Security Information / 2011 / Security Information -- DSA-2221-1 libmojolicious-perl

Debian Security Advisory

DSA-2221-1 libmojolicious-perl -- directory traversal

Date Reported:

19 Apr 2011

Affected Packages:

libmojolicious-perl

Vulnerable:

Yes

Security database references:

In the Debian bugtracking system: Bug 622952.
In Mitre's CVE dictionary: CVE-2011-1589.

More information:

Viacheslav Tykhanovskyi discovered a directory traversal vulnerability in Mojolicious, a Perl Web Application Framework.

The oldstable distribution (lenny) doesn't contain libmojolicious-perl.

For the stable distribution (squeeze), this problem has been fixed in version 0.999926-1+squeeze1.

For the unstable distribution (sid), this problem has been fixed in version 1.16-1.

We recommend that you upgrade your libmojolicious-perl packages.