You are viewing a plain text version of this content. The canonical link for it is here.

Posted to modperl-cvs@perl.apache.org by ge...@apache.org on 2007/03/23 16:48:03 UTC

svn commit: r521778 - /perl/modperl/branches/1.x/Changes

Author: geoff
Date: Fri Mar 23 08:48:02 2007
New Revision: 521778

URL: http://svn.apache.org/viewvc?view=rev&rev=521778
Log:
add in cve security reference

Modified:
    perl/modperl/branches/1.x/Changes

Modified: perl/modperl/branches/1.x/Changes
URL: http://svn.apache.org/viewvc/perl/modperl/branches/1.x/Changes?view=diff&rev=521778&r1=521777&r2=521778
==============================================================================
--- perl/modperl/branches/1.x/Changes (original)
+++ perl/modperl/branches/1.x/Changes Fri Mar 23 08:48:02 2007
@@ -10,7 +10,10 @@
 
 =item 1.30_01-dev
 
-fix unescaped variable interpolation in regular expression
+SECURITY: CVE-2007-1349 (cve.mitre.org)
+fix unescaped variable interpolation in Apache::PerlRun
+regular expression to prevent regex engine tampering.
+reported by Alex Solovey
 [Randal L. Schwartz <me...@stonehenge.com>, Fred Moyer <fr...@redhotpenguin.com>]
 
 Pull in the new Apache-SizeLimit from