Oh, you're right! The code still appears to be bad to me.
Please provide a patch that performs a gethostbyname() on the
gethostbyaddr() to compare to ensure it matches the $addr before gleefully
bricking over {'peerhost'}.
On Thu, May 28, 2020 at 2:25 PM Petter Reinholdtsen wrote:
> [Rob
[Rob Brown]
> Is this Issue still open? Is it still a problem in the latest version?
> Or can I close this RT Ticket now?
The code in question seem to be this section from Net/Server.pm version
2.009:
if ($addr && defined $prop->{'reverse_lookups'}) {
if ($INC{'Socket6.pm'} &&
Is this Issue still open? Is it still a problem in the latest version? Or
can I close this RT Ticket now?
-- Rob
On Thu, May 28, 2020 at 3:52 AM Petter Reinholdtsen wrote:
>
> Dear libnet-server-perl developers,
>
> You get this message as the upstream developers of the
> libnet-server-perl
Dear libnet-server-perl developers,
You get this message as the upstream developers of the
libnet-server-perl Debian package. There is an security issue
accociated with the perl module, discussed in
https://rt.cpan.org/Ticket/Display.html?id=83909 > and
4 matches
Mail list logo