Debian
perl package

Bug #11407
Comment #31

Comment 31 for bug 11407

Revision history for this message

Debian Bug Importer (debzilla) wrote on 2005-03-22:

#31

Message-Id: <email address hidden>
Date: Tue, 22 Mar 2005 06:02:30 -0500
From: Brendan O'Dea <email address hidden>
To: <email address hidden>
Cc: Brendan O'Dea <email address hidden>, Martin Schulze <email address hidden>
Subject: Fixed in NMU of perl 5.6.1-8.9

tag 286905 + fixed
tag 286922 + fixed

quit

This message was generated automatically in response to a
non-maintainer upload. The .changes file follows.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Fri, 18 Mar 2005 22:22:25 +1100
Source: perl
Binary: perl-suid perl-modules perl perl-debug perl-base libperl5.6 perl-doc libperl-dev libcgi-fast-perl
Architecture: source i386 all
Version: 5.6.1-8.9
Distribution: stable-security
Urgency: high
Maintainer: Martin Schulze <email address hidden>
Changed-By: Brendan O'Dea <email address hidden>
Description:
libcgi-fast-perl - CGI::Fast Perl module.
libperl-dev - Perl library: development files.
libperl5.6 - Shared Perl library.
perl - Larry Wall's Practical Extraction and Report Language.
perl-base - The Pathologically Eclectic Rubbish Lister.
perl-debug - Debug-enabled Perl interpreter.
perl-doc - Perl documentation.
perl-modules - Core Perl modules.
perl-suid - Runs setuid Perl scripts.
Closes: 286905 286922
Changes:
perl (5.6.1-8.9) stable-security; urgency=high
.
   * SECURITY [CAN-2005-0448]: rewrite File::Path::rmtree to avoid race
     condition which allows an attacker with write permission on
     directories in the tree being removed to make files setuid or to
     remove arbitrary files (closes: #286905, #286922). Supersedes
     the previous patch for CAN-2004-0452.
Files:
bf8f434e157f15546953ae89dfb2f932 687 interpreters standard perl_5.6.1-8.9.dsc
5f8583904c8f261d31f0935611ca7314 176889 interpreters standard perl_5.6.1-8.9.diff.gz
2516eb570a001c6a3376042ff85e3ff9 31524 interpreters extra libcgi-fast-perl_5.6.1-8.9_all.deb
d2ccba71035e7b24bed20b0d50e6cd3c 3885588 doc optional perl-doc_5.6.1-8.9_all.deb
ba2dbf867e05ce0a238a6bb0655ae88f 1278636 interpreters standard perl-modules_5.6.1-8.9_all.deb
46ad051a8314caccc5bb58c0c63f21fb 497350 base required perl-base_5.6.1-8.9_i386.deb
d32af3c6b914565feef67bbc88d26fac 2119332 interpreters optional perl-debug_5.6.1-8.9_i386.deb
2d35d5c7bf825e4ee402a2ee2d1e9961 28422 interpreters optional perl-suid_5.6.1-8.9_i386.deb
e896258f9bab36868a62f2d4abf38f3b 347980 libs required libperl5.6_5.6.1-8.9_i386.deb
325554fce57546f366bd8eb8eae13d0d 424620 devel optional libperl-dev_5.6.1-8.9_i386.deb
7eb6c4b69d60aa1aa203c8e121001b08 1150462 interpreters standard perl_5.6.1-8.9_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)

iD8DBQFCO8tUW5ql+IAeqTIRAu7qAKC6qAwMAwbg4fhH9HYRE1oKcicFSgCgmAbL
wyU+9UfHXziR0oDFya8hlV0=
=VMJ1
-----END PGP SIGNATURE-----

Message-Id: <E1DDh9a-00046Y-00@newraff.debian.org>
Date: Tue, 22 Mar 2005 06:02:30 -0500
From: Brendan O'Dea <bod@debian.org>
To: control@bugs.debian.org
Cc: Brendan O'Dea <bod@debian.org>, Martin Schulze <joey@debian.org>
Subject: Fixed in NMU of perl 5.6.1-8.9

tag 286905 + fixed
tag 286922 + fixed

quit

This message was generated automatically in response to a
non-maintainer upload.  The .changes file follows.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Fri, 18 Mar 2005 22:22:25 +1100
Source: perl
Binary: perl-suid perl-modules perl perl-debug perl-base libperl5.6 perl-doc libperl-dev libcgi-fast-perl
Architecture: source i386 all
Version: 5.6.1-8.9
Distribution: stable-security
Urgency: high
Maintainer: Martin Schulze <joey@debian.org>
Changed-By: Brendan O'Dea <bod@debian.org>
Description: 
 libcgi-fast-perl - CGI::Fast Perl module.
 libperl-dev - Perl library: development files.
 libperl5.6 - Shared Perl library.
 perl       - Larry Wall's Practical Extraction and Report Language.
 perl-base  - The Pathologically Eclectic Rubbish Lister.
 perl-debug - Debug-enabled Perl interpreter.
 perl-doc   - Perl documentation.
 perl-modules - Core Perl modules.
 perl-suid  - Runs setuid Perl scripts.
Closes: 286905 286922
Changes: 
 perl (5.6.1-8.9) stable-security; urgency=high
 .
   * SECURITY [CAN-2005-0448]: rewrite File::Path::rmtree to avoid race
     condition which allows an attacker with write permission on
     directories in the tree being removed to make files setuid or to
     remove arbitrary files (closes: #286905, #286922).  Supersedes
     the previous patch for CAN-2004-0452.
Files: 
 bf8f434e157f15546953ae89dfb2f932 687 interpreters standard perl_5.6.1-8.9.dsc
 5f8583904c8f261d31f0935611ca7314 176889 interpreters standard perl_5.6.1-8.9.diff.gz
 2516eb570a001c6a3376042ff85e3ff9 31524 interpreters extra libcgi-fast-perl_5.6.1-8.9_all.deb
 d2ccba71035e7b24bed20b0d50e6cd3c 3885588 doc optional perl-doc_5.6.1-8.9_all.deb
 ba2dbf867e05ce0a238a6bb0655ae88f 1278636 interpreters standard perl-modules_5.6.1-8.9_all.deb
 46ad051a8314caccc5bb58c0c63f21fb 497350 base required perl-base_5.6.1-8.9_i386.deb
 d32af3c6b914565feef67bbc88d26fac 2119332 interpreters optional perl-debug_5.6.1-8.9_i386.deb
 2d35d5c7bf825e4ee402a2ee2d1e9961 28422 interpreters optional perl-suid_5.6.1-8.9_i386.deb
 e896258f9bab36868a62f2d4abf38f3b 347980 libs required libperl5.6_5.6.1-8.9_i386.deb
 325554fce57546f366bd8eb8eae13d0d 424620 devel optional libperl-dev_5.6.1-8.9_i386.deb
 7eb6c4b69d60aa1aa203c8e121001b08 1150462 interpreters standard perl_5.6.1-8.9_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)

iD8DBQFCO8tUW5ql+IAeqTIRAu7qAKC6qAwMAwbg4fhH9HYRE1oKcicFSgCgmAbL
wyU+9UfHXziR0oDFya8hlV0=
=VMJ1
-----END PGP SIGNATURE-----

Debianperl package

Comment 31 for bug 11407

Debian
perl package