commit 206c51685b651ad026a230ad323aa2029129f604
Author: Petr Písař <ppisar@xxxxxxxxxx>
Date: Fri Nov 16 09:34:34 2012 +0100
Bug #876974 is known as CVE-2012-5526
perl-CGI.spec | 8 ++++++--
1 files changed, 6 insertions(+), 2 deletions(-)
---
diff --git a/perl-CGI.spec b/perl-CGI.spec
index 3e5a320..dafa504 100644
--- a/perl-CGI.spec
+++ b/perl-CGI.spec
@@ -1,11 +1,11 @@
Name: perl-CGI
Summary: Handle Common Gateway Interface requests and responses
Version: 3.51
-Release: 5%{?dist}
+Release: 6%{?dist}
License: GPL+ or Artistic
Group: Development/Libraries
Source0: http://search.cpan.org/CPAN/authors/id/M/MA/MARKSTOS/CGI.pm-%{version}.tar.gz
-# RHBZ #876974
+# CVE-2012-5526, RHBZ #876974
Patch0: CGI-3.51-escape_new_lines_in_cookies.patch
URL: http://search.cpan.org/dist/CGI
Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version))
@@ -75,6 +75,10 @@ rm -rf %{buildroot}
%{_mandir}/man3/*.3*
%changelog
+* Fri Nov 16 2012 Petr Pisar <ppisar@xxxxxxxxxx> - 3.51-6
+- Improper new-line escaping in Set-Cookie and P3P headers is known as
+ CVE-2012-5526 (bug #876974)
+
* Thu Nov 15 2012 Petr Pisar <ppisar@xxxxxxxxxx> - 3.51-5
- Escape new-lines in Set-Cookie and P3P response headers properly (bug #876974)
--
Fedora Extras Perl SIG
http://www.fedoraproject.org/wiki/Extras/SIGs/Perl
perl-devel mailing list
perl-devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/perl-devel
