Parent Directory
| 
Revision Log
Adding sec advisory for perl-Dancer bug 10523
| 1 | claire | 71 | type: security |
| 2 | subject: Updated perl-Dancer package fixes CVE-2012-5572 | ||
| 3 | CVE: | ||
| 4 | - CVE-2012-5572 | ||
| 5 | src: | ||
| 6 | 2: | ||
| 7 | core: | ||
| 8 | - perl-Dancer-1.311.500-1.mga2 | ||
| 9 | 3: | ||
| 10 | core: | ||
| 11 | - perl-Dancer-1.311.500-1.mga3 | ||
| 12 | description: | | ||
| 13 | A security flaw was found in the way Dancer.pm, lightweight yet powerful web | ||
| 14 | application framework / Perl language module, performed sanitization of values | ||
| 15 | to be used for cookie() and cookies() methods. A remote attacker could use this | ||
| 16 | flaw to inject arbitrary headers into responses from (Perl) applications, that | ||
| 17 | use Dancer.pm (CVE-2012-5572). | ||
| 18 | references: | ||
| 19 | - https://lists.fedoraproject.org/pipermail/package-announce/2013-June/108749.html | ||
| 20 | - https://bugs.mageia.org/show_bug.cgi?id=10523 |
| ViewVC Help | |
| Powered by ViewVC 1.1.30 |