https://bugzilla.redhat.com/show_bug.cgi?id=1051110 --- Comment #10 from pjp <pj.pandit@xxxxxxxxxxx> --- Hello Petr, (In reply to Petr Pisar from comment #9) > Which would be utterly wrong. Because it is fixed in Fedora ≥ 21. How is it fixed in >= F21? Comment #c5 above says 'perl-PlRPC' package has been retired from F21 onwards; And perl-DBI has been fixed to not depend on it. -> http://pkgs.fedoraproject.org/cgit/perl-PlRPC.git/ -> https://admin.fedoraproject.org/pkgdb/package/perl-PlRPC/ There are no >= F21 branches for perl-PlRPC. > So WONTFIX does not apply here. Current state is more like NEXTRELEASE. > which changes on the December 9th when CURRENTRELEASE would appropriate. There is no 'perl-PlRPC' package in NEXTRELEASE. > Also because this is a security bug, you cannot close it as WONTFIX. You > have to keep it open until the latest supported Fedora release expires. That makes no sense. IMO, keeping a bug open knowing that it is not going to be fixed at all is wrong. Comment #4 above says ... there is no way how to fix this vulnerability, -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=Pd3JW4upHc&a=cc_unsubscribe -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/perl-devel
