[Bug 658976] perl-CGI, perl-CGI-Simple: CVE-2010-2761 -- hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, CVE-2010-4410 -- CRLF injection vulnerability in the header function
bugzilla at redhat.com
bugzilla at redhat.com
Tue Jan 4 11:08:56 UTC 2011
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
https://bugzilla.redhat.com/show_bug.cgi?id=658976
Jan Lieskovsky <jlieskov at redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |kurt at seifried.org,
| |tcallawa at redhat.com
--- Comment #7 from Jan Lieskovsky <jlieskov at redhat.com> 2011-01-04 06:08:54 EST ---
Tom, Kurt,
since the CVEs description from c#3 and c#4 can't be split based
on package, please take this bug as a master security bug also
for perl-CGI-Simple component for now (the bugs were filed sooner
than CVEs were assigned [each being for both components :(]).
Created perl-CGI-Simple tracking bugs for this issue
Affects: fedora-all [bug 658973]
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the perl-devel
mailing list