I'm sorry, but I cannot re-produce this. and when testing your suggested change, I get other errors in my log.
is there any more information you can give me? (what topics, what kind of changes, which particular diffs link) Sven On Mon, 2005-05-02 at 07:01 -0400, [EMAIL PROTECTED] wrote: > Package: twiki > > Version: 20040902-3 > > Problem occured after upgrading: > > twiki 20040902-1.1 -> 20040902-3 > apache2-common 2.0.53-5 -> 2.0.54-2 > (other packages were also upgraded at the same time, complete list below) > > Perl v5.8.4 > Linux twiki 2.4.25 #1 SMP Fri Mar 5 10:32:46 EST 2004 i686 GNU/Linux > libc6 version 2.3.2.ds1-21 > > Problem description > ------------------- > > Immediately after upgrading Apache and TWiki as described above we > started getting this error: > > Insecure dependency in exec while running with -T switch at > /usr/share/perl5/TWiki.pm line 3454. > > Whenever we clicked the "Diffs" link on a TWiki topic. > > The problem seems to start on line 378 of /usr/share/perl5/TWiki/UI/RDiff.pm > > my $rev1 = $query->param( "rev1" ); > > At this point rev1 (and rev2) are tainted. > > On line 410 (411 for rev2) they are run through a regexp: > > $rev1 =~ s/r?1\.//go; # cut 'r' and major > > but it does not seem sufficient to untaint them. > > Changing the line to something like: > > ($rev1) = $rev1 =~ /r?1\.(\d*)/; # cut 'r' and major > > does work. > > > > > Complete aptitude log from upgrade: > > [EMAIL PROTECTED]:~# more /var/log/aptitude > Aptitude 0.2.15.8: log report > Sun May 1 13:44:01 2005 > > > IMPORTANT: this log only lists intended actions; actions which fail due to > dpkg problems may not be completed. > > Will install 72 packages, and remove 0 packages. > 633kB bytes of disk space will be freed > =============================================================================== > [HOLD] ldap-utils > [HOLD] mutt > [UPGRADE] apache2-common 2.0.53-5 -> 2.0.54-2 > [UPGRADE] apache2-mpm-prefork 2.0.53-5 -> 2.0.54-2 > [UPGRADE] apache2-utils 2.0.53-5 -> 2.0.54-2 > [UPGRADE] aptitude 0.2.15.8-1 -> 0.2.15.9-2 > [UPGRADE] base-config 2.53.7 -> 2.53.8 > [UPGRADE] cpp-3.3 1:3.3.5-8 -> 1:3.3.5-12 > [UPGRADE] dash 0.5.2-2 -> 0.5.2-4 > [UPGRADE] debconf 1.4.30.11 -> 1.4.30.13 > [UPGRADE] debconf-i18n 1.4.30.11 -> 1.4.30.13 > [UPGRADE] debconf-utils 1.4.30.11 -> 1.4.30.13 > [UPGRADE] fakeroot 1.2.2 -> 1.2.10 > [UPGRADE] findutils 4.1.20-5 -> 4.1.20-6 > [UPGRADE] g++-3.3 1:3.3.5-8 -> 1:3.3.5-12 > [UPGRADE] gcc-3.3 1:3.3.5-8 -> 1:3.3.5-12 > [UPGRADE] gcc-3.3-base 1:3.3.5-8 -> 1:3.3.5-12 > [UPGRADE] glibc-doc 2.3.2.ds1-20 -> 2.3.2.ds1-21 > [UPGRADE] grep-dctrl 2.1.9 -> 2.1.10 > [UPGRADE] grub 0.95+cvs20040624-16 -> 0.95+cvs20040624-17 > [UPGRADE] hotplug 0.0.20040329-21 -> 0.0.20040329-22 > [UPGRADE] initrd-tools 0.1.77 -> 0.1.78 > [UPGRADE] irqbalance 0.12-1 -> 0.12-2 > [UPGRADE] kernel-package 8.125 -> 8.132 > [UPGRADE] libapache2-mod-auth-pam 1.1.1-4.1 -> 1.1.1-6 > [UPGRADE] libapache2-mod-perl2 1.999.20-1 -> 1.999.21-1 > [UPGRADE] libapr0 2.0.53-5 -> 2.0.54-2 > [UPGRADE] libc6 2.3.2.ds1-20 -> 2.3.2.ds1-21 > [UPGRADE] libc6-dev 2.3.2.ds1-20 -> 2.3.2.ds1-21 > [UPGRADE] libc6-i686 2.3.2.ds1-20 -> 2.3.2.ds1-21 > [UPGRADE] libcupsys2-gnutls10 1.1.23-7 -> 1.1.23-10 > [UPGRADE] libdbd-mysql-perl 2.9003-4 -> 2.9006-1 > [UPGRADE] libfreetype6 2.1.7-2.3 -> 2.1.7-2.4 > [UPGRADE] libfreetype6-dev 2.1.7-2.3 -> 2.1.7-2.4 > [UPGRADE] libglib2.0-0 2.6.3-1 -> 2.6.4-1 > [UPGRADE] libglib2.0-dev 2.6.3-1 -> 2.6.4-1 > [UPGRADE] libltdl3 1.5.6-4 -> 1.5.6-6 > [UPGRADE] libmysqlclient12 4.0.24-2 -> 4.0.24-5 > [UPGRADE] libnet-ldap-perl 0.3202-2 -> 0.3202-3 > [UPGRADE] libnss-ldap 220-1 -> 238-1 > [UPGRADE] libpam-krb5 1.0-10 -> 1.0-12 > [UPGRADE] libqt3-compat-headers 3:3.3.3-8 -> 3:3.3.4-3 > [UPGRADE] libqt3-headers 3:3.3.3-8 -> 3:3.3.4-3 > [UPGRADE] libqt3c102-mt 3:3.3.3-8 -> 3:3.3.4-3 > [UPGRADE] libsensors3 1:2.9.0-19 -> 1:2.9.1-1 > [UPGRADE] libstdc++5 1:3.3.5-8 -> 1:3.3.5-12 > [UPGRADE] libstdc++5-3.3-dev 1:3.3.5-8 -> 1:3.3.5-12 > [UPGRADE] liburi-perl 1.30-1 -> 1.35-1 > [UPGRADE] libusb-0.1-4 2:0.1.10a-6 -> 2:0.1.10a-8 > [UPGRADE] libxft2 2.1.2-6 -> 2.1.7-1 > [UPGRADE] locales 2.3.2.ds1-20 -> 2.3.2.ds1-21 > [UPGRADE] mysql-client 4.0.24-2 -> 4.0.24-5 > [UPGRADE] mysql-common 4.0.24-2 -> 4.0.24-5 > [UPGRADE] mysql-server 4.0.24-2 -> 4.0.24-5 > [UPGRADE] nano 1.2.4-3 -> 1.2.4-5 > [UPGRADE] nscd 2.3.2.ds1-20 -> 2.3.2.ds1-21 > [UPGRADE] pdksh 5.2.14-17 -> 5.2.14-18 > [UPGRADE] pkg-config 0.15.0-4 -> 0.16.0-1 > [UPGRADE] po-debconf 0.8.22 -> 0.8.23 > [UPGRADE] qt3-dev-tools 3:3.3.3-8 -> 3:3.3.4-3 > [UPGRADE] rsync 2.6.3-2 -> 2.6.4-2 > [UPGRADE] samba 3.0.10-1 -> 3.0.14a-1 > [UPGRADE] samba-common 3.0.10-1 -> 3.0.14a-1 > [UPGRADE] sharutils 1:4.2.1-11 -> 1:4.2.1-13 > [UPGRADE] shorewall 2.2.2-1 -> 2.2.3-1 > [UPGRADE] sudo 1.6.8p7-1 -> 1.6.8p7-1.1 > [UPGRADE] twiki 20040902-1.1 -> 20040902-3 > [UPGRADE] udev 0.056-1 -> 0.056-2 > [UPGRADE] ulogd 1.02-1 -> 1.02-2 > [UPGRADE] usbutils 0.70-2 -> 0.70-5 > [UPGRADE] vim 1:6.3-067+2 -> 1:6.3-068+4 > [UPGRADE] vim-common 1:6.3-067+2 -> 1:6.3-068+4 > [UPGRADE] winbind 3.0.10-1 -> 3.0.14a-1 > [UPGRADE] zsh 4.2.4-8 -> 4.2.5-7 > =============================================================================== > > Log complete. > Aptitude 0.2.15.9: log report > Sun May 1 13:47:03 2005 > > > IMPORTANT: this log only lists intended actions; actions which fail due to > dpkg problems may not be completed. > > Will install 0 packages, and remove 0 packages. > =============================================================================== > [HOLD] ldap-utils > [HOLD] mutt > =============================================================================== > > Log complete. > Aptitude 0.2.15.9: log report > Sun May 1 13:47:13 2005 > > > IMPORTANT: this log only lists intended actions; actions which fail due to > dpkg problems may not be completed. > > Will install 4 packages, and remove 3 packages. > 799kB of disk space will be used > =============================================================================== > [REMOVE, NOT USED] libiodbc2 > [REMOVE, NOT USED] libltdl3 > [REMOVE, NOT USED] libslp1 > [INSTALL, DEPENDENCIES] libdb4.3 > [INSTALL, DEPENDENCIES] libldap-2.2-7 > [UPGRADE] ldap-utils 2.1.30-3 -> 2.2.23-1 > [UPGRADE] mutt 1.5.6-20040907+3 -> 1.5.9-1 > =============================================================================== > > Log complete. > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
