Subject: | [PATCH] fix CVE-2012-6687 in bundled libfcgi |
Date: | Sun, 16 Oct 2016 15:46:04 +0200 |
To: | bug-FCGI [...] rt.cpan.org |
From: | Florian Schlichting <fsfs [...] debian.org> |
The version of libfcgi bundled with FCGI is apparently affected by
CVE-2012-6687: Stack smashing while using a lot of connections
In Debian we are currently applying the following patch to FCGI.
We thought you might be interested in it too.
Description: fix CVE-2012-6687 in bundled libfcgi
Origin: https://bugs.launchpad.net/ubuntu/+source/libfcgi/+bug/933417
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815840
The patch is tracked in our Git repository at
https://anonscm.debian.org/cgit/pkg-perl/packages/libfcgi-perl.git/plain/debian/patches/CVE-2012-6687.patch
Thanks for considering,
Florian Schlichting,
Debian Perl Group
Message body is not shown because sender requested not to inline it.