[perl-CGI/f16] 3.52 bump to fix CVE-2012-5526
Petr Pisar
ppisar at fedoraproject.org
Mon Nov 26 14:31:35 UTC 2012
commit 2e05079f215ab2f2c3a9d804461f780c8274a728
Author: Petr Písař <ppisar at redhat.com>
Date: Mon Nov 26 15:02:09 2012 +0100
3.52 bump to fix CVE-2012-5526
.gitignore | 1 +
...n_cookies.patch => CGI-3.51-CVE-2012-5526.patch | 0
perl-CGI.spec | 11 ++++++++---
sources | 2 +-
4 files changed, 10 insertions(+), 4 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index 879a835..3db305c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,3 @@
/CGI.pm-3.50.tar.gz
/CGI.pm-3.51.tar.gz
+/CGI.pm-3.52.tar.gz
diff --git a/CGI-3.51-escape_new_lines_in_cookies.patch b/CGI-3.51-CVE-2012-5526.patch
similarity index 100%
rename from CGI-3.51-escape_new_lines_in_cookies.patch
rename to CGI-3.51-CVE-2012-5526.patch
diff --git a/perl-CGI.spec b/perl-CGI.spec
index dafa504..e4e079e 100644
--- a/perl-CGI.spec
+++ b/perl-CGI.spec
@@ -1,12 +1,12 @@
Name: perl-CGI
Summary: Handle Common Gateway Interface requests and responses
-Version: 3.51
-Release: 6%{?dist}
+Version: 3.52
+Release: 203%{?dist}
License: GPL+ or Artistic
Group: Development/Libraries
Source0: http://search.cpan.org/CPAN/authors/id/M/MA/MARKSTOS/CGI.pm-%{version}.tar.gz
# CVE-2012-5526, RHBZ #876974
-Patch0: CGI-3.51-escape_new_lines_in_cookies.patch
+Patch0: CGI-3.51-CVE-2012-5526.patch
URL: http://search.cpan.org/dist/CGI
Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version))
BuildArch: noarch
@@ -75,6 +75,11 @@ rm -rf %{buildroot}
%{_mandir}/man3/*.3*
%changelog
+* Mon Nov 26 2012 Petr Pisar <ppisar at redhat.com> - 3.52-203
+- 3.52 bump
+- Fix CVE-2012-5526 (escape new-lines in Set-Cookie and P3P response headers
+ properly (bug #876974)
+
* Fri Nov 16 2012 Petr Pisar <ppisar at redhat.com> - 3.51-6
- Improper new-line escaping in Set-Cookie and P3P headers is known as
CVE-2012-5526 (bug #876974)
diff --git a/sources b/sources
index 3fbe366..d83777a 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-53534654f745a1388bbda477022cf971 CGI.pm-3.51.tar.gz
+6ec43c8777713175e71ad9b19598899f CGI.pm-3.52.tar.gz
More information about the scm-commits
mailing list