Bug#867170: perl: lingering base.pm vulnerability in stretch+sid
Dominic Hargreaves
dom at earth.li
Tue Jul 4 13:46:56 UTC 2017
Source: perl
Version: 5.24.1~rc5-1
Severity: important
In 5.24.1~rc5-1 the previous base.pm change was reverted because it
broke compatibility. This leaves a lingering potential security issue
(not very exposed because '.' is removed from @INC by default, but
still theoretically there).
Both to fix the lingering security issue, and for consistency with
other releases (see #867164) we should apply the new version of
the base.pm fix descibed there sid (and probably stretch too).
More information about the Perl-maintainers
mailing list