Message-Id: <email address hidden> Date: Tue, 22 Mar 2005 06:02:30 -0500 From: Brendan O'Dea <email address hidden> To: <email address hidden> Cc: Brendan O'Dea <email address hidden>, Martin Schulze <email address hidden> Subject: Fixed in NMU of perl 5.6.1-8.9
tag 286905 + fixed tag 286922 + fixed
quit
This message was generated automatically in response to a non-maintainer upload. The .changes file follows.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Format: 1.7 Date: Fri, 18 Mar 2005 22:22:25 +1100 Source: perl Binary: perl-suid perl-modules perl perl-debug perl-base libperl5.6 perl-doc libperl-dev libcgi-fast-perl Architecture: source i386 all Version: 5.6.1-8.9 Distribution: stable-security Urgency: high Maintainer: Martin Schulze <email address hidden> Changed-By: Brendan O'Dea <email address hidden> Description: libcgi-fast-perl - CGI::Fast Perl module. libperl-dev - Perl library: development files. libperl5.6 - Shared Perl library. perl - Larry Wall's Practical Extraction and Report Language. perl-base - The Pathologically Eclectic Rubbish Lister. perl-debug - Debug-enabled Perl interpreter. perl-doc - Perl documentation. perl-modules - Core Perl modules. perl-suid - Runs setuid Perl scripts. Closes: 286905 286922 Changes: perl (5.6.1-8.9) stable-security; urgency=high . * SECURITY [CAN-2005-0448]: rewrite File::Path::rmtree to avoid race condition which allows an attacker with write permission on directories in the tree being removed to make files setuid or to remove arbitrary files (closes: #286905, #286922). Supersedes the previous patch for CAN-2004-0452. Files: bf8f434e157f15546953ae89dfb2f932 687 interpreters standard perl_5.6.1-8.9.dsc 5f8583904c8f261d31f0935611ca7314 176889 interpreters standard perl_5.6.1-8.9.diff.gz 2516eb570a001c6a3376042ff85e3ff9 31524 interpreters extra libcgi-fast-perl_5.6.1-8.9_all.deb d2ccba71035e7b24bed20b0d50e6cd3c 3885588 doc optional perl-doc_5.6.1-8.9_all.deb ba2dbf867e05ce0a238a6bb0655ae88f 1278636 interpreters standard perl-modules_5.6.1-8.9_all.deb 46ad051a8314caccc5bb58c0c63f21fb 497350 base required perl-base_5.6.1-8.9_i386.deb d32af3c6b914565feef67bbc88d26fac 2119332 interpreters optional perl-debug_5.6.1-8.9_i386.deb 2d35d5c7bf825e4ee402a2ee2d1e9961 28422 interpreters optional perl-suid_5.6.1-8.9_i386.deb e896258f9bab36868a62f2d4abf38f3b 347980 libs required libperl5.6_5.6.1-8.9_i386.deb 325554fce57546f366bd8eb8eae13d0d 424620 devel optional libperl-dev_5.6.1-8.9_i386.deb 7eb6c4b69d60aa1aa203c8e121001b08 1150462 interpreters standard perl_5.6.1-8.9_i386.deb
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux) iD8DBQFCO8tUW5ql+IAeqTIRAu7qAKC6qAwMAwbg4fhH9HYRE1oKcicFSgCgmAbL wyU+9UfHXziR0oDFya8hlV0= =VMJ1 -----END PGP SIGNATURE-----
Message-Id: <email address hidden>
Date: Tue, 22 Mar 2005 06:02:30 -0500
From: Brendan O'Dea <email address hidden>
To: <email address hidden>
Cc: Brendan O'Dea <email address hidden>, Martin Schulze <email address hidden>
Subject: Fixed in NMU of perl 5.6.1-8.9
tag 286905 + fixed
tag 286922 + fixed
quit
This message was generated automatically in response to a
non-maintainer upload. The .changes file follows.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7 546953ae89dfb2f 932 687 interpreters standard perl_5.6.1-8.9.dsc 1d31f0935611ca7 314 176889 interpreters standard perl_5. 6.1-8.9. diff.gz 6a3376042ff85e3 ff9 31524 interpreters extra libcgi- fast-perl_ 5.6.1-8. 9_all.deb 24bed20b0d50e6c d3c 3885588 doc optional perl-doc_ 5.6.1-8. 9_all.deb 0a238a6bb0655ae 88f 1278636 interpreters standard perl-modules_ 5.6.1-8. 9_all.deb ccc5bb58c0c63f2 1fb 497350 base required perl-base_ 5.6.1-8. 9_i386. deb 5feef67bbc88d26 fac 2119332 interpreters optional perl-debug_ 5.6.1-8. 9_i386. deb 4ee402a2ee2d1e9 961 28422 interpreters optional perl-suid_ 5.6.1-8. 9_i386. deb 868a62f2d4abf38 f3b 347980 libs required libperl5. 6_5.6.1- 8.9_i386. deb f366bd8eb8eae13 d0d 424620 devel optional libperl- dev_5.6. 1-8.9_i386. deb 1aa203c8e121001 b08 1150462 interpreters standard perl_5. 6.1-8.9_ i386.deb
Date: Fri, 18 Mar 2005 22:22:25 +1100
Source: perl
Binary: perl-suid perl-modules perl perl-debug perl-base libperl5.6 perl-doc libperl-dev libcgi-fast-perl
Architecture: source i386 all
Version: 5.6.1-8.9
Distribution: stable-security
Urgency: high
Maintainer: Martin Schulze <email address hidden>
Changed-By: Brendan O'Dea <email address hidden>
Description:
libcgi-fast-perl - CGI::Fast Perl module.
libperl-dev - Perl library: development files.
libperl5.6 - Shared Perl library.
perl - Larry Wall's Practical Extraction and Report Language.
perl-base - The Pathologically Eclectic Rubbish Lister.
perl-debug - Debug-enabled Perl interpreter.
perl-doc - Perl documentation.
perl-modules - Core Perl modules.
perl-suid - Runs setuid Perl scripts.
Closes: 286905 286922
Changes:
perl (5.6.1-8.9) stable-security; urgency=high
.
* SECURITY [CAN-2005-0448]: rewrite File::Path::rmtree to avoid race
condition which allows an attacker with write permission on
directories in the tree being removed to make files setuid or to
remove arbitrary files (closes: #286905, #286922). Supersedes
the previous patch for CAN-2004-0452.
Files:
bf8f434e157f15
5f8583904c8f26
2516eb570a001c
d2ccba71035e7b
ba2dbf867e05ce
46ad051a8314ca
d32af3c6b91456
2d35d5c7bf825e
e896258f9bab36
325554fce57546
7eb6c4b69d60aa
-----BEGIN PGP SIGNATURE-----
l+IAeqTIRAu7qAK C6qAwMAwbg4fhH9 HYRE1oKcicFSgCg mAbL Fya8hlV0=
Version: GnuPG v1.4.0 (GNU/Linux)
iD8DBQFCO8tUW5q
wyU+9UfHXziR0oD
=VMJ1
-----END PGP SIGNATURE-----