Reference proposed fix for CVE-2014-10401/libdbi-perl

author: Salvatore Bonaccorso <carnil@debian.org> 2020-10-06 22:18:19 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2020-10-06 22:18:19 +0200
commit: b9a1b3a4f1006c85ac4842691742775e1279c528 (patch)
tree: 38c28a9a915e353301705a2c6eea231aa6379f4b /data/CVE/list.2014
parent: 65243c1a1aa1aa3105fbf2f00c8e8ace1c6d2c5e (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/data/CVE/list.2014 b/data/CVE/list.2014
index 3a787e9538..cad9f8cf55 100644
--- a/data/CVE/list.2014
+++ b/data/CVE/list.2014
@@ -7,6 +7,7 @@ CVE-2014-10401 (An issue was discovered in the DBI module before 1.632 for Perl.
 	- libdbi-perl 1.633-1
 	NOTE: https://github.com/perl5-dbi/dbi/commit/caedc0d7d602f5b2ae5efc1b00f39efeafb7b05a
 	NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=99508
+	NOTE: Proposed fix: https://github.com/perl5-dbi/dbi/pull/93
 CVE-2014-10400 (The session.lua library in CGILua 5.0.x uses sequential session IDs, w ...)
 	- lua-cgi <not-affected> (session generation changed in 5.1.x, cf. CVE-2014-10399)
 	NOTE: https://seclists.org/fulldisclosure/2014/Apr/318
author	Salvatore Bonaccorso <carnil@debian.org>	2020-10-06 22:18:19 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2020-10-06 22:18:19 +0200
commit	b9a1b3a4f1006c85ac4842691742775e1279c528 (patch)
tree	38c28a9a915e353301705a2c6eea231aa6379f4b /data/CVE/list.2014
parent	65243c1a1aa1aa3105fbf2f00c8e8ace1c6d2c5e (diff)