|Category:||Debian Local Security Checks|
|Title:||Debian Security Advisory DSA 2586-1 (perl - several vulnerabilities)|
|Summary:||Two vulnerabilities were discovered in the implementation of the Perl;programming language:;;CVE-2012-5195The x operator could cause the Perl interpreter to crash;if very long strings were created.;;CVE-2012-5526The CGI module does not properly escape LF characters;in the Set-Cookie and P3P headers.;;In addition, this update adds a warning to the Storable documentation;that this package is not suitable for deserializing untrusted data.|
Two vulnerabilities were discovered in the implementation of the Perl
CVE-2012-5195The x operator could cause the Perl interpreter to crash
if very long strings were created.
CVE-2012-5526The CGI module does not properly escape LF characters
in the Set-Cookie and P3P headers.
In addition, this update adds a warning to the Storable documentation
that this package is not suitable for deserializing untrusted data.
perl on Debian Linux
For the stable distribution (squeeze), these problems have been fixed in
For the unstable distribution (sid), these problems have been fixed in
We recommend that you upgrade your perl packages.
Common Vulnerability Exposure (CVE) ID: CVE-2012-5526|
BugTraq ID: 56562
Debian Security Information: DSA-2586 (Google Search)
RedHat Security Advisories: RHSA-2013:0685
XForce ISS Database: perl-cgipm-header-injection(80098)
Common Vulnerability Exposure (CVE) ID: CVE-2012-5195
BugTraq ID: 56287
|Copyright||Copyright (C) 2013 Greenbone Networks GmbH http://greenbone.net|
|This is only one of 86218 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.