FreeBSD Bugzilla – Bug 57391
CGI.pm in ports/lang/perl5* have a cross-site scripting vulneravility
Last modified: 2003-09-30 09:38:18 UTC
** THIS IS A REPOST OF PR bin/57323,
since I labelled wrong Category: line **
A cross-site scripting vulnerability is reported in CGI.pm.
All of the following are affected:
- 4.x base system's perl 5.005_03
- ports/japanese/perl5 (5.005_03 with Japanese patch)
- ports/lang/perl5 (5.6.1)
- ports/lang/perl5.8 (5.8.0)
I sent separate PRs for 4.x base system (PR bin/57321) and
Replace CGI.pm with a newer one, or install ports/www/p5-CGI.pm.
How-To-Repeat: See the exploit code at:
Over to maintainer
Sorry, I reposted this without checking that PRs bin/57322 and PR bin/57323
are renumbered as ports/57322 and ports/57323.
Therefore, PRs ports/57390 and ports/57391 are now just the duplicates.
Please close them and solve ports/57322 and ports/57323.
Fix committed, thanks!