Source: libnetwork-ipv4addr-perl X-Debbugs-CC: [email protected] Severity: normal Tags: security
Hi, The following vulnerability was published for libnetwork-ipv4addr-perl. CVE-2021-47155[0]: | The Net::IPV4Addr module 0.10 for Perl does not properly consider | extraneous zero characters in an IP address string, which (in some | situations) allows attackers to bypass access control that is based | on IP addresses. https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/#net-ipv4addrhttpsmetacpanorgreleasenet-ipv4addr If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2021-47155 https://www.cve.org/CVERecord?id=CVE-2021-47155 Please adjust the affected versions in the BTS as needed.

