Updated perl-Dancer package fixes CVE-2012-5572
Publication date: 26 Jun 2013Modification date: 26 Jun 2013
Type: security
Affected Mageia releases : 2 , 3
CVE: CVE-2012-5572
Description
A security flaw was found in the way Dancer.pm, lightweight yet powerful web application framework / Perl language module, performed sanitization of values to be used for cookie() and cookies() methods. A remote attacker could use this flaw to inject arbitrary headers into responses from (Perl) applications, that use Dancer.pm (CVE-2012-5572).
References
SRPMS
2/core
- perl-Dancer-1.311.500-1.mga2
3/core
- perl-Dancer-1.311.500-1.mga3