Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: <updates <at> fedoraproject.org>
Subject: [SECURITY] Fedora 17 Update: perl-Dancer-1.3093-3.fc17
Newsgroups: gmane.linux.redhat.fedora.package.announce
Date: Thursday 13th June 2013 05:56:40 UTC (over 3 years ago)
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-9961
2013-06-04 19:15:56
--------------------------------------------------------------------------------

Name        : perl-Dancer
Product     : Fedora 17
Version     : 1.3093
Release     : 3.fc17
URL         : http://search.cpan.org/dist/Dancer/
Summary     : Lightweight yet powerful web application framework
Description :
Dancer is a web application framework designed to be as effortless as
possible for the developer, taking care of the boring bits as easily as
possible, yet staying out of your way and letting you get on with writing
your code.

--------------------------------------------------------------------------------
Update Information:

This release fixes CR-LF injection into Cookie HTTP header (CVE-2012-5572).
--------------------------------------------------------------------------------
ChangeLog:

* Mon Jun  3 2013 Petr Pisar  - 1.3093-3
- Fix CVE-2012-5572 (cookie name CR-LF injection) (bug #880330)
* Tue May  7 2013 Petr Pisar  - 1.3093-2
- Return proper exit code on dancer tool failure (bug #960184)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #880329 - CVE-2012-5572 perl-Dancer: Newline injection due to
improper CRLF escaping in cookie() and cookies() methods
        https://bugzilla.redhat.com/show_bug.cgi?id=880329
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update perl-Dancer' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on
the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/package-announce
 
CD: 3ms