Fedora 16 Update: perl-Dancer-1.3071-1.fc16

Sun Aug 28 05:22:26 UTC 2011

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-10634
2011-08-10 20:42:37
--------------------------------------------------------------------------------

Name        : perl-Dancer
Product     : Fedora 16
Version     : 1.3071
Release     : 1.fc16
URL         : http://search.cpan.org/dist/Dancer/
Summary     : Lightweight yet powerful web application framework
Description :
Dancer is a web application framework designed to be as effortless as
possible for the developer, taking care of the boring bits as easily as
possible, yet staying out of your way and letting you get on with writing
your code.

--------------------------------------------------------------------------------
Update Information:

1.3071     26.07.2011
    ** Security release based on 1.3070 **
    [ SECURITY ]
    * FIX directory traversal issue
      Since 1.3070, it was possible to abuse the static file serving feature to
      obtain files from a directory immediately above the directory configured to
      serve static files from.

Full log at:

http://cpansearch.perl.org/src/SUKRIA/Dancer-1.3071/CHANGES
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #729504 - perl-Dancer: please update to version 1.3071
        https://bugzilla.redhat.com/show_bug.cgi?id=729504
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update perl-Dancer' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------