Date: Wed, 22 Jan 2003 09:29:08 -0800 From: "Ronald F. Guilmette" <rfg@monkeys.com> To: ports@FreeBSD.org Subject: Serious Security BUG in CGI::Lite Message-ID: <97115.1043256548@monkeys.com>
next in thread | raw e-mail | index | archive | help
I believe that I have found a serious security bug in the CGI::Lite package that's distributed as par of the FreeBSD ports collection. Before I go public with it, I'd like to work with some Appropriate Party[tm] associated with the FreeBSD project to make sure that a fixed version of this port is already available at the time I go public. Could someone pleas tell me who I should cntact about this? (Sorry, but I'm kinda new at this. I don't run across serious security bugs every day, so I don't know the ropes or the standard protocol, or the standard procedures). Somebody please send me guidance regarding this issue ASAP. Thanks. Regards, Ronald F. Guilmette Roseville, California <rfg@monkeys.com> P.S. Is there a list anywhere of vendors who routinely distribute CPAN (non-core) Perl modules? More to the point, is there a list of the _security contacts_ at each such vendor available somewhere? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?97115.1043256548>