On Tue, Oct 21, 2003, Thomas Lotterer wrote: >On Mon, Oct 20, 2003, Bill Campbell wrote: > >> Is anybody using the CGI::Application module from perl-www-1.3.1-1.3.1? >> >Bill, >today we found and fixed a problem in the CGI.pm module introduced by >a security update. A URL was escaped twice leading to malfunction. >This has been corrected in CGI.pm v3.0, so CURRENT was not affected, >and we backported the change. Corrected perl (has CGI.pm embedded) and >perl-www packages for OpenPKG v1.2 and v1.3 were uploaded today. I bet >CGI::Applications uses CGI.pm ...
After I posted my remarks, I did some further testing on the sample scripts, and found that it appeared to be entirely a CGI.pm problem. The sample script gets the CGI query object first thing, then uses it to generate via the show_table method. >Also remember that in the 1.x RELEASEs perl prefers the embedded >modules (default behaviour of perl) while the CURRENT perl prefers the >additional installed modules (common on most if not all Linux Distos). >So be sure to update the correct package, or, if in doubt, update perl >and perl-www. I noticed that there was a perl update in my daily mirror report. Bill -- INTERNET: [EMAIL PROTECTED] Bill Campbell; Celestial Software LLC UUCP: camco!bill PO Box 820; 6641 E. Mercer Way FAX: (206) 232-9186 Mercer Island, WA 98040-0820; (206) 236-1676 URL: http://www.celestial.com/ ``I have no reason to suppose that he, who would take away my Liberty, would not when he had me in his Power, take away everything else.'' John Locke ______________________________________________________________________ The OpenPKG Project www.openpkg.org Developer Communication List [EMAIL PROTECTED]
