Bug#606370: CVE-2010-2761 CVE-2010-4410 CVE-2010-4411
Adam D. Barratt
adam at adam-barratt.org.uk
Fri Jan 14 13:08:37 UTC 2011
On Fri, January 14, 2011 11:40, Niko Tyni wrote:
> While preparing the perl lenny upload I had a look at this. I see Gregor
> used my proposed patch from 27 Dec [1]; however I later noticed at least
> the doc addition in CGI.pm is wrong [2].
>
> Upstream is going to change the documentation back rather than change
> the behaviour [3], so I don't think we should be including this change.
>
> While at it, I'm pretty sure the //s change in the previous hunk is a
> no-op (because the earlier change makes sure there are no newlines in
> @other) and I'm not including it with the perl uploads. Eyeballs welcome
> of course.
>
> So I'd like permission to upload libcgi-pm-perl 3.38-2lenny3 as seen in
> the attachments - the first one is the debdiff against 3.38-2lenny2 in
> proposed-updates, the second one is against 3.38-2lenny1 in stable.
Yes, that would be okay; thanks.
Regards,
Adam
More information about the pkg-perl-maintainers
mailing list