Potentially insecure Perl scripts
Mark Fowler
mark at twoshortplanks.com
Thu Jan 24 19:49:29 GMT 2019
On Thu, Jan 24, 2019 at 10:18 AM Ian Jackson <
ijackson at chiark.greenend.org.uk> wrote:
> To the Debian Perl maintainers: if I make a patch to make
> -p -n <>
> use the 3-argument form of open (or equivalent), will you apply it ?
>
> To the Debian security team: would you ship it in a security update ?
>
Wouldn't a less drastic approach be to change the vulnerable scripts to use
<<>> instead of <>?
Mark.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/perl-maintainers/attachments/20190124/262d64e8/attachment.html>
More information about the Perl-maintainers
mailing list