[ANN] SOAP::Lite v0.55 released (Re: [soaplite] security hole in soaplite)
- Hi, All!
New version of SOAP::Lite has been released today.
Although not all changes made into this release (even though some of
them were in CVS already), here is the list of most important ones:
fixed security vulnerability with fully qualified method names
(thanks to Randal Schwartz, Ilya Martynov and many others)
fixed problem with TCP transport and SSL (thanks to Chris Hurd)
fixed TCP transport to specify correct length with utf8 strings
(thanks to Robin Fuller)
fixed incorrect encoding when parameters list includes undefined
values (thanks to Chris Radcliff)
added check for TCP transport on Mac (thanks to Robin Fuller)
added check for shutdown() method on AIX (thanks to Jos Clijmans)
added check for blocking() method in TCP transport (thanks to Jos
optimized parsing strings with entity encoding (thanks to Mathieu
added check for entity size for CGI transport
($SOAP::Constant::MAX_CONTENT_SIZE) (thanks to J. Klunder)
This version fixes this security vulnerability, so you may consider
upgrade or check 'KNOWN BUGS AND LIMITATIONS' section
(http://soaplite.com/#LIMITATIONS) for more information.
This version has been uploaded to CPAN and should be available there
soon. Thank you for all your help and feedback.
Best wishes, Paul.
--- Shin Neng Wong <shinnengw@...> wrote:
> Hi everyone,__________________________________________________
> I just came across an article from this link:
> I am using SOAPLite as the server and want to overcome
> this hole. Can anyone give me feedback and insight on
> any bug fixes? If I can contribute, please let me
> know although my programming skills is terrible. :)
> SN Wong
> Do You Yahoo!?
> Yahoo! Tax Center - online filing with TurboTax
> ------------------------ Yahoo! Groups Sponsor
> To unsubscribe from this group, send an email to:
> Your use of Yahoo! Groups is subject to
Do You Yahoo!?
Yahoo! Tax Center - online filing with TurboTax