Bug#862901: release-notes: further update to perl @INC change
Further to #859129, please consider this additional patch which refers
to a possible workaround for local issues, and freshly-minted upstream
documentation for developers on the topic.
--- en/issues.dbk (revision 11492)
+++ en/issues.dbk (working copy)
@@ -710,6 +710,25 @@
<literal>require()</literal>, <literal>do()</literal> etc., where the
arguments are files in the current directory.
+ <!-- the link below is temporary; this would ideally point to
+ perldoc.perl.org once 5.26.0 is released since that is more
+ stable -->
+ All perl programs and module shipped by Debian should have been
+ fixed to address any incompatibilities caused by the above; please
+ file bugs if this is not the case. As the change has now been made
+ in perl 5.26.0, third-party software should also start to be fixed.
+ Information about how to fix this issue for developers is provided
+ in the <ulink url="https://perl5.git.perl.org/perl.git/blob_plain/HEAD:/pod/perldelta.pod">perl 5.26 release notes</ulink> (see the SECURITY section).
+ If needed you can temporarily reinstate <literal>.</literal> in
+ <literal>@INC</literal> globally by commenting out the line in
+ <filename>/etc/perl/sitecustomize.pl</filename> but you should
+ only do this with a understanding of the potential risks. This
+ workaround will be removed in &debian; &nextrelease;. You can
+ also set the <literal>PERL_USE_UNSAFE_INC</literal> environment
+ variable in a specific context which will have the same effect. </para>