oss-sec mailing list archives
CVE Request: remote command-injection flaw in HTTP::Body::Multipart versions 1.08 and later
From: Murray McAllister <mmcallis () redhat com>
Date: Tue, 08 Oct 2013 12:27:44 +1100
Good morning,A remote command-injection flaw was reported in HTTP::Body::Multipart versions 1.08 and later:
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=721634 - https://rt.cpan.org/Public/Bug/Display.html?id=88342 - https://bugzilla.redhat.com/show_bug.cgi?id=1005669 The affected code is noted in the Debian bug report. Could a CVE please be assigned if one has not been already? Thanks, -- Murray McAllister / Red Hat Security Response Team
Current thread:
- CVE Request: remote command-injection flaw in HTTP::Body::Multipart versions 1.08 and later Murray McAllister (Oct 07)