perl-FCGI:0.78 security update
エラータID: AXSA:2025-10017:01
The perl-FCGI package provides a Perl module for writing FastCGI applications.
FastCGI is a more efficient alternative to traditional CGI, as it keeps
application processes persistent across multiple requests. This module allows
Perl web applications to handle requests faster and with lower resource
overhead, making it suitable for high-traffic environments.
Security Fix(es):
* perl-fcgi: FCGI versions 0.44 through 0.82, for Perl, include a vulnerable
version of the FastCGI fcgi2 (aka fcgi) library (CVE-2025-40907)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.
CVE-2025-40907
FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the
FastCGI fcgi2 (aka fcgi) library. The included FastCGI library is affected by
CVE-2025-23016, causing an integer overflow (and resultant heap-based buffer
overflow) via crafted nameLen or valueLen values in data to the IPC socket. This
occurs in ReadParams in fcgiapp.c.
Modularity name: "perl-FCGI"
Stream name: "0.78"
Update packages.
FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka fcgi) library. The included FastCGI library is affected by CVE-2025-23016, causing an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c.
N/A
SRPMS
- perl-FCGI-0.78-12.module+el8+1885+d7384147.src.rpm
MD5: 7bef3a3dd7d68c8e0e5f6870385e260d
SHA-256: b71bf57b7c568c4a86c5fff6ce836958378c7f88a06be4607c4fd42019cbbb3c
Size: 106.33 kB
Asianux Server 8 for x86_64
- perl-FCGI-0.78-12.module+el8+1885+d7384147.x86_64.rpm
MD5: d14dcaecfc260567fe65de7672823083
SHA-256: 89db93c533a4919f217923a1755b7b7392748d242c5f16880ede6bdc0068869a
Size: 48.29 kB - perl-FCGI-debugsource-0.78-12.module+el8+1885+d7384147.x86_64.rpm
MD5: 4dc42783f5e5a9496f1710f8f004fd8b
SHA-256: 927d94e09a6bc7e7146ad186b857e607a3ded351818a3cd56c48e6e093880019
Size: 43.54 kB