From 3cd0d0cbeb06d6d39564f6d837bad276cfed55d4 Mon Sep 17 00:00:00 2001 From: Reed Loden Date: Wed, 10 Nov 2010 18:08:54 -0800 Subject: Bug 591165: (CVE-2010-2761) [SECURITY] Bump minimum required version of CGI.pm to v3.50 in order to address header injection vulnerability. [r=mkanat a=mkanat] --- Bugzilla/Install/Requirements.pm | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Bugzilla/Install/Requirements.pm b/Bugzilla/Install/Requirements.pm index 0589c1a0f..d2bc9328b 100644 --- a/Bugzilla/Install/Requirements.pm +++ b/Bugzilla/Install/Requirements.pm @@ -94,9 +94,9 @@ sub REQUIRED_MODULES { { package => 'CGI.pm', module => 'CGI', - # 3.49 fixes a problem with operating Bugzilla behind a proxy. - # (bug 509303) - version => '3.49', + # 3.50 fixes a security problem that affects Bugzilla. + # (bug 591165) + version => '3.50', }, { package => 'Digest-SHA', -- cgit v1.2.3-24-g4f1b