Bug#810799: closed by Niko Tyni <ntyni at debian.org> (Bug#810799: fixed in libcgi-session-perl 4.48-1+deb8u1)
Chris Boot
crb at tiger-computing.co.uk
Mon Jan 25 09:17:38 UTC 2016
Hi all,
Thanks for pushing out the fix with the point release. Unfortunately, it
seems that the fix doesn't help for TWiki, although it does help the
test case pass.
I'll see if I can come up with a new test case that demonstrates the
issue we're seeing. For now, I have resolved this by un-tainting the
$sid in CGI::Session::Driver::file::_file again.
I haven't explicitly re-opened this bug because I'm not sure whether
that's appropriate in this case.
Thanks,
Chris
--
Chris Boot
Tiger Computing Ltd
IS27001:2013 Certified
Tel: 01600 483 484
Web: https://www.tiger-computing.co.uk
Registered in England. Company number: 3389961
Registered address: Wyastone Business Park,
Wyastone Leys, Monmouth, NP25 3SR
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 949 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-perl-maintainers/attachments/20160125/55a0bf13/attachment.sig>
More information about the pkg-perl-maintainers
mailing list