653ec3cadf2ae91ff3 noarch/mod_perl-2.0.2-6.2.fc6.src.rpm 8ba00317fe32992136092a2a03539b7acb918fdd ppc/debug/mod_perl-debuginfo-2.0.2-6.2.fc6.ppc.rpm e9fc6775d76b455913d57154cb96b0d26cc7607a ppc/mod_perl-devel-2.0.2-6.2.fc6.ppc.rpm d8a81079b6728b5c287e2769e2cf12b66747354b ppc/mod_perl-2.0.2-6.2.fc6.ppc.rpm 381912d7bfbe8256291b9991e1c138bef58eda54 x86_64/debug/mod_perl-debuginfo-2.0.2-6.2.fc6.x86_64.rpm 0442e64862ab200033d864faecc941db5361c069 x86_64/mod_perl-devel-2.0.2-6.2.fc6.x86_64.rpm 4bb05ea6885ef3b2f7788519194e2683578cb684 x86_64/mod_perl-2.0.2-6.2.fc6.x86_64.rpm d5a9e1eb6535d36e60cc2880417ec5e00ea55b6c i386/mod_perl-2.0.2-6.2.fc6.i386.rpm 3144ff4ecc48d2c83ec2e95fff3b3c245ccd53c0 i386/mod_perl-devel-2.0.2-6.2.fc6.i386.rpm f59ed6e434be1ff6c5c081fa41f7f2ce92a383ca i386/debug/mod_perl-debuginfo-2.0.2-6.2.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at . Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce

Change Log

References

Update Instructions

Severity
Name : mod_perl
Version : 2.0.2
Release : 6.2.fc6
Summary : An embedded Perl interpreter for the Apache Web server

Related News

4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved