You are here
Home > Preporuke > Ranjivost programskog paketa perl-Data-Dumper

Ranjivost programskog paketa perl-Data-Dumper

  • Detalji os-a: FED
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2014-09-25 09:35:23

Name : perl-Data-Dumper
Product : Fedora 20
Version : 2.154
Release : 1.fc20
Summary : Stringify perl data structures, suitable for printing and eval
Description :
Given a list of scalars or reference variables, writes out their contents
in perl syntax. The references can also be objects. The content of each
variable is output in a single Perl statement. Handles self-referential
structures correctly.

Update Information:

This release fixes CVE-2014-4330 (limit recursion when dumping deep data structures) and othe small glitches.

* Fri Sep 19 2014 Petr Pisar <> – 2.154-1
– 2.154 bump (fixes CVE-2014-4330 (limit recursion when dumping deep data
* Mon Mar 10 2014 Petr Pisar <> – 2.151-1
– 2.151 bump

[ 1 ] Bug #1139700 – CVE-2014-4330 perl-Data-Dumper: deep recursion stack overflow

This update can be installed with the “yum” update program. Use
su -c ‘yum update perl-Data-Dumper’ at the command line.
For more information, refer to “Managing Software with yum”,
available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list

AutorTomislav Protega
Cert idNCERT-REF-2014-09-0041-ADV
ID izvornikaFEDORA-2014-11453
More in Preporuke
Sigurnosni nedostaci programskog paketa libvncserver

Otkriveni su sigurnosni nedostaci u programskom paketu libvncserver za operacijski sustav Fedora. Otkriveni nedostaci potencijalnim napadačima omogućuju izvršavanje proizvoljnog programskog...