--------------------------------------------------------------------- Fedora Legacy Test Update Notification FEDORALEGACY-2006-178989 Bugzilla https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=178989 2006-02-20 --------------------------------------------------------------------- Name : perl-DBI Versions : rh73: perl-DBI-1.21-1.1.legacy Versions : rh9: perl-DBI-1.32-5.1.legacy Versions : fc1: perl-DBI-1.37-1.1.legacy Versions : fc2: perl-DBI-1.40-4.1.legacy Summary : A database access API for Perl. Description : DBI is a database access Application Programming Interface (API) for the Perl programming language. The DBI API specification defines a set of functions, variables and conventions that provide a consistent database interface independent of the actual database being used. --------------------------------------------------------------------- Update Information: An updated perl-DBI package that fixes a temporary file flaw in DBI::ProxyServer is now available. DBI is a database access Application Programming Interface (API) for the Perl programming language. The Debian Security Audit Project discovered that the DBI library creates a temporary PID file in an insecure manner. A local user could overwrite or create files as a different user who happens to run an application which uses DBI::ProxyServer. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0077 to this issue. Users should update to this erratum package which disables the temporary PID file unless configured. --------------------------------------------------------------------- Changelogs rh73: * Sat Feb 18 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 1.21-1.1.legacy - Added fix for CVE-2005-0077 rh9: * Sat Feb 18 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 1.32-5.1.legacy - Added fix for CVE-2005-0077 fc1: * Sat Feb 18 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 1.37-1.1.legacy - Added fix for CVE-2005-0077 fc2: * Sat Feb 18 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 1.40-4.1.legacy - Added fix for CVE-2005-0077 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedoralegacy.org/ (sha1sums) rh73: 847cb03e61abf1bbb965b2fa6e7c0f812e7edde1 redhat/7.3/updates-testing/i386/perl-DBI-1.21-1.1.legacy.i386.rpm 7c0c13670d8da3620d6bdc0d24f96201ff3feee8 redhat/7.3/updates-testing/SRPMS/perl-DBI-1.21-1.1.legacy.src.rpm rh9: 2e473b5822a019a10b7b9577f4de60933e75fecc redhat/9/updates-testing/i386/perl-DBI-1.32-5.1.legacy.i386.rpm 19934b803bf33b0cc93466ae43e2ac14302ac0df redhat/9/updates-testing/SRPMS/perl-DBI-1.32-5.1.legacy.src.rpm fc1: 50a02fd2d68f47d35f76bc690281253bbdf9a486 fedora/1/updates-testing/i386/perl-DBI-1.37-1.1.legacy.i386.rpm 0018ffba083fd98b88a4bcec3383005ed32d5e6a fedora/1/updates-testing/SRPMS/perl-DBI-1.37-1.1.legacy.src.rpm fc2: 69a623c7db409341705bfc125b5fd6f0c056af7b fedora/2/updates-testing/i386/perl-DBI-1.40-4.1.legacy.i386.rpm 4443111b0e9137bd1624183b9d209b2cada204dd fedora/2/updates-testing/SRPMS/perl-DBI-1.40-4.1.legacy.src.rpm --------------------------------------------------------------------- Please test and comment in bugzilla.
Attachment:
signature.asc
Description: OpenPGP digital signature
-- fedora-legacy-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-legacy-list
