[Bug 201454] Re: Please sync libnet-dns-perl 0.63-1 (universe) from Debian unstable (main).
Scott Kitterman
ubuntu at kitterman.com
Thu Mar 20 02:34:24 GMT 2008
** Summary changed:
- [libnet-dns-perl] [CVE-2007-6341] possible remote denial of service vulnerability
+ Please sync libnet-dns-perl 0.63-1 (universe) from Debian unstable (main).
** Description changed:
- Binary package hint: libnet-dns-perl
+ Changelog since current hardy version 0.62-1:
- References:
- DSA-1515-1 (http://www.debian.org/security/2008/dsa-1515) (page has not been generated at the time of this writing)
+ libnet-dns-perl (0.63-1) unstable; urgency=medium
- Note: CVE-2007-3377 and CVE-2007-3409 have been addressed in USN-483-1
+ * New upstream release, which fixes security issue
+ CVE-2007-6341 (closes: bug#457445).
+ * Do not try to delete /usr/share/perl5 while assembling package if
+ it is not there. It is no longer there with MakeMaker from Perl 5.10.
+ Thanks to Damyan Ivanov <dmn at debian.org> for report and fix
+ (closes: bug#463531).
- Quoting DSA-1515-1:
- "Decoding malformed A records could lead to a crash (via an uncaught
- Perl exception) of certain applications using libnet-dns-perl
- (CVE-2007-6341)."
+ -- Florian Hinzmann <fh at debian.org> Fri, 15 Feb 2008 01:42:53 +0100
** Changed in: libnet-dns-perl (Ubuntu)
Importance: Undecided => Medium
Assignee: Scott Kitterman (kitterman) => (unassigned)
Status: In Progress => Confirmed
--
Please sync libnet-dns-perl 0.63-1 (universe) from Debian unstable (main).
https://bugs.launchpad.net/bugs/201454
You received this bug notification because you are a member of Ubuntu
Package Archive Administrators, which is a direct subscriber.
More information about the ubuntu-archive
mailing list