Bug 591165: (CVE-2010-2761) [SECURITY] Bump minimum required version of CGI.pm to...

author Reed Loden <reed@reedloden.com>

Thu, 11 Nov 2010 02:11:10 +0000 (18:11 -0800)

committer Reed Loden <reed@reedloden.com>

Thu, 11 Nov 2010 02:11:10 +0000 (18:11 -0800)
author Reed Loden <reed@reedloden.com>
Thu, 11 Nov 2010 02:11:10 +0000 (18:11 -0800)
committer Reed Loden <reed@reedloden.com>
Thu, 11 Nov 2010 02:11:10 +0000 (18:11 -0800)
diff --git a/Bugzilla/Install/Requirements.pm b/Bugzilla/Install/Requirements.pm

index bb078e9b9f16739e8597e961336f43638c1cfc0e..8a7939afbb76a65aca31e154b74d3127e7f075ed 100644 (file)
--- a/Bugzilla/Install/Requirements.pm
+++ b/Bugzilla/Install/Requirements.pm
@@ -66,12 +66,9 @@ sub REQUIRED_MODULES {
      {
          package => 'CGI.pm',
          module  => 'CGI',
-        # Perl 5.10 requires CGI 3.33 due to a taint issue when
-        # uploading attachments, see bug 416382.
-        # Require CGI 3.21 for -httponly support, see bug 368502.
-        version => (vers_cmp($perl_ver, '5.10') > -1) ? '3.33' : '3.21',
-        # CGI::Carp in 3.46 and 3.47 breaks Template Toolkit
-        blacklist => ['^3\.46$', '^3\.47$'],
+        # 3.50 fixes a security problem that affects Bugzilla.
+        # (bug 591165)
+        version => '3.50',
      },
      {
          package => 'Digest-SHA',
author	Reed Loden <reed@reedloden.com>
	Thu, 11 Nov 2010 02:11:10 +0000 (18:11 -0800)
committer	Reed Loden <reed@reedloden.com>
	Thu, 11 Nov 2010 02:11:10 +0000 (18:11 -0800)