Bug#754834: squeeze-pu: package libdbi-perl/1.612-1+deb6u1
Control: tags -1 + confirmed
On Mon, 2014-07-14 at 22:14 +0200, Salvatore Bonaccorso wrote:
> This is the corresponding proposed update for libdbi-perl as for
> wheezy, see [1], in case I'm still in time for squeeze-pu. Attached is
> proposed debdiff for squeeze. libplrpc-perl was removed from the
> archive for unstable[1] as it uses Storable in an unsafe way, leading
> to a remote code execution vulnerability. The idea is to also drop
> libplrpc-perl from squeeze. As first step again the dependency needs
> to be removed from libdbi-perl.
>
> [1] https://bugs.debian.org/751527
As mentioned on IRC, I think we should get this sorted for Squeeze,
despite being after the window officially closed. Please go ahead;
thanks.
I'll clone the libplrpc-perl wheezy bug for squeeze.
Regards,
Adam
Reply to: