Overview Details

File _patchinfo of Package patchinfo

<patchinfo incident="perl">
  <packager>lijews</packager>
  <issue tracker="cve" id="CVE-2012-5526"></issue>
  <issue tracker="cve" id="CVE-2013-1667"></issue>
  <issue tracker="cve" id="CVE-2012-6329"></issue>
  <issue tracker="bnc" id="789994">VUL-1: CVE-2012-5526: perl: Newline injection due to improper CRLF escaping in Set-Cookie and P3P headers</issue>
  <issue tracker="bnc" id="797060">VUL-1: perl: CVE-2012-6329: missing input sanitation</issue>
  <issue tracker="bnc" id="804415">VUL-0: CVE-2013-1667: perl: Denial of Service (CPU consumption) via specially-crafted, user-supplied hash keys</issue>
  <category>security</category>
  <rating>important</rating>
  <summary>update for perl</summary>
  <description>Perl was updated to fix 3 security issues:

- fix rehash denial of service (compute time) [bnc#804415] [CVE-2013-1667]
- improve CGI crlf escaping [bnc#789994] [CVE-2012-5526]
- sanitize input in Maketext.pm to avoid code injection [bnc#797060] [CVE-2012-6329]</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places