LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: November 21st, 2014
Linux Security Week: November 17th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Mandriva: 2010:237: perl-CGI Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Mandrake A new version of the CGI Perl module has been released to CPAN, which fixes several security bugs which directly affect Bugzilla (these two security bugs where first discovered as affecting Bugzilla, then identified as being bugs in CGI.pm itself). [More...]
 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2010:237
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : perl-CGI
 Date    : November 16, 2010
 Affected: 2009.0, 2010.0, 2010.1, Corporate 4.0, Enterprise Server 5.0
 _______________________________________________________________________

 Problem Description:

 A new version of the CGI Perl module has been released to CPAN,
 which fixes several security bugs which directly affect Bugzilla
 (these two security bugs where first discovered as affecting Bugzilla,
 then identified as being bugs in CGI.pm itself).
 
 Packages for 2009.0 are provided as of the Extended Maintenance
 Program. Please visit this link to learn more:
 http://store.mandriva.com/product_info.php?cPath=149&products_id=490
 
 The updated packages have been upgraded to perl-CGI 3.50 to solve
 these security issues.
 _______________________________________________________________________

 References:

 http://www.bugzilla.org/security/3.2.8/
 http://www.nntp.perl.org/group/perl.perl5.changes/2010/11/msg28043.html
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2009.0:
 54cece3ad5ca0d9a605acb06b4712dbe  2009.0/i586/perl-CGI-3.50-0.1mdv2009.0.noarch.rpm
 b1973045ea14cf9a8b1dc83ac8a4fde6  2009.0/i586/perl-CGI-Fast-3.50-0.1mdv2009.0.noarch.rpm 
 62127170b0a14878ce3abbe005cab32a  2009.0/SRPMS/perl-CGI-3.50-0.1mdv2009.0.src.rpm

 Mandriva Linux 2009.0/X86_64:
 2037517b54e8d66f0723def93e517a98  2009.0/x86_64/perl-CGI-3.50-0.1mdv2009.0.noarch.rpm
 6d973b61b591423cc5a6cefc45e79246  2009.0/x86_64/perl-CGI-Fast-3.50-0.1mdv2009.0.noarch.rpm 
 62127170b0a14878ce3abbe005cab32a  2009.0/SRPMS/perl-CGI-3.50-0.1mdv2009.0.src.rpm

 Mandriva Linux 2010.0:
 9ce05f7633402cb6a4034c6904b2b1c8  2010.0/i586/perl-CGI-3.500.0-0.1mdv2010.0.noarch.rpm
 89d297ceeceaec673712990953d69c55  2010.0/i586/perl-CGI-Fast-3.500.0-0.1mdv2010.0.noarch.rpm 
 cf30d84a555bb43eec281632224fdebc  2010.0/SRPMS/perl-CGI-3.500.0-0.1mdv2010.0.src.rpm

 Mandriva Linux 2010.0/X86_64:
 49ed79c77ef68d48764265f25e628720  2010.0/x86_64/perl-CGI-3.500.0-0.1mdv2010.0.noarch.rpm
 df6034c9f43698c09e2c39b7f74b97c7  2010.0/x86_64/perl-CGI-Fast-3.500.0-0.1mdv2010.0.noarch.rpm 
 cf30d84a555bb43eec281632224fdebc  2010.0/SRPMS/perl-CGI-3.500.0-0.1mdv2010.0.src.rpm

 Mandriva Linux 2010.1:
 aa106446efb83bb806133032ee27d8ed  2010.1/i586/perl-CGI-3.500.0-0.1mdv2010.1.noarch.rpm
 1cfde3769b9b04fc9c80eac20c8d52db  2010.1/i586/perl-CGI-Fast-3.500.0-0.1mdv2010.1.noarch.rpm 
 687a844f7fc927d1c00c963d4339b2fe  2010.1/SRPMS/perl-CGI-3.500.0-0.1mdv2010.1.src.rpm

 Mandriva Linux 2010.1/X86_64:
 b12af6b51121538c51243fd9dcd24262  2010.1/x86_64/perl-CGI-3.500.0-0.1mdv2010.1.noarch.rpm
 8638143729dea17fc546677d1e9ebae0  2010.1/x86_64/perl-CGI-Fast-3.500.0-0.1mdv2010.1.noarch.rpm 
 687a844f7fc927d1c00c963d4339b2fe  2010.1/SRPMS/perl-CGI-3.500.0-0.1mdv2010.1.src.rpm

 Corporate 4.0:
 56b0deb154ab35a724a8b7d3f6c95fac  corporate/4.0/i586/perl-CGI-3.50-0.1.20060mlcs4.noarch.rpm
 ff3f4ac61aa4586b956d328a923cc179  corporate/4.0/i586/perl-CGI-Fast-3.50-0.1.20060mlcs4.noarch.rpm 
 ba49f7da52a13223ac83910dd849f794  corporate/4.0/SRPMS/perl-CGI-3.50-0.1.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 50945ecb0af6e4a8c60a8440f75603ee  corporate/4.0/x86_64/perl-CGI-3.50-0.1.20060mlcs4.noarch.rpm
 0c778aebfef45e4387b43b83769e61a3  corporate/4.0/x86_64/perl-CGI-Fast-3.50-0.1.20060mlcs4.noarch.rpm 
 ba49f7da52a13223ac83910dd849f794  corporate/4.0/SRPMS/perl-CGI-3.50-0.1.20060mlcs4.src.rpm

 Mandriva Enterprise Server 5:
 a2a125c0033735e3ca343f2fae5fa963  mes5/i586/perl-CGI-3.50-0.1mdvmes5.1.noarch.rpm
 83befd3d04dbb1cbfe7f2cc80ac2ab68  mes5/i586/perl-CGI-Fast-3.50-0.1mdvmes5.1.noarch.rpm 
 68570870b628412f0c5597b5dca0dc7c  mes5/SRPMS/perl-CGI-3.50-0.1mdvmes5.1.src.rpm

 Mandriva Enterprise Server 5/X86_64:
 b3529e11d2034fc58fa661824d89bda0  mes5/x86_64/perl-CGI-3.50-0.1mdvmes5.1.noarch.rpm
 31b335a4ff312e234cf74775d0025826  mes5/x86_64/perl-CGI-Fast-3.50-0.1mdvmes5.1.noarch.rpm 
 68570870b628412f0c5597b5dca0dc7c  mes5/SRPMS/perl-CGI-3.50-0.1mdvmes5.1.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Weekend Edition
Google Releases Open Source Tool for Testing Web App Security Scanners
Most Targeted Attacks Exploit Privileged Accounts
NotCompable sets new standards for mobile botnet sophistication
Hands on with Caine Linux: Pentesting and UEFI compatible
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.