Loading ...
Sorry, an error occurred while loading the content.

[ANN] SOAP::Lite v0.55 released (Re: [soaplite] security hole in soaplite)

Expand Messages
  • Paul Kulchenko
    Hi, All! New version of SOAP::Lite has been released today. Although not all changes made into this release (even though some of them were in CVS already),
    Message 1 of 3 , Apr 15, 2002
    • 0 Attachment
      Hi, All!

      New version of SOAP::Lite has been released today.

      Although not all changes made into this release (even though some of
      them were in CVS already), here is the list of most important ones:

      fixed security vulnerability with fully qualified method names
      (thanks to Randal Schwartz, Ilya Martynov and many others)
      fixed problem with TCP transport and SSL (thanks to Chris Hurd)
      fixed TCP transport to specify correct length with utf8 strings
      (thanks to Robin Fuller)
      fixed incorrect encoding when parameters list includes undefined
      values (thanks to Chris Radcliff)
      added check for TCP transport on Mac (thanks to Robin Fuller)
      added check for shutdown() method on AIX (thanks to Jos Clijmans)
      added check for blocking() method in TCP transport (thanks to Jos
      Clijmans)
      optimized parsing strings with entity encoding (thanks to Mathieu
      Longtin)
      added check for entity size for CGI transport
      ($SOAP::Constant::MAX_CONTENT_SIZE) (thanks to J. Klunder)

      This version fixes this security vulnerability, so you may consider
      upgrade or check 'KNOWN BUGS AND LIMITATIONS' section
      (http://soaplite.com/#LIMITATIONS) for more information.

      This version has been uploaded to CPAN and should be available there
      soon. Thank you for all your help and feedback.

      Best wishes, Paul.

      --- Shin Neng Wong <shinnengw@...> wrote:
      > Hi everyone,
      >
      > I just came across an article from this link:
      >
      > http://use.perl.org/articles/02/04/09/000212.shtml?tid=1
      >
      >
      > I am using SOAPLite as the server and want to overcome
      > this hole. Can anyone give me feedback and insight on
      > any bug fixes? If I can contribute, please let me
      > know although my programming skills is terrible. :)
      >
      > Regards,
      >
      > SN Wong
      >
      > __________________________________________________
      > Do You Yahoo!?
      > Yahoo! Tax Center - online filing with TurboTax
      > http://taxes.yahoo.com/
      >
      > ------------------------ Yahoo! Groups Sponsor
      >
      > To unsubscribe from this group, send an email to:
      > soaplite-unsubscribe@yahoogroups.com
      >
      >
      >
      > Your use of Yahoo! Groups is subject to
      > http://docs.yahoo.com/info/terms/
      >
      >


      __________________________________________________
      Do You Yahoo!?
      Yahoo! Tax Center - online filing with TurboTax
      http://taxes.yahoo.com/
    Your message has been successfully submitted and would be delivered to recipients shortly.