Advisories » MGASA-2017-0146

Updated perl-CGI-Emulate-PSGI packages fix security vulnerability

Publication date: 26 May 2017
Modification date: 26 May 2017
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-5387

Description

This update removes the setting of the HTTP_PROXY environment value. This
works around the httproxy vulnerability (aka CVE-2016-5387)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=19168
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPQAPWQA774JPDRV4UIB2SZAX6D3UZCV/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5387

SRPMS

5/core

• perl-CGI-Emulate-PSGI-0.200.0-5.1.mga5