[Bug 743629] New: perl-CGI, perl-CGI-Simple: CVE-2010-2761 - hardcoded MIME boundary value for multipart content, CVE-2010-4410 - CRLF injection allowing HTTP response splitting [fedora-all]
bugzilla at redhat.com
bugzilla at redhat.com
Wed Oct 5 14:54:58 UTC 2011
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
Summary: perl-CGI, perl-CGI-Simple: CVE-2010-2761 - hardcoded MIME boundary value for multipart content, CVE-2010-4410 - CRLF injection allowing HTTP response splitting [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=743629
Summary: perl-CGI, perl-CGI-Simple: CVE-2010-2761 - hardcoded
MIME boundary value for multipart content,
CVE-2010-4410 - CRLF injection allowing HTTP response
splitting [fedora-all]
Product: Fedora
Version: 15
Platform: All
OS/Version: Linux
Status: NEW
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Component: perl-CGI
AssignedTo: mmaslano at redhat.com
ReportedBy: rcvalle at redhat.com
QAContact: extras-qa at fedoraproject.org
CC: fedora-perl-devel-list at redhat.com,
mmaslano at redhat.com, ppisar at redhat.com
Blocks: 658976
Classification: Fedora
Story Points: ---
Type: ---
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include the bug IDs of the
respective parent bugs filed against the "Security Response" product.
Please mention CVE ids in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=658976
Please note: this issue affects multiple supported versions of Fedora.
Only one tracking bug has been filed; please only close it when all
affected versions are fixed.
[bug automatically created by: add-tracking-bugs]
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the perl-devel
mailing list