Re: Bug#610384: libparallel-forkmanager-perl: new upstream version

To: John Lightsey <john@nixnuts.net>, 610384@bugs.debian.org
Cc: Matt Taggart <taggart@debian.org>, debian-perl@lists.debian.org
Subject: Re: Bug#610384: libparallel-forkmanager-perl: new upstream version
From: Damyan Ivanov <dmn@debian.org>
Date: Thu, 28 Mar 2013 16:58:25 +0200
Message-id: <[🔎] 20130328145825.GA13117@pc1.creditreform.bg>
Mail-followup-to: Damyan Ivanov <dmn@debian.org>, John Lightsey <john@nixnuts.net>, 610384@bugs.debian.org, Matt Taggart <taggart@debian.org>, debian-perl@lists.debian.org
In-reply-to: <4DD47175.1090301@nixnuts.net>
References: <20110118051921.99F1CD6C2B@taggart.lackof.org> <4DD47175.1090301@nixnuts.net>

-=| John Lightsey, 18.05.2011 20:25:09 -0500 |=-
> tags 610384 + wontfix
> thanks
> 
> The handling of files in /tmp with Parallel::Forkmanager 0.7.6+ is very
> insecure.
> 
> http://rt.cpan.org/Ticket/Display.html?id=68298

Dear John,

It seems to me that the current upstream version (1.03) of 
Parallel::ForkManager is better in handling temporary files. Although 
all the files still use predictable names, they are all created in 
a directory created by File::Temp::tmpdir, which should be safe enough 
AIUI.

Maybe you would consider uploading an updated package? Experimental 
should be fine if you don't want to disturb the freeze.


As an alternative, in case you don't have time for this package, 
I offer to take it over to the pkg-perl team (which you are welcome to 
join too).

Best regards,
    dam

Reply to:

Follow-Ups:
- Re: Bug#610384: libparallel-forkmanager-perl: new upstream version
  - From: John Lightsey <john@nixnuts.net>

Prev by Date: Re: Introduction Dirk
Next by Date: Re: Bug#610384: libparallel-forkmanager-perl: new upstream version
Previous by thread: Re: Introduction Dirk
Next by thread: Re: Bug#610384: libparallel-forkmanager-perl: new upstream version
Index(es):
- Date
- Thread