[Bug 1821882] CVE-2013-7488 perl-Convert-ASN1: allows remote attackers to cause an infinite loop via unexpected input [epel-8]
https://bugzilla.redhat.com/show_bug.cgi?id=1821882 --- Comment #6 from Philipp Trulson --- Thanks for this info Paul! The same thing already happened with zstd, it's a pity that this breaks so many dependent programs on CentOS. -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1821882] CVE-2013-7488 perl-Convert-ASN1: allows remote attackers to cause an infinite loop via unexpected input [epel-8]
https://bugzilla.redhat.com/show_bug.cgi?id=1821882 Paul Howarth changed: What|Removed |Added CC||p...@city-fan.org --- Comment #5 from Paul Howarth --- Whilst you wait for CentOS 8.2 to be released, you can find the old EPEL package here: https://archives.fedoraproject.org/pub/archive/epel/8.1/Everything/x86_64/Packages/p/perl-Convert-ASN1-0.27-16.el8.noarch.rpm -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1821882] CVE-2013-7488 perl-Convert-ASN1: allows remote attackers to cause an infinite loop via unexpected input [epel-8]
https://bugzilla.redhat.com/show_bug.cgi?id=1821882 Petr Pisar changed: What|Removed |Added Status|ASSIGNED|CLOSED Resolution|--- |EOL Last Closed||2020-05-14 13:21:54 --- Comment #4 from Petr Pisar --- This package was removed from EPEL. But for a different reason. This package was added into RHEL 8.2 and thus removed from EPEL because EPEL cannot provide the same packages (bug #1833568). -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1821882] CVE-2013-7488 perl-Convert-ASN1: allows remote attackers to cause an infinite loop via unexpected input [epel-8]
https://bugzilla.redhat.com/show_bug.cgi?id=1821882 Philipp Trulson changed: What|Removed |Added CC||phil...@trulson.de --- Comment #3 from Philipp Trulson --- Did this package get removed because of the vulnerability? This is blocking the installation of nagios-plugins-all-2.3.3-1.el8.x86_64 which depends on nagios-plugins-ssl_validity-2.3.3-1.el8.x86_64 which depends on perl-Crypt-X509-0.51-19.el8.noarch which depends on perl(Convert::ASN1) >= 0.19. We really need this package back ASAP. -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1821882] CVE-2013-7488 perl-Convert-ASN1: allows remote attackers to cause an infinite loop via unexpected input [epel-8]
https://bugzilla.redhat.com/show_bug.cgi?id=1821882 Petr Pisar changed: What|Removed |Added Status|NEW |ASSIGNED CC||ppi...@redhat.com --- Comment #2 from Petr Pisar --- I confirm that perl-Convert-ASN1-0.27-16.el8.noarch is vulnerable. -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1821882] CVE-2013-7488 perl-Convert-ASN1: allows remote attackers to cause an infinite loop via unexpected input [epel-8]
https://bugzilla.redhat.com/show_bug.cgi?id=1821882 --- Comment #1 from Guilherme de Almeida Suckevicz --- Use the following template to for the 'fedpkg update' request to submit an update for this issue as it contains the top-level parent bug(s) as well as this tracking bug. This will ensure that all associated bugs get updated when new packages are pushed to stable. = # bugfix, security, enhancement, newpackage (required) type=security # low, medium, high, urgent (required) severity=medium # testing, stable request=testing # Bug numbers: 1234,9876 bugs=1821879,1821882 # Description of your update notes=Security fix for [PUT CVEs HERE] # Enable request automation based on the stable/unstable karma thresholds autokarma=True stable_karma=3 unstable_karma=-3 # Automatically close bugs when this marked as stable close_bugs=True # Suggest that users restart after update suggest_reboot=False == Additionally, you may opt to use the bodhi web interface to submit updates: https://bodhi.fedoraproject.org/updates/new -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
[Bug 1821882] CVE-2013-7488 perl-Convert-ASN1: allows remote attackers to cause an infinite loop via unexpected input [epel-8]
https://bugzilla.redhat.com/show_bug.cgi?id=1821882 Guilherme de Almeida Suckevicz changed: What|Removed |Added Blocks||1821879 (CVE-2013-7488) Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1821879 [Bug 1821879] CVE-2013-7488 perl-Convert-ASN1: allows remote attackers to cause an infinite loop via unexpected input -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org