tag 694279 fixed-upstream thanks On Sun, Nov 25, 2012 at 12:49:25AM +0100, Salvatore Bonaccorso wrote: > Package: libdancer-perl > Severity: important > Tags: security
> Similar to #693421, CVE-2012-5526 it was reported[1] that > libdancer-perl's Dancer::Cookie also do not validate cookie name for > CRLF and other invalid symbols in headers. A patch however does not > seem to be present so far. This seems to have been fixed upstream recently. https://github.com/PerlDancer/Dancer/issues/859 The Fedora bug may also be helpful, see https://bugzilla.redhat.com/show_bug.cgi?id=880329 -- Niko Tyni nt...@debian.org -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
