type: security
subject: Updated perl-Dancer package fixes CVE-2012-5572
CVE:
  - CVE-2012-5572
src:
  2:
   core:
    - perl-Dancer-1.311.500-1.mga2
  3:
   core:
    - perl-Dancer-1.311.500-1.mga3
description: |
  A security flaw was found in the way Dancer.pm, lightweight yet powerful web
  application framework / Perl language module, performed sanitization of values
  to be used for cookie() and cookies() methods. A remote attacker could use this
  flaw to inject arbitrary headers into responses from (Perl) applications, that
  use Dancer.pm (CVE-2012-5572).
references:
  - https://lists.fedoraproject.org/pipermail/package-announce/2013-June/108749.html
  - https://bugs.mageia.org/show_bug.cgi?id=10523
ID: MGASA-2013-0183