Beefy Boxes and Bandwidth Generously Provided by pair Networks
The stupid question is the question not asked

Serious vulnerability in Spreadsheet::ParseExcel (SOLVED)

by Cody Fendant (Hermit)
on Jan 03, 2024 at 19:51 UTC ( [id://11156659] : perlnews . print w/replies, xml ) Need Help??

A serious vulnerability in Spreadsheet::ParseExcel has been announced.

“This library is used by the Amavis virus scanner that runs on Barracuda ESG appliances. An attacker can trigger the vulnerability to execute arbitrary code on vulnerable ESG appliances through parameter injection.”

No mention of specific version numbers or of response from the Perl community in any way. What would we expect to happen in a situation like this?

  • Comment on Serious vulnerability in Spreadsheet::ParseExcel (SOLVED)

Replies are listed 'Best First'.
Re: Serious vulnerability in Spreadsheet::ParseExcel
by pryrt (Abbot) on Jan 03, 2024 at 19:59 UTC

      Thanks! My fault for not checking.

      It would be good if there was an update to stories about the problem mentioning that.

        Please edit the root post and add (SOLVED) to the title to avoid unnecessary panic.

        Cheers Rolf
        (addicted to the Perl Programming Language :)
        see Wikisyntax for the Monastery