Package: perl Version: 5.10.0-19 Severity: grave Tags: security Justification: user security hole
A security vulnverability was found in Compress::Raw::Zlib: Compress::Raw::Zlib versions before 2.017 contain a buffer overflow in inflate(). A badly formed zlib-stream can trigger this buffer overflow and cause the perl process at least to hang or to crash. This causes a remote DoS in amavisd-new. The perl package in lenny and sid contains Compress::Raw::Zlib 2.008. There is also a separate package libcompress-raw-zlib-perl More information can be found at https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-1391 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
