![[LWN Logo]](/images/lwn.banner.gif)
Date: Thu, 27 Aug 1998 23:28:43 +0200
From: Martin Schulze <joey@kuolema.Infodrom.North.DE>
To: Debian Security Announcements <debian-security-announce@lists.debian.org>
Subject: [SECURITY] New versions of eperl fixes security drift
--a8Wt8u1KmwUX3Y2C
Content-Type: text/plain; charset=us-ascii
We have received a report from Tiago Luz Pinto that the eperl package
included in 2.0 misinterprets ISINDEX queries. This can lead to
arbitrary Perl code being executed on the server.
We recommend you upgrade your eperl package immediately.
dpkg -i file.deb
will install the referenced file.
Debian GNU/Linux 2.0 alias hamm
-------------------------------
This version of Debian were released only for the Intel and the
Motorola 68xxx architecture.
Intel architecture:
ftp://ftp.debian.org/debian/dists/stable-updates/eperl_2.2.14-0.2_i386.deb
MD5 checksum: 4393403a03aa1d1b7969d83501c092b8
Motorola 68xxx architecture:
ftp://ftp.debian.org/debian/dists/stable-updates/eperl_2.2.14-0.2_m68k.deb
MD5 checksum: 9b914ca5f31bc4625d53643155a81f0f
These files will be moved into
ftp://ftp.debian.org/debian/dists/hamm/binary-$arch/ soon.
For other architectures please refer to the appropriate directory
ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ .
--
Debian GNU/Linux . Security Managers . security@debian.org
debian-security-announce@lists.debian.org
Christian Hudon <chrish@debian.org> . Martin Schulze <joey@debian.org>
--a8Wt8u1KmwUX3Y2C
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
iQCUAwUBNeXPixRNm5Suj3z1AQEgbgP4vosjRjIN3dmgwzFUZSIfCe9TXaI8IP+i
mymI2QzCYE1ELSDvB6gSecdQQ6JbvcnVbOS9m0eZOV2GyteuU8xIc0NTqAh0MCtd
GeMA1yvBLS42kaILlGlH/okVCJvaqQqLyohLSHf+t4aYuP95KYMtTPRBvRrJQdpu
4Aolvsqoqg==
=AR67
-----END PGP SIGNATURE-----
--a8Wt8u1KmwUX3Y2C--
--
To UNSUBSCRIBE, email to debian-security-announce-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org