Reference proposed fix for CVE-2014-10401/libdbi-perl

author: Salvatore Bonaccorso <carnil@debian.org> 2020-10-06 22:18:19 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2020-10-06 22:18:19 +0200
commit: 7bfc994f286673a696801f217b3e9a77e39088a4 (patch)
tree: 9c343c5bd66ebf97036464627a7b53f7e850d899 /data/CVE/2014.list
parent: 8a09ee0c22a03216caa752c05e78a611261c55f7 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/data/CVE/2014.list b/data/CVE/2014.list
index 3a787e9538..cad9f8cf55 100644
--- a/data/CVE/2014.list
+++ b/data/CVE/2014.list
@@ -7,6 +7,7 @@ CVE-2014-10401 (An issue was discovered in the DBI module before 1.632 for Perl.
 	- libdbi-perl 1.633-1
 	NOTE: https://github.com/perl5-dbi/dbi/commit/caedc0d7d602f5b2ae5efc1b00f39efeafb7b05a
 	NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=99508
+	NOTE: Proposed fix: https://github.com/perl5-dbi/dbi/pull/93
 CVE-2014-10400 (The session.lua library in CGILua 5.0.x uses sequential session IDs, w ...)
 	- lua-cgi <not-affected> (session generation changed in 5.1.x, cf. CVE-2014-10399)
 	NOTE: https://seclists.org/fulldisclosure/2014/Apr/318
author	Salvatore Bonaccorso <carnil@debian.org>	2020-10-06 22:18:19 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2020-10-06 22:18:19 +0200
commit	7bfc994f286673a696801f217b3e9a77e39088a4 (patch)
tree	9c343c5bd66ebf97036464627a7b53f7e850d899 /data/CVE/2014.list
parent	8a09ee0c22a03216caa752c05e78a611261c55f7 (diff)