From 3cd0d0cbeb06d6d39564f6d837bad276cfed55d4 Mon Sep 17 00:00:00 2001
From: Reed Loden <reed@reedloden.com>
Date: Wed, 10 Nov 2010 18:08:54 -0800
Subject: Bug 591165: (CVE-2010-2761) [SECURITY] Bump minimum required version
 of CGI.pm to v3.50 in order to address header injection vulnerability.
 [r=mkanat a=mkanat]

---
 Bugzilla/Install/Requirements.pm | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'Bugzilla/Install/Requirements.pm')

diff --git a/Bugzilla/Install/Requirements.pm b/Bugzilla/Install/Requirements.pm
index 0589c1a0f..d2bc9328b 100644
--- a/Bugzilla/Install/Requirements.pm
+++ b/Bugzilla/Install/Requirements.pm
@@ -94,9 +94,9 @@ sub REQUIRED_MODULES {
     {
         package => 'CGI.pm',
         module  => 'CGI',
-        # 3.49 fixes a problem with operating Bugzilla behind a proxy.
-        # (bug 509303)
-        version => '3.49',
+        # 3.50 fixes a security problem that affects Bugzilla.
+        # (bug 591165)
+        version => '3.50',
     },
     {
         package => 'Digest-SHA',
-- 
cgit v1.2.3-24-g4f1b