https://bugzilla.redhat.com/show_bug.cgi?id=870407
Bug ID: 870407
Keywords: Security, SecurityTracking
Blocks: 870406
(CVE-2012-4730,CVE-2012-4732,CVE-2012-4734,CVE-2012-47
35,CVE-2012-4884)
QA Contact: extras-qa(a)fedoraproject.org
Severity: medium
Version: 17
Priority: medium
CC: mmahut(a)redhat.com, perl-devel(a)lists.fedoraproject.org,
rc040203(a)freenet.de, tremble(a)tremble.org.uk,
xavier(a)bachelot.org
Assignee: rc040203(a)freenet.de
Summary: CVE-2012-4730 CVE-2012-4732 CVE-2012-4734
CVE-2012-4735 CVE-2012-4884 rt3: Multiple flaws fixed
in upstream 3.8.15 version [fedora-all]
Regression: ---
Story Points: ---
Classification: Fedora
OS: Linux
Reporter: jlieskov(a)redhat.com
Type: ---
Documentation: ---
Hardware: All
Mount Type: ---
Status: NEW
Component: rt3
Product: Fedora
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please use the bodhi submission link
noted in the next comment(s). This will include the bug IDs of this
tracking bug as well as the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
Bodhi notes field when available.
Please note: this issue affects multiple supported versions of Fedora.
Only one tracking bug has been filed; please ensure that it is only closed
when all affected versions are fixed.
[bug automatically created by: add-tracking-bugs]
--
You are receiving this mail because:
You are on the CC list for the bug.
Product: Fedora
https://bugzilla.redhat.com/show_bug.cgi?id=876974
Bug ID: 876974
Summary: CGI::header() does not escape new lines in cookie
value
Product: Fedora
Version: 17
Component: perl-CGI
Severity: high
Priority: unspecified
Reporter: ppisar(a)redhat.com
Type: Bug
$ cat test
#!/usr/bin/perl
use strict;
use warnings;
use CGI qw/header/;
print header(
-cookie => [ "foo\nbar\nbaz", ],
-p3p => [ "foo\nbar\nbaz", ],
);
$ ./test
P3P: policyref="/w3c/p3p.xml", CP="foo
bar
baz"
Set-Cookie: foo
bar
baz
Date: Thu, 15 Nov 2012 12:23:39 GMT
Content-Type: text/html; charset=ISO-8859-1
Fixed in upstream CGI-3.63.
F<19 are affected.
--
You are receiving this mail because:
You are on the CC list for the bug.
Product: Fedora EPEL
https://bugzilla.redhat.com/show_bug.cgi?id=877913
Bug ID: 877913
Summary: Upgrade to new upstream version
Product: Fedora EPEL
Version: el6
Component: perl-Config-Validator
Severity: unspecified
Priority: unspecified
Reporter: lionel.cons(a)cern.ch
Type: Bug
The latest version of Config-Validator on CPAN is now 0.6.
This is the version to use everywhere. Please upgrade in EPEL.
--
You are receiving this mail because:
You are on the CC list for the bug.
Product: Fedora EPEL
https://bugzilla.redhat.com/show_bug.cgi?id=877951
Bug ID: 877951
Summary: Upgrade to new upstream version
Product: Fedora EPEL
Version: el6
Component: perl-Directory-Queue
Severity: unspecified
Priority: unspecified
Reporter: lionel.cons(a)cern.ch
Type: Bug
The latest version of Directory::Queue on CPAN is now 1.7.
This is the version to use everywhere. Please upgrade in EPEL.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=868495
Bug ID: 868495
Keywords: FutureFeature, Triaged
QA Contact: extras-qa(a)fedoraproject.org
Severity: unspecified
Version: rawhide
Priority: unspecified
CC: mmaslano(a)redhat.com,
perl-devel(a)lists.fedoraproject.org,
psabata(a)redhat.com, robinlee.sysu(a)gmail.com
Assignee: robinlee.sysu(a)gmail.com
Summary: perl-Hash-MultiValue-0.13 is available
Regression: ---
Story Points: ---
Classification: Fedora
OS: Unspecified
Reporter: upstream-release-monitoring(a)fedoraproject.org
Type: ---
Documentation: ---
Hardware: Unspecified
Mount Type: ---
Status: NEW
Component: perl-Hash-MultiValue
Product: Fedora
Latest upstream release: 0.13
Current version in Fedora Rawhide: 0.12
URL: http://search.cpan.org/dist/Hash-MultiValue/
Please consult the package updates policy before you issue an update to a
stable branch: https://fedoraproject.org/wiki/Updates_Policy
More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=866878
Bug ID: 866878
Keywords: FutureFeature, Triaged
QA Contact: extras-qa(a)fedoraproject.org
Severity: unspecified
Version: rawhide
Priority: unspecified
CC: jdunn(a)aquezada.com, perl-devel(a)lists.fedoraproject.org
Assignee: jdunn(a)aquezada.com
Summary: perl-Net-Twitter-3.18004 is available
Regression: ---
Story Points: ---
Classification: Fedora
OS: Unspecified
Reporter: upstream-release-monitoring(a)fedoraproject.org
Type: ---
Documentation: ---
Hardware: Unspecified
Mount Type: ---
Status: NEW
Component: perl-Net-Twitter
Product: Fedora
Latest upstream release: 3.18004
Current version in Fedora Rawhide: 3.18003
URL: http://search.cpan.org/dist/Net-Twitter/
Please consult the package updates policy before you issue an update to a
stable branch: https://fedoraproject.org/wiki/Updates_Policy
More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=869529
Bug ID: 869529
Keywords: FutureFeature, Triaged
QA Contact: extras-qa(a)fedoraproject.org
Severity: unspecified
Version: rawhide
Priority: unspecified
CC: perl-devel(a)lists.fedoraproject.org,
robinlee.sysu(a)gmail.com
Assignee: robinlee.sysu(a)gmail.com
Summary: perl-Net-Dropbox-API-1.9 is available
Regression: ---
Story Points: ---
Classification: Fedora
OS: Unspecified
Reporter: upstream-release-monitoring(a)fedoraproject.org
Type: ---
Documentation: ---
Hardware: Unspecified
Mount Type: ---
Status: NEW
Component: perl-Net-Dropbox-API
Product: Fedora
Latest upstream release: 1.9
Current version in Fedora Rawhide: 1.8
URL: http://search.cpan.org/dist/Net-Dropbox-API/
Please consult the package updates policy before you issue an update to a
stable branch: https://fedoraproject.org/wiki/Updates_Policy
More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=832644
Bug ID: 832644
Keywords: FutureFeature, Triaged
QA Contact: extras-qa(a)fedoraproject.org
Severity: unspecified
Version: rawhide
Priority: unspecified
CC: hobbes1069(a)gmail.com, orion(a)cora.nwra.com,
perl-devel(a)lists.fedoraproject.org
Assignee: hobbes1069(a)gmail.com
Summary: abi-compliance-checker-1.98.0 is available
Regression: ---
Story Points: ---
Classification: Fedora
OS: Unspecified
Reporter: upstream-release-monitoring(a)fedoraproject.org
Type: ---
Documentation: ---
Hardware: Unspecified
Mount Type: ---
Status: NEW
Component: abi-compliance-checker
Product: Fedora
Latest upstream release: 1.98.0
Current version in Fedora Rawhide: 1.97.8
URL: http://ispras.linuxbase.org/index.php/ABI_compliance_checker_Downloads
Please consult the package updates policy before you issue an update to a
stable branch: https://fedoraproject.org/wiki/Updates_Policy
More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring
--
You are receiving this mail because:
You are on the CC list for the bug.