Date: Thu, 27 Aug 1998 23:28:43 +0200 From: Martin Schulze <joey@kuolema.Infodrom.North.DE> To: Debian Security Announcements <debian-security-announce@lists.debian.org> Subject: [SECURITY] New versions of eperl fixes security drift --a8Wt8u1KmwUX3Y2C Content-Type: text/plain; charset=us-ascii We have received a report from Tiago Luz Pinto that the eperl package included in 2.0 misinterprets ISINDEX queries. This can lead to arbitrary Perl code being executed on the server. We recommend you upgrade your eperl package immediately. dpkg -i file.deb will install the referenced file. Debian GNU/Linux 2.0 alias hamm ------------------------------- This version of Debian were released only for the Intel and the Motorola 68xxx architecture. Intel architecture: ftp://ftp.debian.org/debian/dists/stable-updates/eperl_2.2.14-0.2_i386.deb MD5 checksum: 4393403a03aa1d1b7969d83501c092b8 Motorola 68xxx architecture: ftp://ftp.debian.org/debian/dists/stable-updates/eperl_2.2.14-0.2_m68k.deb MD5 checksum: 9b914ca5f31bc4625d53643155a81f0f These files will be moved into ftp://ftp.debian.org/debian/dists/hamm/binary-$arch/ soon. For other architectures please refer to the appropriate directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ . -- Debian GNU/Linux . Security Managers . security@debian.org debian-security-announce@lists.debian.org Christian Hudon <chrish@debian.org> . Martin Schulze <joey@debian.org> --a8Wt8u1KmwUX3Y2C Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: 2.6.3ia iQCUAwUBNeXPixRNm5Suj3z1AQEgbgP4vosjRjIN3dmgwzFUZSIfCe9TXaI8IP+i mymI2QzCYE1ELSDvB6gSecdQQ6JbvcnVbOS9m0eZOV2GyteuU8xIc0NTqAh0MCtd GeMA1yvBLS42kaILlGlH/okVCJvaqQqLyohLSHf+t4aYuP95KYMtTPRBvRrJQdpu 4Aolvsqoqg== =AR67 -----END PGP SIGNATURE----- --a8Wt8u1KmwUX3Y2C-- -- To UNSUBSCRIBE, email to debian-security-announce-request@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org