We have received a report from Tiago Luz Pinto that the eperl package
included in 2.0 misinterprets ISINDEX queries. This can lead to
arbitrary Perl code being executed on the server.
We recommend you upgrade your eperl package immediately.
dpkg -i file.deb
will install the referenced file.
Debian GNU/Linux 2.0 alias hamm
-------------------------------
This version of Debian were released only for the Intel and the
Motorola 68xxx architecture.
Intel architecture:
ftp://ftp.debian.org/debian/dists/stable-updates/eperl_2.2.14-0.2_i386.deb
MD5 checksum: 4393403a03aa1d1b7969d83501c092b8
Motorola 68xxx architecture:
ftp://ftp.debian.org/debian/dists/stable-updates/eperl_2.2.14-0.2_m68k.deb
MD5 checksum: 9b914ca5f31bc4625d53643155a81f0f
These files will be moved into
ftp://ftp.debian.org/debian/dists/hamm/binary-$arch/ soon.
For other architectures please refer to the appropriate directory
ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ .
--
Debian GNU/Linux . Security Managers . security@debian.org
debian-security-announce@lists.debian.org
Christian Hudon <chrish@debian.org> . Martin Schulze <joey@debian.org>
Attachment:
pgpo7NiasGX41.pgp
Description: PGP signature