[Bug 1128979] perl-Plack: trailing slashes removed leading to source code disclosure [fedora-all]
bugzilla at redhat.com
bugzilla at redhat.com
Wed Aug 13 13:57:51 UTC 2014
https://bugzilla.redhat.com/show_bug.cgi?id=1128979
--- Comment #9 from Ralf Corsepius <rc040203 at freenet.de> ---
(In reply to Emmanuel Seyman from comment #8)
> (In reply to Ralf Corsepius from comment #7)
> >
> > No, it's an upstream requirement. Plack-1.0031 requires
> > perl(File::ShareDir::Install) >= 0.06
>
> Fixing this bug does not require updating perl-Plack to 1.0031. You can stay
> on 1.0030 and apply the patch that fixes the vulnerability.
Why should I? Just to push an update, which would be obsoleted at the time it
is released?
Let's take this thread to an end. I'll further on disgard it and further CVEs.
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=1zEUabq7aF&a=cc_unsubscribe
More information about the perl-devel
mailing list