-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3958-1 [email protected] https://www.debian.org/lts/security/ Salvatore Bonaccorso November 19, 2024 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : libmodule-scandeps-perl Version : 1.30-1+deb11u1 CVE ID : CVE-2024-10224 The Qualys Threat Research Unit discovered that libmodule-scandeps-perl, a Perl module to recursively scan Perl code for dependencies, allows an attacker to execute arbitrary shell commands via specially crafted file names. Details can be found in the Qualys advisory at https://www.qualys.com/2024/11/19/needrestart/needrestart.txt For Debian 11 bullseye, this problem has been fixed in version 1.30-1+deb11u1. We recommend that you upgrade your libmodule-scandeps-perl packages. For the detailed security status of libmodule-scandeps-perl please refer to its security tracker page at: https://security-tracker.debian.org/tracker/libmodule-scandeps-perl Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmc8wDFfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0SY3g/+LO1Q58f6syAhBMXE/8PzhoE9nz3FQ3Knc3Az7EBFbdWqSWkkbW4U+rmx K8IOx6wg9Wsy7dja/RzA84t9Uhz1sBbhg+ls7ffoxpA2zKM8lEBihgVZYqHV/Dxv c3txfVK10xibn/qrwH/AANS60X2cHCmbBG3YR92VojpcLS23mZPnIwjdTd9tXd7h LtORwLFURKfZa/G/126AWcGFb2q119Jg8McCPZx1CEidyIxSQlKfMGBXuj74WhqH LzpBjNkdBTGE9Yqz9ZoeplWYqJdDLxcVISzM9X1TL/6O6gd+ccJf62ltZcsquTfZ ulHFgtldfSEyOTePNmltBXhVhrE0aTqvbrhIw141CJHo5pBSy6KbrH15Xcij+5+c 56O1PaZJKcCgdTKuI8E6Y8v3QU8Bjv3+qXFrL6VbQkcBW43uffiz2VVQ41IEv8N7 Q4PTTUOmFL9Ps+1noGMrledyiniiWKgWiVFG35sTu6qBwWz8U6W40lpFtTVahwCJ mcq/KiRHv9OLABQor+q9cDefajfEwf5v6a90OuituBkIXTIuyLxRblbZeNQ4Zaeh vI2/LRSe7wBJR+bF1O4Cyy5fZF58pfe64g1A0DYu1pukzA3Jh0flAajxuj1TnHVD joF9cg2GAhoJ292CJbKeyYrCaKlagzCw2nnXAs2m+bwU4I3liKc= =kcFJ -----END PGP SIGNATURE-----
