[SECURITY] Fedora 19 Update: perl-Dancer-1.3111-3.fc19
updates at fedoraproject.org
updates at fedoraproject.org
Wed Jun 12 03:36:47 UTC 2013
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-9918
2013-06-03 14:26:20
--------------------------------------------------------------------------------
Name : perl-Dancer
Product : Fedora 19
Version : 1.3111
Release : 3.fc19
URL : http://search.cpan.org/dist/Dancer/
Summary : Lightweight yet powerful web application framework
Description :
Dancer is a web application framework designed to be as effortless as
possible for the developer, taking care of the boring bits as easily as
possible, yet staying out of your way and letting you get on with writing
your code.
--------------------------------------------------------------------------------
Update Information:
This release fixes CR-LF injection into Cookie HTTP header (CVE-2012-5572).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #880329 - CVE-2012-5572 perl-Dancer: Newline injection due to improper CRLF escaping in cookie() and cookies() methods
https://bugzilla.redhat.com/show_bug.cgi?id=880329
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update perl-Dancer' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list