Skip Menu |

This queue is for tickets about the CHI-Driver-Redis CPAN distribution.

Report information
The Basics
Id: 127176
Status: open
Priority: 0/
Queue: CHI-Driver-Redis

People
Owner: ether [...] cpan.org
Requestors: mans0954 [...] debian.org
Cc:
AdminCc:

Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)



Subject: [PATCH] Use FindBin to find inc::Module::Install
Date: Sat, 22 Sep 2018 19:59:34 +0100
To: bug-chi-driver-redis [...] rt.cpan.org
From: Christopher Hoskin <mans0954 [...] debian.org>
In Debian we are currently applying the following patch to CHI-Driver-Redis. We thought you might be interested in it too. Description: Use FindBin to find inc::Module::Install . is no longer included in @INC as of Perl 5.26 due to CVE-2016-1238 Author: Christopher Hoskin <mans0954@debian.org> Last-Update: 2018-09-22 The patch is tracked in our Git repository at https://salsa.debian.org/perl-team/modules/packages/libchi-driver-redis-perl/raw/master/debian/patches/findbin.patch Thanks for considering, Christopher Hoskin, Debian Perl Group

Message body is not shown because sender requested not to inline it.

On 2018-09-22 11:59:50, mans0954@debian.org wrote: Show quoted text
> > In Debian we are currently applying the following patch to > CHI-Driver-Redis. > We thought you might be interested in it too. > > Description: Use FindBin to find inc::Module::Install > . is no longer included in @INC as of Perl 5.26 due to CVE-2016-1238
I don't think this is a good patch. FindBin does a *lot* of things behind the scenes, most of which is unnecessary. The correct minimal change to make here is to add a single line to Makefile.PL: use lib '.'; More properly, this distribution should be transitioned off of Module::Install entirely, but that's a bigger change to make.