Fedora Legacy Test Update Notification: perl-DBI
Marc Deslauriers
marcdeslauriers at videotron.ca
Tue Feb 21 00:59:07 UTC 2006
---------------------------------------------------------------------
Fedora Legacy Test Update Notification
FEDORALEGACY-2006-178989
Bugzilla https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=178989
2006-02-20
---------------------------------------------------------------------
Name : perl-DBI
Versions : rh73: perl-DBI-1.21-1.1.legacy
Versions : rh9: perl-DBI-1.32-5.1.legacy
Versions : fc1: perl-DBI-1.37-1.1.legacy
Versions : fc2: perl-DBI-1.40-4.1.legacy
Summary : A database access API for Perl.
Description :
DBI is a database access Application Programming Interface (API) for
the Perl programming language. The DBI API specification defines a set
of functions, variables and conventions that provide a consistent
database interface independent of the actual database being used.
---------------------------------------------------------------------
Update Information:
An updated perl-DBI package that fixes a temporary file flaw in
DBI::ProxyServer is now available.
DBI is a database access Application Programming Interface (API) for
the Perl programming language.
The Debian Security Audit Project discovered that the DBI library
creates a temporary PID file in an insecure manner. A local user could
overwrite or create files as a different user who happens to run an
application which uses DBI::ProxyServer. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CVE-2005-0077 to
this issue.
Users should update to this erratum package which disables the temporary
PID file unless configured.
---------------------------------------------------------------------
Changelogs
rh73:
* Sat Feb 18 2006 Marc Deslauriers <marcdeslauriers at videotron.ca>
1.21-1.1.legacy
- Added fix for CVE-2005-0077
rh9:
* Sat Feb 18 2006 Marc Deslauriers <marcdeslauriers at videotron.ca>
1.32-5.1.legacy
- Added fix for CVE-2005-0077
fc1:
* Sat Feb 18 2006 Marc Deslauriers <marcdeslauriers at videotron.ca>
1.37-1.1.legacy
- Added fix for CVE-2005-0077
fc2:
* Sat Feb 18 2006 Marc Deslauriers <marcdeslauriers at videotron.ca>
1.40-4.1.legacy
- Added fix for CVE-2005-0077
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedoralegacy.org/
(sha1sums)
rh73:
847cb03e61abf1bbb965b2fa6e7c0f812e7edde1
redhat/7.3/updates-testing/i386/perl-DBI-1.21-1.1.legacy.i386.rpm
7c0c13670d8da3620d6bdc0d24f96201ff3feee8
redhat/7.3/updates-testing/SRPMS/perl-DBI-1.21-1.1.legacy.src.rpm
rh9:
2e473b5822a019a10b7b9577f4de60933e75fecc
redhat/9/updates-testing/i386/perl-DBI-1.32-5.1.legacy.i386.rpm
19934b803bf33b0cc93466ae43e2ac14302ac0df
redhat/9/updates-testing/SRPMS/perl-DBI-1.32-5.1.legacy.src.rpm
fc1:
50a02fd2d68f47d35f76bc690281253bbdf9a486
fedora/1/updates-testing/i386/perl-DBI-1.37-1.1.legacy.i386.rpm
0018ffba083fd98b88a4bcec3383005ed32d5e6a
fedora/1/updates-testing/SRPMS/perl-DBI-1.37-1.1.legacy.src.rpm
fc2:
69a623c7db409341705bfc125b5fd6f0c056af7b
fedora/2/updates-testing/i386/perl-DBI-1.40-4.1.legacy.i386.rpm
4443111b0e9137bd1624183b9d209b2cada204dd
fedora/2/updates-testing/SRPMS/perl-DBI-1.40-4.1.legacy.src.rpm
---------------------------------------------------------------------
Please test and comment in bugzilla.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 191 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/fedora-legacy-list/attachments/20060220/34c2b2ba/attachment.sig>
More information about the fedora-legacy-list
mailing list