[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Potentially insecure Perl scripts

On Thu, Jan 24, 2019 at 10:18 AM Ian Jackson <ijackson@chiark.greenend.org.uk> wrote:
To the Debian Perl maintainers: if I make a patch to make
  -p -n <>
use the 3-argument form of open (or equivalent), will you apply it ?

To the Debian security team: would you ship it in a security update ?

Wouldn't a less drastic approach be to change the vulnerable scripts to use <<>> instead of <>?


Reply to: