Date: Fri, 22 Aug 2003 10:11:07 +0800 (CST) From: Yen-Ming Lee <leeym@utopia.leeym.com> To: FreeBSD-gnats-submit@FreeBSD.org Cc: tobez@FreeBSD.org Subject: ports/55857: update port: www/p5-CGI.pm Message-ID: <20030822021107.7D21F3EA81A@utopia.leeym.com> Resent-Message-ID: <200308220220.h7M2K1To044400@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 55857 >Category: ports >Synopsis: update port: www/p5-CGI.pm >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Aug 21 19:20:00 PDT 2003 >Closed-Date: >Last-Modified: >Originator: Yen-Ming Lee >Release: FreeBSD 5.1-RELEASE-p2 i386 >Organization: >Environment: System: FreeBSD utopia.leeym.com 5.1-RELEASE-p2 FreeBSD 5.1-RELEASE-p2 #81: Tue Aug 19 06:09:56 CST 2003 root@utopia.leeym.com:/mnt/obj/usr/src/sys/UTOPIA i386 >Description: CGI.pm-2.99 escape the already-escaped string when dealing with the $action. It breaks all the ports depending on CGI.pm >How-To-Repeat: >Fix: --- p5-CGI.pm.diff begins here --- diff -ruN --exclude CVS /usr/ports/www/p5-CGI.pm/Makefile p5-CGI.pm/Makefile --- /usr/ports/www/p5-CGI.pm/Makefile Thu Aug 21 02:41:29 2003 +++ p5-CGI.pm/Makefile Fri Aug 22 09:51:39 2003 @@ -7,6 +7,7 @@ PORTNAME= CGI.pm PORTVERSION= 2.99 +PORTREVISION= 1 PORTEPOCH= 1 CATEGORIES= www perl5 MASTER_SITES= ${MASTER_SITE_PERL_CPAN} diff -ruN --exclude CVS /usr/ports/www/p5-CGI.pm/files/patch-blib::lib::CGI.pm p5-CGI.pm/files/patch-blib::lib::CGI.pm --- /usr/ports/www/p5-CGI.pm/files/patch-blib::lib::CGI.pm Thu Jan 1 08:00:00 1970 +++ p5-CGI.pm/files/patch-blib::lib::CGI.pm Fri Aug 22 09:55:13 2003 @@ -0,0 +1,11 @@ +--- CGI.pm.orig Fri Aug 22 09:50:10 2003 ++++ CGI.pm Fri Aug 22 09:50:39 2003 +@@ -1644,7 +1644,7 @@ + $action .= "?".$self->escapeHTML($ENV{QUERY_STRING},1); + } + } +- $action = escape($action); ++ $action = escapeHTML($action); + $action = qq(action="$action"); + my($other) = @other ? " @other" : ''; + $self->{'.parametersToAdd'}={}; --- p5-CGI.pm.diff ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030822021107.7D21F3EA81A>