Package: libapache-mod-perl Version: 1.29.0.4-4.1 Severity: important Tags: security
A problem was recently discovered in how mod_perl 1.x deals with special characters in the file_info part of URLs, exploitation of this problem could cause a DoS. The problem was fixed in the recent 1.30 RC1 of the package: SECURITY: CVE-2007-1349 (cve.mitre.org) fix unescaped variable interpolation in Apache::PerlRun regular expression to prevent regex engine tampering. reported by Alex Solovey [Randal L. Schwartz <merlyn@stonehenge.com>, Fred Moyer <[EMAIL PROTECTED]>] I think only a single line needs to be patched to fix the problem. It seems likely that all versions of Debian exhibits the problem, but if I leave it to others to decide if it is a release critical problem for etch. Best, Kjetil -- Kjetil Kjernsmo Information Systems Developer Opera Software ASA -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
