|Description||Format string vulnerability in the log function in Net::Server 0.87 ...|
|Source||CVE (at NVD; oss-sec, OSVDB, EDB, Red Hat, Ubuntu, Gentoo, more)|
The table below lists information on source packages.
The information above is based on the following data on fixed versions.
|Package||Type||Release||Fixed Version||Urgency||Origin||Debian Bugs|
Net::Server was already fixed in 0.87-1, although the changelog doesn't mention the security implication, which was noticed later. I've verified both fixes are identical but DSA-1122 thinks it was fixed in 0.89-1, so mark that version to make scripts happy (at time of writing, 0.90-1 is in testing)
Home - Testing Security Team - Debian Security - Source (SVN)