Package name
perl-Dancer
Date
2013-06-27
Advisory ID
MDVSA-2013:184
Affected versions
MBS1 x86_64

Problem description

Updated perl-Dancer package fixes CVE-2012-5572

A security flaw was found in the way Dancer.pm, lightweight yet
powerful web application framework / Perl language module, performed
sanitization of values to be used for cookie() and cookies() methods. A
remote attacker could use this flaw to inject arbitrary headers into
responses from (Perl) applications, that use Dancer.pm (CVE-2012-5572).

Updated packages

MBS1 x86_64

 a9aa8893552f648169e67c94708bfe46  mbs1/x86_64/perl-Dancer-1.311.500-1.mbs1.noarch.rpm 
 b2651f0545832029623d15f903135f7b  mbs1/SRPMS/perl-Dancer-1.311.500-1.mbs1.src.rpm

References