[v3.0] perl-plack: Plack::App::File does not prune trailing slashes (CVE-2014-5269)
Plack::App::File is prone to an information-disclosure vulnerability.
An attacker can exploit this issue to obtain sensitive information.
Successful exploits may lead to other attacks.
Versions prior to Plack::App::File 1.0031 are vulnerable.
References:
CONFIRM: http://seclists.org/oss-sec/2014/q3/384
CONFIRM: http://www.securityfocus.com/bid/69185/discuss
CONFIRM: https://security-tracker.debian.org/tracker/CVE-2014-5269
(from redmine: issue id 3330, created on 2014-08-27, closed on 2014-10-01)
- Relations:
- parent #3326 (closed)
- Changesets:
- Revision 047bd50b by Natanael Copa on 2014-09-30T10:37:08Z:
main/perl-plack: security upgrade to 1.0031 (CVE-2014-5269)
fixes #3330