2011-11-12 09:43:21 +00:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Sat Nov 12 09:46:11 UTC 2011 - pascal.bleser@opensuse.org
|
|
|
|
|
|
|
|
|
|
- update to 3.58: documentation improvements:
|
|
|
|
|
* clarify that using query_string() only has defined behavior when using the
|
|
|
|
|
GET method (RT#60813)
|
|
|
|
|
|
2011-11-10 11:51:31 +00:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Thu Nov 10 11:51:13 UTC 2011 - pascal.bleser@opensuse.org
|
|
|
|
|
|
|
|
|
|
- update to 3.57:
|
|
|
|
|
* Test::More requirement has been bumped to 0.98
|
|
|
|
|
|
|
|
|
|
- changes from 3.56:
|
|
|
|
|
* SECURITY: use public and documented FCGI.pm API in CGI::Fast: CGI::Fast was
|
|
|
|
|
using an FCGI API that was deprecated and removed from documentation more
|
|
|
|
|
than ten years ago; usage of this deprecated API with FCGI >= 0.70 or FCGI
|
|
|
|
|
<= 0.73 introduces a security issue CVE-2011-2766
|
|
|
|
|
|
2011-08-24 21:00:59 +00:00
|
|
|
-------------------------------------------------------------------
|
2011-08-24 21:34:45 +00:00
|
|
|
Wed Aug 24 21:33:47 UTC 2011 - chris@computersalat.de
|
2011-08-24 21:00:59 +00:00
|
|
|
|
|
|
|
|
- fix deps
|
|
|
|
|
* Test::More >= 0.88 (done_testing)
|
|
|
|
|
- fix build for
|
2011-08-24 21:34:45 +00:00
|
|
|
* openSUSE > 1140 (shebang), SLE_10, SLE_11, RHEL, CentOS
|
2011-08-24 21:00:59 +00:00
|
|
|
- remove Author from desc
|
|
|
|
|
|
2011-08-23 19:45:58 +00:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Aug 23 15:03:43 UTC 2011 - lars@linux-schulserver.de
|
|
|
|
|
|
|
|
|
|
- update to 3.55:
|
|
|
|
|
+ [THINGS THAT MAY BREAK YOUR CODE]
|
|
|
|
|
url() was fixed to return "PATH_INFO" when it is explicitly requested
|
|
|
|
|
with either the path=>1 or path_info=>1 flag.
|
|
|
|
|
If your code is running under mod_rewrite (or compatible) and you are
|
|
|
|
|
calling self_url() or you are calling url() and passing path_info=>1,
|
|
|
|
|
These methods will actually be returning PATH_INFO now, as you have
|
|
|
|
|
explicitly requested, or has self_url() has requested on your behalf.
|
|
|
|
|
|
|
|
|
|
The PATH_INFO has been omitted in such URLs since the issue was
|
|
|
|
|
introduced in the 3.12 release in December, 2005.
|
|
|
|
|
|
|
|
|
|
This bug is so old your application may have come to depend on it or
|
|
|
|
|
workaround it. Check for application before upgrading to this release.
|
|
|
|
|
+ The DELETE HTTP verb is now supported (RT#52614)
|
|
|
|
|
+ [NEW FEATURES]
|
|
|
|
|
- A new option to set $CGI::Carp::TO_BROWSER = 0, allows you to
|
|
|
|
|
explicitly exclude a particular scope from triggering printing to
|
|
|
|
|
the browser when fatatlsToBrowser is set. (RT#62783)
|
|
|
|
|
- The <script> tag now supports the "charset" attribute.
|
|
|
|
|
(RT#62907)
|
|
|
|
|
- In CGI::Cookie, "Max-Age" is now supported for better
|
|
|
|
|
spec compliance.
|
|
|
|
|
+ Further improvements have been made to guard against newline
|
|
|
|
|
injections in headers
|
|
|
|
|
|
2010-12-24 21:19:49 +00:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Fri Dec 24 21:15:30 UTC 2010 - lars@linux-schulserver.de
|
|
|
|
|
|
|
|
|
|
- update to 3.50:
|
|
|
|
|
* Fixed two security issues:
|
|
|
|
|
** The MIME boundary in multipart_init is now random.
|
|
|
|
|
** Further improvements to handling of newlines embedded in header
|
|
|
|
|
values. An exception is thrown if header values contain
|
|
|
|
|
invalid newlines.
|
|
|
|
|
* Correcting/clarifying documentation for param_fetch().
|
|
|
|
|
* Fixing https test in http.t.
|
|
|
|
|
* Tests were added for multipart_init().
|
|
|
|
|
|
2010-12-01 13:38:48 +00:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Dec 1 13:30:54 UTC 2010 - coolo@novell.com
|
|
|
|
|
|
|
|
|
|
- switch to perl_requires macro
|
|
|
|
|
|
2010-09-14 22:44:12 +00:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Sep 14 22:41:24 UTC 2010 - chris@computersalat.de
|
|
|
|
|
|
|
|
|
|
- update to 3.49
|
|
|
|
|
* [BUG FIXES]
|
|
|
|
|
1. Fix a regression since 3.44 involving a case when the header
|
|
|
|
|
includes "Content-Length: 0".
|
|
|
|
|
Thanks to Alex Vandiver (RT#51109)
|
|
|
|
|
2. Suppress uninitialized warnings under -w. Thanks to burak.
|
|
|
|
|
(RT#50301)
|
|
|
|
|
3. url() now uses virtual_port() instead of server_port().
|
|
|
|
|
Thanks to MKANAT and Yanick Champoux. (RT#51562)
|
|
|
|
|
* [SECURITY]
|
|
|
|
|
1. embedded newlines are now filtered out of header values in header().
|
|
|
|
|
Thanks to Mark Stosberg and Yanick Champoux.
|
|
|
|
|
* [DOCUMENTATION]
|
|
|
|
|
1. README was updated to reflect that CGI.pm was moved under ./lib.
|
|
|
|
|
Thanks to Alex Vandiver.
|
|
|
|
|
* [INTERNALS]
|
|
|
|
|
1. More tests were added for autoescape, thanks to Bob Kuo. (RT#25485)
|
|
|
|
|
2. Attempt to avoid test failures with t/fast, thanks to Steve Hay. (RT#49599)
|
|
|
|
|
- recreated by cpanspec 1.78
|
|
|
|
|
- noarch pkg
|
|
|
|
|
|
2009-12-09 16:23:48 +00:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Dec 9 13:15:06 UTC 2009 - bitshuffler #suse@irc.freenode.org
|
|
|
|
|
|
|
|
|
|
- Updated to 3.48
|
|
|
|
|
|
2008-11-30 02:47:58 +00:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Sun Nov 30 03:46:42 CET 2008 - lars@linux-schulserver.de
|
|
|
|
|
|
|
|
|
|
- initial changelog seems to be lost
|
|
|
|
|
- update from 3.38 to 3.42
|
|
|
|
|
|
