Bug#698320: Bug#698174: perl: double-free in load subroutine for Digest::SHA

2013-01-23 Thread Adam D. Barratt
On Wed, 2013-01-23 at 08:51 +0200, Niko Tyni wrote: > While at it, I think the fix for #698320 (signed/unsigned wraparound > on 32-bit platforms) could/should go in too. Release team, would that > be OK with you? > > (Upstream patch attached.) Looks okay to me; thanks. Regards, Adam -- To U

Bug#698174: perl: double-free in load subroutine for Digest::SHA

2013-01-22 Thread Niko Tyni
On Tue, Jan 22, 2013 at 11:59:17PM +, Dominic Hargreaves wrote: > Having this fix only > in one of the two places Digest::SHA appears in wheezy is probably > a Bad Thing, so maybe we should upload a fix for wheezy/perl after all. Yes, I think we should (FWIW). Along with that, I suppose we ne

Bug#698174: perl: double-free in load subroutine for Digest::SHA

2013-01-22 Thread Dominic Hargreaves
On Wed, Jan 23, 2013 at 12:38:43AM +0100, Niels Thykier wrote: > On 2013-01-22 23:59, Dominic Hargreaves wrote: > > Adding debian-release as CC. > > > > On Wed, Jan 16, 2013 at 07:33:19AM +0100, Salvatore Bonaccorso wrote: > >> Hi Dominic > >> > >> On Tue, Jan 15, 2013 at 11:26:09PM +, Dominic

Bug#698174: perl: double-free in load subroutine for Digest::SHA

2013-01-22 Thread Niels Thykier
On 2013-01-22 23:59, Dominic Hargreaves wrote: > Adding debian-release as CC. > > On Wed, Jan 16, 2013 at 07:33:19AM +0100, Salvatore Bonaccorso wrote: >> Hi Dominic >> >> On Tue, Jan 15, 2013 at 11:26:09PM +, Dominic Hargreaves wrote: >>> On Mon, Jan 14, 2013 at 09:46:55PM +0100, Salvatore Bo

Bug#698174: perl: double-free in load subroutine for Digest::SHA

2013-01-22 Thread Dominic Hargreaves
Adding debian-release as CC. On Wed, Jan 16, 2013 at 07:33:19AM +0100, Salvatore Bonaccorso wrote: > Hi Dominic > > On Tue, Jan 15, 2013 at 11:26:09PM +, Dominic Hargreaves wrote: > > On Mon, Jan 14, 2013 at 09:46:55PM +0100, Salvatore Bonaccorso wrote: > > > Upload of Digest::SHA 5.81 mentio

Bug#698174: perl: double-free in load subroutine for Digest::SHA

2013-01-15 Thread Salvatore Bonaccorso
Hi Dominic On Tue, Jan 15, 2013 at 11:26:09PM +, Dominic Hargreaves wrote: > On Mon, Jan 14, 2013 at 09:46:55PM +0100, Salvatore Bonaccorso wrote: > > Upload of Digest::SHA 5.81 mentions the following: > > > > 5.81 Mon Jan 14 05:17:08 MST 2013 > > - corrected load subroutine (SHA.pm) to

Bug#698174: perl: double-free in load subroutine for Digest::SHA

2013-01-15 Thread Dominic Hargreaves
On Mon, Jan 14, 2013 at 09:46:55PM +0100, Salvatore Bonaccorso wrote: > Upload of Digest::SHA 5.81 mentions the following: > > 5.81 Mon Jan 14 05:17:08 MST 2013 > - corrected load subroutine (SHA.pm) to prevent double-free > -- Bug #82655: Security issue - segfault >

Bug#698174: perl: double-free in load subroutine for Digest::SHA

2013-01-14 Thread Salvatore Bonaccorso
Source: perl Severity: important Tags: security -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi Upload of Digest::SHA 5.81 mentions the following: 5.81 Mon Jan 14 05:17:08 MST 2013 - corrected load subroutine (SHA.pm) to prevent double-free -- Bug #82655: Security is