| Package | libmodule-scandeps-perl |
|---|---|
| Version | 1.16-1+deb8u1 (jessie), 1.23-1+deb9u1 (stretch), 1.27-1+deb10u1 (buster) |
| Related CVEs | CVE-2024-10224 |
The Qualys Threat Research Unit discovered that libmodule-scandeps-perl, a Perl module to recursively scan Perl code for dependencies, allows an attacker to execute arbitrary shell commands via specially crafted file names.
Details can be found in the Qualys advisory at https://www.qualys.com/2024/11/19/needrestart/needrestart.txt
For Debian 10 buster, these problems have been fixed in version 1.27-1+deb10u1.
For Debian 8 jessie, these problems have been fixed in version 1.16-1+deb8u1.
For Debian 9 stretch, these problems have been fixed in version 1.23-1+deb9u1.
We recommend that you upgrade your libmodule-scandeps-perl packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.