[Bug 743629] New: perl-CGI, perl-CGI-Simple: CVE-2010-2761 - hardcoded MIME boundary value for multipart content, CVE-2010-4410 - CRLF injection allowing HTTP response splitting [fedora-all]

bugzilla at redhat.com bugzilla at redhat.com
Wed Oct 5 14:54:58 UTC 2011


Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.

Summary: perl-CGI, perl-CGI-Simple: CVE-2010-2761 - hardcoded MIME boundary value for multipart content, CVE-2010-4410 - CRLF injection allowing HTTP response splitting [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=743629

           Summary: perl-CGI, perl-CGI-Simple: CVE-2010-2761 - hardcoded
                    MIME boundary value for multipart content,
                    CVE-2010-4410 - CRLF injection allowing HTTP response
                    splitting [fedora-all]
           Product: Fedora
           Version: 15
          Platform: All
        OS/Version: Linux
            Status: NEW
          Keywords: Security, SecurityTracking
          Severity: medium
          Priority: medium
         Component: perl-CGI
        AssignedTo: mmaslano at redhat.com
        ReportedBy: rcvalle at redhat.com
         QAContact: extras-qa at fedoraproject.org
                CC: fedora-perl-devel-list at redhat.com,
                    mmaslano at redhat.com, ppisar at redhat.com
            Blocks: 658976
    Classification: Fedora
      Story Points: ---
              Type: ---



This is an automatically created tracking bug!  It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.

For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.

For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs

When creating a Bodhi update request, please include the bug IDs of the
respective parent bugs filed against the "Security Response" product.
Please mention CVE ids in the RPM changelog when available.

Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=658976

Please note: this issue affects multiple supported versions of Fedora.
Only one tracking bug has been filed; please only close it when all
affected versions are fixed.


[bug automatically created by: add-tracking-bugs]

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.



More information about the perl-devel mailing list