I thought I had sent this out a couple of days ago but apparently not but
in case you are seeing this twice, sorry. Oh and please Cc me on replies.
Bug #470890 reported that the CGI::Application::Plugin::ActionDispatch
perl module in libcgi-application-plugins-perl 0.10 from lenny included
Data::Dumper output which could potentially leak database DSNs or other
private information. Thus the bug submitter and I decided it would be
appropriate to change the severity to grave. The problem does not exist
in sid or squeeze which have newer versions or in Etch which did not
contain this module.
I have prepared a fixed package which changes nothing except it removes that
Data::Dumper call. I jumped the gun a little bit and uploaded
libcgi-application-plugins-perl_0.10+lenny1_i386.changes though I don't
seem to see it in incoming anymore. One thing about this package is it
contains tarballs within the source tarball so you can't just diff it
against the package in lenny. Sorry about that. But if you unpack it
you will see it it is the only thing I changed.
--
Jaldhar H. Vyas <jald...@debian.org>
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
