Hi, It seems the security tracker is told that CVE-2011-4115 in package libparallel-forkmanager-perl is affecting squeeze/wheezy, but this is not true. Thing is, the problem with the insecure temporary files handling is introduced in version 0.7.6, and squeeze/wheezy ship 0.7.5. Later the problem is fixed in version 1.0.0 and instable has 1.02 (yes, version numbering scheme changed) and is ok. Some more information about the bug is available in upstream bug report at https://rt.cpan.org/Public/Bug/Display.html?id=68298 -- dam
Attachment:
signature.asc
Description: Digital signature