Skip Menu |

This queue is for tickets about the FCGI CPAN distribution.

Report information
The Basics
Id: 118405
Status: new
Priority: 0/
Queue: FCGI
People
Owner: ether [...] cpan.org
Requestors: fsfs [...] debian.org
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)

History Show all quoted text
  Sun Oct 16 09:46:21 2016 fsfs [...] debian.org - Ticket created
Subject: [PATCH] fix CVE-2012-6687 in bundled libfcgi
Date: Sun, 16 Oct 2016 15:46:04 +0200
To: bug-FCGI [...] rt.cpan.org
From: Florian Schlichting <fsfs [...] debian.org>
The version of libfcgi bundled with FCGI is apparently affected by CVE-2012-6687: Stack smashing while using a lot of connections In Debian we are currently applying the following patch to FCGI. We thought you might be interested in it too. Description: fix CVE-2012-6687 in bundled libfcgi Origin: https://bugs.launchpad.net/ubuntu/+source/libfcgi/+bug/933417 Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815840 The patch is tracked in our Git repository at https://anonscm.debian.org/cgit/pkg-perl/packages/libfcgi-perl.git/plain/debian/patches/CVE-2012-6687.patch Thanks for considering, Florian Schlichting, Debian Perl Group

Message body is not shown because sender requested not to inline it.

  Sun Oct 16 14:18:00 2016 ether [...] cpan.org - Taken