Bug #44579 for CGI: Needs Test, Patch: Tainted data from QUERY_PARAM

> Here the apache warn about this: > > [Wed Mar 25 08:20:23 2009] [error] [client 189.59.212.79] Insecure > dependency in require while running with -T switch at > /usr/share/perl/5.10/CGI.pm line 514., referer: <--cut--> > [Wed Mar 25 08:20:23 2009] [error] [client 189.59.212.79] BEGIN > failed--compilation aborted., referer: <--cut--> > [Wed Mar 25 08:20:23 2009] [error] [client 189.59.212.79] Premature end > of script headers: save, referer: <--cut--> > > CGI.pm (3.29): > > 511: my $val = $QUERY_PARAM{$name}; # always an arrayref; > 512: $self->param('-name'=>$name,'-value'=> $val); > 513: if (defined $val and ref $val eq 'ARRAY') { > 514: for my $fh (grep {defined(fileno($_))} @$val) { > 515: seek($fh,0,0); # reset the filehandle. > 516: } > 517: > 518: } > > # uname -a > Linux 2.6.18-6-xen-amd64 #1 SMP Thu Dec 25 22:21:42 UTC 2008 x86_64 > GNU/Linux > > # cat /etc/debian_version > 5.0 > > # perl -MCGI -e 'print CGI->version' > 3.29 > > # perl --version > This is perl, v5.10.0 built for x86_64-linux-gnu-thread-multi > > # apache2 -v > Server version: Apache/2.2.9 (Debian) > Server built: Jan 21 2009 00:10:51