[Rt-commit] rt branch, 4.0/fcgi-env-vulnerability, created. rt-4.0.6-126-gd99ae58
Alex Vandiver
alexmv at bestpractical.com
Thu May 24 21:44:52 EDT 2012
The branch, 4.0/fcgi-env-vulnerability has been created
at d99ae580f1ee7b67aa404adaea8d9af0e5ab14ec (commit)
- Log -----------------------------------------------------------------
commit d99ae580f1ee7b67aa404adaea8d9af0e5ab14ec
Author: Alex Vandiver <alexmv at bestpractical.com>
Date: Thu May 24 17:41:15 2012 -0400
Bump the FCGI dependency to one which closes FCGI's CVE-2011-2766
This commit, originally included as 8064158, fixed the dependency in
3.8.11; while it was subsequently merged into 4.0-trunk in 14eb138, this
hunk was mistakenly dropped as part of the merge. Re-include the
change; see 8064158 for complete rationale.
diff --git a/sbin/rt-test-dependencies.in b/sbin/rt-test-dependencies.in
index 9d898e8..250b9af 100755
--- a/sbin/rt-test-dependencies.in
+++ b/sbin/rt-test-dependencies.in
@@ -293,7 +293,7 @@ Test::LongString
.
$deps{'FASTCGI'} = [ text_to_hash( << '.') ];
-FCGI
+FCGI 0.74
FCGI::ProcManager
.
-----------------------------------------------------------------------
More information about the Rt-commit
mailing list