[Bug 2105085] perl-HTTP-Daemon: HTTP::Daemon allows request smuggling

bugzilla Wed, 13 Jul 2022 02:09:34 -0700

https://bugzilla.redhat.com/show_bug.cgi?id=2105085


Petr Pisar <ppi...@redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Link ID|                            |Github
                   |                            |libwww-perl/HTTP-Daemon/iss
                   |                            |ues/56



--- Comment #7 from Petr Pisar <ppi...@redhat.com> ---
Upstream commits supposedly fixing this vulnerability:

e84475de51d6fd7b29354a997413472a99db70b2 Fix Content-Length ', '-separated
string issues
8dc5269d59e2d5d9eb1647d82c449ccd880f7fd0 Include reason in response body
content
faebad54455c2c2919e234202362570925fb99d1 Add new test for Content-Length issues
ef8c1265c9558e92bac3178a0ed42eb937d943c6 Remove 'trailing spaces' to satisfy
some authors
c10445d014584546f99f85d240000b4a140ec37a (HEAD -> master, origin/master,
origin/HEAD) Add CVE-2022-31081 fix to the Revision History


-- 
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2105085
_______________________________________________
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

[Bug 2105085] perl-HTTP-Daemon: HTTP::Daemon allows request smuggling

Reply via email to