You are viewing a plain text version of this content. The canonical link for it is here.
Posted to modperl-cvs@perl.apache.org by ge...@apache.org on 2007/03/23 16:48:03 UTC
svn commit: r521778 - /perl/modperl/branches/1.x/Changes
Author: geoff
Date: Fri Mar 23 08:48:02 2007
New Revision: 521778
URL: http://svn.apache.org/viewvc?view=rev&rev=521778
Log:
add in cve security reference
Modified:
perl/modperl/branches/1.x/Changes
Modified: perl/modperl/branches/1.x/Changes
URL: http://svn.apache.org/viewvc/perl/modperl/branches/1.x/Changes?view=diff&rev=521778&r1=521777&r2=521778
==============================================================================
--- perl/modperl/branches/1.x/Changes (original)
+++ perl/modperl/branches/1.x/Changes Fri Mar 23 08:48:02 2007
@@ -10,7 +10,10 @@
=item 1.30_01-dev
-fix unescaped variable interpolation in regular expression
+SECURITY: CVE-2007-1349 (cve.mitre.org)
+fix unescaped variable interpolation in Apache::PerlRun
+regular expression to prevent regex engine tampering.
+reported by Alex Solovey
[Randal L. Schwartz <me...@stonehenge.com>, Fred Moyer <fr...@redhotpenguin.com>]
Pull in the new Apache-SizeLimit from