This is an automated email from the git hooks/post-receive script. gregoa pushed a commit to branch master in repository libmodule-build-perl.
commit 5ea59a4959a60007d4e43822d4f96d0523d9d5fc Author: Niko Tyni <nt...@debian.org> Date: Fri Jul 8 15:55:37 2016 +0200 Make Module::Build set PERL_UNSAFE_INC. Cf. CVE-2016-1238 Notes: Author: Todd Rinaldo <to...@cpan.org> Origin: https://gist.githubusercontent.com/toddr/d77d8d5fa9caa8f96b7758a126caa4dc/raw/3b1a327efdd9a6babf5eed8fb9c241a6d4909be6/fix.patch Bug: https://github.com/Perl-Toolchain-Gang/Module-Build/issues/69 --- lib/Module/Build/Base.pm | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/Module/Build/Base.pm b/lib/Module/Build/Base.pm index e7298d5..69e1ace 100644 --- a/lib/Module/Build/Base.pm +++ b/lib/Module/Build/Base.pm @@ -1860,6 +1860,8 @@ BEGIN { ( $quoted_INC ); + push \@INC, "." unless grep { \$_ eq "." } \@INC; # Force my process to include . in \@INC. + \$ENV{"PERL_USE_UNSAFE_INC"} = 1; # Force all child processes to include . in \@INC. } close(*DATA) unless eof(*DATA); # ensure no open handles to this script -- Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-perl/packages/libmodule-build-perl.git _______________________________________________ Pkg-perl-cvs-commits mailing list Pkg-perl-cvs-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-perl-cvs-commits