Package: perl Version: 5.10.1-12 Severity: important Tags: security X-Debbugs-Cc: t...@security.debian.org
Quoting http://security-tracker.debian.org/tracker/CVE-2010-1974 : Multiple unspecified vulnerabilities in the Safe (aka Safe.pm) module before 2.25 for Perl allow context-dependent attackers to inject and execute arbitrary code via vectors related to "automagic methods." NOTE: this might overlap CVE-2010-1169 or CVE-2010-1447. The best description I'm aware of is at http://blogs.perl.org/users/rafael_garcia-suarez/2010/03/new-safepm-fixes-security-hole.html I expect lenny is affected just as much as sid/squeeze. Not sure if we need a DSA. Setting the severity to 'important' for now. Please note that there's potential for regression: Safe-2.27 breaks at least libpetal-perl, see #582805. Security team, I'd love some help with this. -- Niko Tyni nt...@debian.org -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
