Re: DBI Vulnerability (DBI v1.38 or earlier?) [From: bugtraq Digest 29 Jan 2005 08:00:40 -0000 Issue 993]

Michael A Chase tech Sat, 29 Jan 2005 18:29:58 -0800

On 01/29/2005 04:58 PM, Jonathan Leffler said:

On the face of it, current versions of DBI are clean. But FYI...

Affected packages
=================

    -------------------------------------------------------------------
     Package        /   Vulnerable   /                      Unaffected
    -------------------------------------------------------------------
  1  dev-perl/dbi         <= 1.38                          *>= 1.37-r1
                                                            >= 1.38-r1
  2  dev-lang/perl      <= 5.8.6-r1                        >= 5.8.6-r2
                                                          *>= 5.8.5-r3
                                                          *>= 5.8.4-r2
                                                          *>= 5.8.2-r2
    -------------------------------------------------------------------
     2 affected packages on all of their supported architectures.
    -------------------------------------------------------------------

...

  [ 1 ] CAN-2005-0077
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0077
  [ 2 ] CAN-2004-0452
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0452

CAN-2005-0077 was reported this week and the fix to DBI::ProxyServer will be in DBI version 1.47.

--
Mac :})
** I usually forward private questions to the appropriate mail list. **
Ask Smarter: http://www.catb.org/~esr/faqs/smart-questions.html
Give a hobbit a fish and he eats fish for a day.
Give a hobbit a ring and he eats fish for an age.

Re: DBI Vulnerability (DBI v1.38 or earlier?) [From: bugtraq Digest 29 Jan 2005 08:00:40 -0000 Issue 993]

Reply via email to