Patches for CVE-2011-0009
Xavier Bachelot
xavier at bachelot.org
Wed Jan 26 20:16:36 UTC 2011
On 01/26/2011 12:00 AM, Xavier Bachelot wrote:
> Hi,
>
> I've been looking at the issue for both rt 3.6 and 3.8.
> I have a rather full featured patch for 3.8 and I took the Debian patch
> for 3.6. However, I'm not happy with 3.6, it's lacking the script to fix
> all the passwords. I'll try to come up with something better in the next
> few days. Here's my WIP for reference.
>
> Regards,
> Xavier
Here are the updated patches against master and el5 branches. I only
have an rt 3.6 to test against, so the 3.8 patch is not run time tested,
but I'm confident.
The only missing bit is a paragraph about the password mass-update
script in the UPGRADING file for 3.6.
Regards,
Xavier
-------------- next part --------------
A non-text attachment was scrubbed...
Name: rt3-3.6.10-CVE-2011-0009.patch
Type: text/x-patch
Size: 9589 bytes
Desc: not available
URL: <http://lists.fedoraproject.org/pipermail/perl-devel/attachments/20110126/ee8c762a/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: rt3-3.8.8-CVE-2011-0009.patch
Type: text/x-patch
Size: 10454 bytes
Desc: not available
URL: <http://lists.fedoraproject.org/pipermail/perl-devel/attachments/20110126/ee8c762a/attachment-0001.bin>
More information about the perl-devel
mailing list