what you don't know can hurt you

Mandriva Linux Security Advisory 2010-237

Mandriva Linux Security Advisory 2010-237
Posted Nov 16, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-237 - A new version of the CGI Perl module has been released to CPAN, which fixes several security bugs which directly affect Bugzilla (these two security bugs where first discovered as affecting Bugzilla, then identified as being bugs in CGI.pm itself).

tags | advisory, cgi, perl
systems | linux, mandriva
MD5 | c9144de65fded8d1ac5fa221b6eed37c

Mandriva Linux Security Advisory 2010-237

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2010:237
http://www.mandriva.com/security/
_______________________________________________________________________

Package : perl-CGI
Date : November 16, 2010
Affected: 2009.0, 2010.0, 2010.1, Corporate 4.0, Enterprise Server 5.0
_______________________________________________________________________

Problem Description:

A new version of the CGI Perl module has been released to CPAN,
which fixes several security bugs which directly affect Bugzilla
(these two security bugs where first discovered as affecting Bugzilla,
then identified as being bugs in CGI.pm itself).

Packages for 2009.0 are provided as of the Extended Maintenance
Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490

The updated packages have been upgraded to perl-CGI 3.50 to solve
these security issues.
_______________________________________________________________________

References:

http://www.bugzilla.org/security/3.2.8/
http://www.nntp.perl.org/group/perl.perl5.changes/2010/11/msg28043.html
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2009.0:
54cece3ad5ca0d9a605acb06b4712dbe 2009.0/i586/perl-CGI-3.50-0.1mdv2009.0.noarch.rpm
b1973045ea14cf9a8b1dc83ac8a4fde6 2009.0/i586/perl-CGI-Fast-3.50-0.1mdv2009.0.noarch.rpm
62127170b0a14878ce3abbe005cab32a 2009.0/SRPMS/perl-CGI-3.50-0.1mdv2009.0.src.rpm

Mandriva Linux 2009.0/X86_64:
2037517b54e8d66f0723def93e517a98 2009.0/x86_64/perl-CGI-3.50-0.1mdv2009.0.noarch.rpm
6d973b61b591423cc5a6cefc45e79246 2009.0/x86_64/perl-CGI-Fast-3.50-0.1mdv2009.0.noarch.rpm
62127170b0a14878ce3abbe005cab32a 2009.0/SRPMS/perl-CGI-3.50-0.1mdv2009.0.src.rpm

Mandriva Linux 2010.0:
9ce05f7633402cb6a4034c6904b2b1c8 2010.0/i586/perl-CGI-3.500.0-0.1mdv2010.0.noarch.rpm
89d297ceeceaec673712990953d69c55 2010.0/i586/perl-CGI-Fast-3.500.0-0.1mdv2010.0.noarch.rpm
cf30d84a555bb43eec281632224fdebc 2010.0/SRPMS/perl-CGI-3.500.0-0.1mdv2010.0.src.rpm

Mandriva Linux 2010.0/X86_64:
49ed79c77ef68d48764265f25e628720 2010.0/x86_64/perl-CGI-3.500.0-0.1mdv2010.0.noarch.rpm
df6034c9f43698c09e2c39b7f74b97c7 2010.0/x86_64/perl-CGI-Fast-3.500.0-0.1mdv2010.0.noarch.rpm
cf30d84a555bb43eec281632224fdebc 2010.0/SRPMS/perl-CGI-3.500.0-0.1mdv2010.0.src.rpm

Mandriva Linux 2010.1:
aa106446efb83bb806133032ee27d8ed 2010.1/i586/perl-CGI-3.500.0-0.1mdv2010.1.noarch.rpm
1cfde3769b9b04fc9c80eac20c8d52db 2010.1/i586/perl-CGI-Fast-3.500.0-0.1mdv2010.1.noarch.rpm
687a844f7fc927d1c00c963d4339b2fe 2010.1/SRPMS/perl-CGI-3.500.0-0.1mdv2010.1.src.rpm

Mandriva Linux 2010.1/X86_64:
b12af6b51121538c51243fd9dcd24262 2010.1/x86_64/perl-CGI-3.500.0-0.1mdv2010.1.noarch.rpm
8638143729dea17fc546677d1e9ebae0 2010.1/x86_64/perl-CGI-Fast-3.500.0-0.1mdv2010.1.noarch.rpm
687a844f7fc927d1c00c963d4339b2fe 2010.1/SRPMS/perl-CGI-3.500.0-0.1mdv2010.1.src.rpm

Corporate 4.0:
56b0deb154ab35a724a8b7d3f6c95fac corporate/4.0/i586/perl-CGI-3.50-0.1.20060mlcs4.noarch.rpm
ff3f4ac61aa4586b956d328a923cc179 corporate/4.0/i586/perl-CGI-Fast-3.50-0.1.20060mlcs4.noarch.rpm
ba49f7da52a13223ac83910dd849f794 corporate/4.0/SRPMS/perl-CGI-3.50-0.1.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
50945ecb0af6e4a8c60a8440f75603ee corporate/4.0/x86_64/perl-CGI-3.50-0.1.20060mlcs4.noarch.rpm
0c778aebfef45e4387b43b83769e61a3 corporate/4.0/x86_64/perl-CGI-Fast-3.50-0.1.20060mlcs4.noarch.rpm
ba49f7da52a13223ac83910dd849f794 corporate/4.0/SRPMS/perl-CGI-3.50-0.1.20060mlcs4.src.rpm

Mandriva Enterprise Server 5:
a2a125c0033735e3ca343f2fae5fa963 mes5/i586/perl-CGI-3.50-0.1mdvmes5.1.noarch.rpm
83befd3d04dbb1cbfe7f2cc80ac2ab68 mes5/i586/perl-CGI-Fast-3.50-0.1mdvmes5.1.noarch.rpm
68570870b628412f0c5597b5dca0dc7c mes5/SRPMS/perl-CGI-3.50-0.1mdvmes5.1.src.rpm

Mandriva Enterprise Server 5/X86_64:
b3529e11d2034fc58fa661824d89bda0 mes5/x86_64/perl-CGI-3.50-0.1mdvmes5.1.noarch.rpm
31b335a4ff312e234cf74775d0025826 mes5/x86_64/perl-CGI-Fast-3.50-0.1mdvmes5.1.noarch.rpm
68570870b628412f0c5597b5dca0dc7c mes5/SRPMS/perl-CGI-3.50-0.1mdvmes5.1.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFM4pNpmqjQ0CJFipgRAmtrAKCTIC+iX+1dOrrpyEyhICQgIsUlSgCglsGg
+63HCTLteKPvspFlPbqx2Lk=
=RIbC
-----END PGP SIGNATURE-----

Login or Register to add favorites

File Archive:

July 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    15 Files
  • 2
    Jul 2nd
    19 Files
  • 3
    Jul 3rd
    12 Files
  • 4
    Jul 4th
    1 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    25 Files
  • 7
    Jul 7th
    35 Files
  • 8
    Jul 8th
    4 Files
  • 9
    Jul 9th
    9 Files
  • 10
    Jul 10th
    7 Files
  • 11
    Jul 11th
    4 Files
  • 12
    Jul 12th
    4 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close