Parent Directory | Revision Log
MGASA-2013-0183
1 | type: security |
2 | subject: Updated perl-Dancer package fixes CVE-2012-5572 |
3 | CVE: |
4 | - CVE-2012-5572 |
5 | src: |
6 | 2: |
7 | core: |
8 | - perl-Dancer-1.311.500-1.mga2 |
9 | 3: |
10 | core: |
11 | - perl-Dancer-1.311.500-1.mga3 |
12 | description: | |
13 | A security flaw was found in the way Dancer.pm, lightweight yet powerful web |
14 | application framework / Perl language module, performed sanitization of values |
15 | to be used for cookie() and cookies() methods. A remote attacker could use this |
16 | flaw to inject arbitrary headers into responses from (Perl) applications, that |
17 | use Dancer.pm (CVE-2012-5572). |
18 | references: |
19 | - https://lists.fedoraproject.org/pipermail/package-announce/2013-June/108749.html |
20 | - https://bugs.mageia.org/show_bug.cgi?id=10523 |
21 | ID: MGASA-2013-0183 |
ViewVC Help | |
Powered by ViewVC 1.1.30 |