[ MDVSA-2014:199 ] perl

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2014:199
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : perl
 Date    : October 21, 2014
 Affected: Business Server 1.0
 _______________________________________________________________________

 Problem Description:

 Updated perl and perl-Data-Dumper packages fixes security
 vulnerability:
 
 The Dumper method in Data::Dumper before 2.154, allows
 context-dependent attackers to cause a denial of service (stack
 consumption and crash) via an Array-Reference with many nested
 Array-References, which triggers a large number of recursive calls
 to the DD_dump function (CVE-2014-4330).
 
 The Data::Dumper module bundled with perl and the perl-Data-Dumper
 packages has been updated to fix this issue.
 ________________________________________________

007 Software

[ MDVSA-2014:199 ] perl

Leave a Reply Cancel reply

Software and Security Information