Bug 591215 (CVE-2010-3438)
Summary: | CVE-2010-3438 perl-POE-Component-IRC: arbitrary IRC command execution due to insufficient stripping of CR/LF | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Vincent Danen <vdanen> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | cweyl, iarnell, perl-devel |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2010-12-17 06:08:44 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 591216, 594464 | ||
Bug Blocks: |
Description
Vincent Danen
2010-05-11 16:50:50 UTC
Created perl-POE-Component-IRC tracking bugs for this issue Affects: fedora-all [bug 591216] perl-POE-Component-IRC-6.14-2.fc13.1 has been submitted as an update for Fedora 13. http://admin.fedoraproject.org/updates/perl-POE-Component-IRC-6.14-2.fc13.1 perl-POE-Component-IRC-6.14-1.fc12.1 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/perl-POE-Component-IRC-6.14-1.fc12.1 perl-POE-Component-IRC-6.14-1.fc12.1 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report. perl-POE-Component-IRC-6.14-2.fc13.1 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report. This is fixed in all supported versions of Fedora. *** Bug 663801 has been marked as a duplicate of this bug. *** This is CVE-2010-3438. |