diff options
author | lpsolit%gmail.com <> | 2008-04-08 18:07:23 +0200 |
---|---|---|
committer | lpsolit%gmail.com <> | 2008-04-08 18:07:23 +0200 |
commit | 1f2af64c1fb0d1a45d932c5708d0c53f03c89278 (patch) | |
tree | 9c19c3e718b86ab6ffe697ff1594482b804463ea | |
parent | d7b151f21a9d8faea0a34b7a8b73115c54475840 (diff) | |
download | bugzilla-1f2af64c1fb0d1a45d932c5708d0c53f03c89278.tar.gz bugzilla-1f2af64c1fb0d1a45d932c5708d0c53f03c89278.tar.xz |
Bug 416382: Adding an attachment with Perl 5.10 and CGI.pm < 3.33 throws a taint error - Patch by Frédéric Buclin <LpSolit@gmail.com> r/a=mkanat
-rw-r--r-- | Bugzilla/Install/Requirements.pm | 23 |
1 files changed, 15 insertions, 8 deletions
diff --git a/Bugzilla/Install/Requirements.pm b/Bugzilla/Install/Requirements.pm index 558db88e2..0bfa9ec87 100644 --- a/Bugzilla/Install/Requirements.pm +++ b/Bugzilla/Install/Requirements.pm @@ -54,11 +54,14 @@ use Bugzilla::Constants; # are 'blacklisted'--that is, even if the version is high enough, Bugzilla # will refuse to say that it's OK to run with that version. sub REQUIRED_MODULES { + my $perl_ver = sprintf('%vd', $^V); my @modules = ( { package => 'CGI', module => 'CGI', - version => '2.93' + # Perl 5.10 requires CGI 3.33 due to a taint issue when + # uploading attachments, see bug 416382. + version => (vers_cmp($perl_ver, '5.10') > -1) ? '3.33' : '2.93' }, { package => 'TimeDate', @@ -222,16 +225,20 @@ sub OPTIONAL_MODULES { version => '1.999022', feature => 'mod_perl' }, + ); + # Even very new releases of perl (5.8.5) don't come with this version, # so I didn't want to make it a general requirement just for # running under mod_cgi. - { - package => 'CGI', - module => 'CGI', - version => '3.11', - feature => 'mod_perl' - }, - ); + # If Perl 5.10 is installed, then CGI 3.33 is already required. So this + # check is only relevant with Perl 5.8.x. + my $perl_ver = sprintf('%vd', $^V); + if (vers_cmp($perl_ver, '5.10') < 0) { + push(@modules, { package => 'CGI', + module => 'CGI', + version => '3.11', + feature => 'mod_perl' }); + } my $all_modules = _get_extension_requirements( 'OPTIONAL_MODULES', \@modules); |