https://bugzilla.redhat.com/show_bug.cgi?id=1877446
Bug ID: 1877446
Summary: perl-dbi: Proxy driver and server use PlRPC which is
not secure due to Storable
Product: Security Response
Hardware: All
OS: Linux
Status: NEW
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: psampaio(a)redhat.com
CC: caillon+fedoraproject(a)gmail.com, hhorak(a)redhat.com,
john.j5live(a)gmail.com, jorton(a)redhat.com,
jplesnik(a)redhat.com, kasal(a)ucw.cz,
perl-devel(a)lists.fedoraproject.org,
perl-maint-list(a)redhat.com, ppisar(a)redhat.com,
rhughes(a)redhat.com, rstrode(a)redhat.com,
sandmann(a)redhat.com
Target Milestone: ---
Classification: Other
A flaw was found in perl-dbi before version 1.632. The proxy driver and server
use PlRPC which is not secure due to Storable.
References:
https://rt.cpan.org/Public/Bug/Display.html?id=90475
Upstream patch:
https://github.com/perl5-dbi/dbi/commit/3cef14e68a01cd593cd19540c7b91d59d...
--
You are receiving this mail because:
You are on the CC list for the bug.