Bug#695224: Locale::Maketext versioning in perl package

[Dominic Hargreaves]

Dear release team,

There is a problem with the perl package, as discussed in 
<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695224#55>
onwards, whereby the application of the security fix in that ticket
now causes double-escaping problems where people workaround the problem
by escaping themselves, when they detect an earlier Locale::Maketext
by version number.

I am slightly wary about importing the new (1.23) version of
Locale::Maketext as I mentioned in that bug already, but my fears may
be unfounded. Could you comment about whether you would accept such
a change in wheezy at this time? (I can't really decide whether it's
RC or not).

I've attached a diff which implements the change in question. I haven't
carried out extensive testing yet, but the package builds fine. The same
change is in the dom/locale-maketext-version branch of the git repository
at <http://anonscm.debian.org/gitweb/?p=perl/perl.git>.

Note that if you approve this, I would still want to get feedback from
Niko, co-maintainer of the perl pacakge, before an upload.

This also affects stable, and so I've also CCed the security team
(the problem was introduced in a DSA).

Thanks as always for your excellent work (especially during the freeze)
and apologies for bringing such a thorny issue to you this close to
release.

Dominic.

-- 
Dominic Hargreaves | http://www.larted.org.uk/~dom/
PGP key 5178E2A5 from the.earth.li (keyserver,web,email)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: perl-locale-maketext-versioning.diff
Type: text/x-diff
Size: 20279 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/perl-maintainers/attachments/20130331/bd8df722/attachment.diff>