tag 644149 + lenny confirmed tag 644147 + squeeze confirmed thanks On Mon, 2011-10-03 at 12:29 +0200, Ansgar Burchardt wrote: > the last upstream release of libdigest-perl (1.17) contains a fix for an > unsafe use of eval[1]: the argument to Digest->new($algo) was not > checked properly allowing code injection (in case the value can be > changed by the attacker). Versions in both lenny and squeeze are > affected.
Please go ahead with both uploads; thanks. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1317760418.18800.4.ca...@hathi.jungle.funky-badger.org
