Skip Menu |
 

This queue is for tickets about the FCGI CPAN distribution.

Report information
The Basics
Id: 118405
Status: new
Priority: 0/
Queue: FCGI

People
Owner: ether [...] cpan.org
Requestors: fsfs [...] debian.org
Cc:
AdminCc:

Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)



Subject: [PATCH] fix CVE-2012-6687 in bundled libfcgi
Date: Sun, 16 Oct 2016 15:46:04 +0200
To: bug-FCGI [...] rt.cpan.org
From: Florian Schlichting <fsfs [...] debian.org>
Download (untitled) / with headers
text/plain 657b
The version of libfcgi bundled with FCGI is apparently affected by CVE-2012-6687: Stack smashing while using a lot of connections In Debian we are currently applying the following patch to FCGI. We thought you might be interested in it too. Description: fix CVE-2012-6687 in bundled libfcgi Origin: https://bugs.launchpad.net/ubuntu/+source/libfcgi/+bug/933417 Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815840 The patch is tracked in our Git repository at https://anonscm.debian.org/cgit/pkg-perl/packages/libfcgi-perl.git/plain/debian/patches/CVE-2012-6687.patch Thanks for considering, Florian Schlichting, Debian Perl Group
Download CVE-2012-6687.patch
text/x-diff 2.3k

Message body is not shown because sender requested not to inline it.



This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.