Mandriva Update For Perl-CGI MDVSA-2010:237 (perl-CGI) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

A new version of the CGI Perl module has been released to CPAN, which fixes several security bugs which directly affect Bugzilla (these two security bugs where first discovered as affecting Bugzilla, then identified as being bugs in CGI.pm itself). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&amp products_id=490 The updated packages have been upgraded to perl-CGI 3.50 to solve these security issues.

Affected

perl-CGI on Mandriva Linux 2009.0, Mandriva Linux 2009.0/X86_64, Mandriva Linux 2010.0, Mandriva Linux 2010.0/X86_64, Mandriva Linux 2010.1, Mandriva Linux 2010.1/X86_64, Mandriva Enterprise Server 5, Mandriva Enterprise Server 5/X86_64

Severity

Classification

CVE CVE-2010-2761, CVE-2010-4410

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:172 (dhcp)
Mandrake Security Advisory MDVSA-2009:170 (initscripts)
Mandrake Security Advisory MDVSA-2009:038 (blender)
Mandrake Security Advisory MDVSA-2009:033 (sudo)
Mandrake Security Advisory MDVSA-2009:193 (ruby)

Mandriva Update for perl-CGI MDVSA-2010:237 (perl-CGI)

Take action and discover your vulnerabilities