Bug#923223: XML::Parser::parsefile() uses 2-argument open

2019-02-28 Thread Niko Tyni
On Thu, Feb 28, 2019 at 11:50:04AM +0100, Xavier wrote: > Patch is ready in salsa repo: > > if (ref $file or $file eq '-') { > open(FILE, $file) or croak "Couldn't open $file:\n$!"; > } else { > open(FILE, '<', $file) or croak "Couldn't open $file:\n$!"; > } > > Success

Bug#923223: XML::Parser::parsefile() uses 2-argument open

2019-02-28 Thread Xavier
Le 27/02/2019 à 20:06, Niko Tyni a écrit : > On Wed, Feb 27, 2019 at 05:16:03PM +0100, gregor herrmann wrote: > >> 2) This fix would also suite the documentation of tv_imdb which says: >> >> tv_imdb --imdbdir [--help] [--quiet] >>[--with-keywords] [--with-plot] >>[--movies-only] [

Bug#923223: XML::Parser::parsefile() uses 2-argument open

2019-02-27 Thread Niko Tyni
On Wed, Feb 27, 2019 at 05:16:03PM +0100, gregor herrmann wrote: > 2) This fix would also suite the documentation of tv_imdb which says: > > tv_imdb --imdbdir [--help] [--quiet] >[--with-keywords] [--with-plot] >[--movies-only] [--actors NUMBER] >[--stats] [--debug] >

Bug#923223: XML::Parser::parsefile() uses 2-argument open

2019-02-27 Thread Xavier
Le 27/02/2019 à 15:35, Gianfranco Costamagna a écrit : > reopen 923223 > affects 923223 src:xmltv > severity 923223 serious > thanks > > Hello, the latest update of libxml-parser-perl seems to have broken xmltv > testsuite, and now it is failing to build from source. > > I suspect the testsuite

Bug#923223: XML::Parser::parsefile() uses 2-argument open

2019-02-27 Thread gregor herrmann
On Wed, 27 Feb 2019 15:35:23 +0100, Gianfranco Costamagna wrote: > Hello, the latest update of libxml-parser-perl seems to have broken > xmltv testsuite, and now it is failing to build from source. Ack. > I suspect the testsuite of xmltv might just need updates, but I > don't know if the packag

Bug#923223: XML::Parser::parsefile() uses 2-argument open

2019-02-27 Thread Gianfranco Costamagna
reopen 923223 affects 923223 src:xmltv severity 923223 serious thanks Hello, the latest update of libxml-parser-perl seems to have broken xmltv testsuite, and now it is failing to build from source. I suspect the testsuite of xmltv might just need updates, but I don't know if the package is rea

Bug#923223: XML::Parser::parsefile() uses 2-argument open

2019-02-25 Thread Jakub Wilk
Package: libxml-parser-perl Version: 2.44-2+b4 Tags: security Control: affects -1 check-all-the-things duck The XML::Parser::parsefile function uses 2-argument open(). As a consequence, users of this function can't use it to securely check files with untrusted names. (Unless the users sanitize t