Red Hat Bugzilla – Bug 1067180
CVE-2013-7329 perl-CGI-Application: information disclosure flaw
Last modified: 2015-02-04 07:46:46 EST
It was reported , that the CGI::Application perl module suffered from a flaw where, in certain cases, it would unexpectedly dump a complete set of web query data and server environment information as an error page. This could allow unintended disclosure of sensitive information.
A suggested fix is available  and the commit that caused the problem  was most likely introduced in version 4.19.
Created perl-CGI-Application tracking bugs for this issue:
Affects: fedora-all [bug 1067185]
Affects: epel-6 [bug 1067186]
CVE-2013-7329 was assigned to this issue:
perl-CGI-Application-4.50-9.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
perl-CGI-Application-4.50-7.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
perl-CGI-Application-4.50-4.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report.
Fixes are present in all supported versions of Fedora and EPEL. Closing.