Updated: perl-DBI-1.623-1
Reini Urban
rurban@x-ray.at
Wed Jan 9 22:47:00 GMT 2013
On Tue, Jan 8, 2013 at 10:35 PM, Yaakov wrote:
> The following package has been updated in the Cygwin distribution:
>
> *** perl-DBI-1.623-1
>
> The Perl Database Interface (DBI) provides a single API to access a wide
> variety of databases, support for which is provided by a DBD::* driver
> module (such as perl-DBD-mysql for MySQL servers).
>
> This is an update to the latest upstream release.
Note:
I strongly advise against the use of DBI-1.622 and 1.623 on public
facing systems,
because of https://rt.cpan.org/Ticket/Display.html?id=75614
This is the currently biggest known perl security problem,
besides require "strict.pm\0shellcode"; and similar nul-char syscalls.
Not that is likely that cygwin is used on public servers, but who knows...
The patches are at also at https://github.com/rurban/distroprefs
--
Reini Urban
http://cpanel.net/ http://www.perl-compiler.org/
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
More information about the Cygwin
mailing list