October 15, 2009, 3:02 pm
528608 - current perl-Net-OAuth does not support OAuth 1.0a
A session fixation vulnerability was discovered in OAuth protocol 1.0. Perl OAuth bindings were updated to support the new version of the OAauth protocol that was issued to address the vulnerability. All OAuth users are strongly advised to update to this updated package and protocol version 1.0a which fixes the vulnerability. Upstream advisory: http://oauth.net/advisories/2009-1...