Package: libmojolicious-perl / 0.999926-1+squeeze2

Metadata

Package Version Patches format
libmojolicious-perl 0.999926-1+squeeze2 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
622952 path traversal vulnerability.patch | (download)

lib/Mojo/Path.pm | 5 4 + 1 - 0 !
t/mojo/path.t | 17 16 + 1 - 0 !
t/mojo/url.t | 4 2 + 2 - 0 !
3 files changed, 22 insertions(+), 4 deletions(-)

 
 fix path traversal security vulnerability
improve RFC3986 compliance of Mojo Path.patch | (download)

lib/Mojo/Path.pm | 7 5 + 2 - 0 !
t/mojo/url.t | 16 15 + 1 - 0 !
t/mojox/routes/routes.t | 6 3 + 3 - 0 !
3 files changed, 23 insertions(+), 6 deletions(-)

 
 improve rfc3986 compliance of mojo::path.
626135 fix xss issue in link_to helper.patch | (download)

lib/Mojolicious/Plugin/TagHelpers.pm | 3 2 + 1 - 0 !
1 file changed, 2 insertions(+), 1 deletion(-)

 
 fix xss issue in link_to helper
fix CVE 2010 4803.patch | (download)

lib/Mojo/ByteStream.pm | 94 76 + 18 - 0 !
t/mojo/bytestream.t | 86 77 + 9 - 0 !
2 files changed, 153 insertions(+), 27 deletions(-)

 
 fix not properly implemented hmac-md5 checksums. cve-2010-4803.
fix CVE 2010 4802.patch | (download)

lib/Mojo/Commands.pm | 5 4 + 1 - 0 !
1 file changed, 4 insertions(+), 1 deletion(-)

 
 try to fix broken cgi environment detection.
 CVE-CVE-2010-4802