Re: libcgi-application-plugins-perl for lenny r1? (fwd)
Jaldhar H. Vyas wrote:
> I thought I had sent this out a couple of days ago but apparently not
> but in case you are seeing this twice, sorry. Oh and please Cc me on
> replies.
>
>> Bug #470890 reported that the CGI::Application::Plugin::ActionDispatch
>> perl module in libcgi-application-plugins-perl 0.10 from lenny
>> included Data::Dumper output which could potentially leak database
>> DSNs or other private information. Thus the bug submitter and I
>> decided it would be appropriate to change the severity to grave. The
>> problem does not exist in sid or squeeze which have newer versions or
>> in Etch which did not contain this module.
>>
>> I have prepared a fixed package which changes nothing except it
>> removes that
>> Data::Dumper call. I jumped the gun a little bit and uploaded
>> libcgi-application-plugins-perl_0.10+lenny1_i386.changes though I don't
>> seem to see it in incoming anymore. One thing about this package is
>> it contains tarballs within the source tarball so you can't just diff
>> it against the package in lenny. Sorry about that. But if you unpack
>> it you will see it it is the only thing I changed.
Ok, this should get in the first point release.
Cheers
Luk
Reply to: