tag 644149 + pending tag 644147 + pending thanks On Tue, 2011-10-04 at 21:33 +0100, Adam D. Barratt wrote: > On Mon, 2011-10-03 at 12:29 +0200, Ansgar Burchardt wrote: > > the last upstream release of libdigest-perl (1.17) contains a fix for an > > unsafe use of eval[1]: the argument to Digest->new($algo) was not > > checked properly allowing code injection (in case the value can be > > changed by the attacker). Versions in both lenny and squeeze are > > affected. > > Please go ahead with both uploads; thanks.
For the record, both uploads have now been accepted; thanks. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1318362252.25039.21.ca...@hathi.jungle.funky-badger.org
