Bug#574067: CVE-2010-0044 cookie weakness

gregor herrmann gregoa at debian.org
Tue Mar 16 16:18:33 UTC 2010


On Mon, 15 Mar 2010 22:39:21 -0400, Michael Gilbert wrote:

> the following CVE (Common Vulnerabilities & Exposures) id was
> published for safari.  I'm not sure if their version of pubsub relates
> to this package, but it should be checked.  If it does not, please
> close the bug.  Thanks.

I don't see anything related to web cookies in
POE::Component::PubSub.

From the POD:

NAME
       POE::Component::PubSub - A publish/subscribe component for the POE framework

DESCRIPTION
       POE::Component::PubSub provides a publish/subscribe mechanism for the POE framework allowing
       sessions to publish events and to also subscribe to those events. Firing a published event posts an
       event to each subscriber of that event. Publication and subscription can also be managed from an
       external session, but defaults to using the SENDER where possible.

If I understand this correctly the module is about communicating
between various POE components.

"grep -ir cookie ." shows nothing, the only dependencies are on
Moose(X) anad POE(x) stuff.

Cheers,
gregor

-- 
 .''`.   http://info.comodo.priv.at/ -- GPG Key IDs: 0x8649AA06, 0x00F3CFE4
 : :' :  Debian GNU/Linux user, admin, & developer - http://www.debian.org/
 `. `'   Member of VIBE!AT & SPI, fellow of Free Software Foundation Europe
   `-    NP: Cat Stevens: Tuesdays Dead
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-perl-maintainers/attachments/20100316/6331aa26/attachment.pgp>


More information about the pkg-perl-maintainers mailing list