[ubuntu/hardy-security] libwww-perl (delayed), libwww-perl 5.808-1ubuntu0.1 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Tue Aug 31 14:04:40 BST 2010
libwww-perl (5.808-1ubuntu0.1) hardy-security; urgency=low
* SECURITY UPDATE: arbitrary file overwrite via dot file download
- debian/patches/CVE-2010-2253.patch: reject filenames that start with
a dot in bin/lwp-download.
- CVE-2010-2253
Date: Fri, 27 Aug 2010 14:36:59 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/hardy/+source/libwww-perl/5.808-1ubuntu0.1
-------------- next part --------------
Format: 1.7
Date: Fri, 27 Aug 2010 14:36:59 -0400
Source: libwww-perl
Binary: libwww-perl
Architecture: source
Version: 5.808-1ubuntu0.1
Distribution: hardy-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
libwww-perl - WWW client/server library for Perl (aka LWP)
Changes:
libwww-perl (5.808-1ubuntu0.1) hardy-security; urgency=low
.
* SECURITY UPDATE: arbitrary file overwrite via dot file download
- debian/patches/CVE-2010-2253.patch: reject filenames that start with
a dot in bin/lwp-download.
- CVE-2010-2253
Files:
31de77d3f332f3352788cae3e1450dae 1247 perl optional libwww-perl_5.808-1ubuntu0.1.dsc
7179919aed769791ec74f0a9d3e0ad91 10526 perl optional libwww-perl_5.808-1ubuntu0.1.diff.gz
Original-Maintainer: Debian Perl Group <pkg-perl-maintainers at lists.alioth.debian.org>
More information about the Hardy-changes
mailing list