summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorReed Loden <reed@reedloden.com>2010-11-11 03:08:54 +0100
committerReed Loden <reed@reedloden.com>2010-11-11 03:08:54 +0100
commit3cd0d0cbeb06d6d39564f6d837bad276cfed55d4 (patch)
treeaafd53b9477bc05d37fda7171398dbcfdde224b4
parentc24a113a529fe83c35112d785c52c6392a8e074a (diff)
downloadbugzilla-3cd0d0cbeb06d6d39564f6d837bad276cfed55d4.tar.gz
bugzilla-3cd0d0cbeb06d6d39564f6d837bad276cfed55d4.tar.xz
Bug 591165: (CVE-2010-2761) [SECURITY] Bump minimum required version of CGI.pm to v3.50 in order to address header injection vulnerability.
[r=mkanat a=mkanat]
-rw-r--r--Bugzilla/Install/Requirements.pm6
1 files changed, 3 insertions, 3 deletions
diff --git a/Bugzilla/Install/Requirements.pm b/Bugzilla/Install/Requirements.pm
index 0589c1a0f..d2bc9328b 100644
--- a/Bugzilla/Install/Requirements.pm
+++ b/Bugzilla/Install/Requirements.pm
@@ -94,9 +94,9 @@ sub REQUIRED_MODULES {
{
package => 'CGI.pm',
module => 'CGI',
- # 3.49 fixes a problem with operating Bugzilla behind a proxy.
- # (bug 509303)
- version => '3.49',
+ # 3.50 fixes a security problem that affects Bugzilla.
+ # (bug 591165)
+ version => '3.50',
},
{
package => 'Digest-SHA',