Re: Bug#588017: perl: current directory in @INC potentially harmful
- To: 588017@bugs.debian.org, debian-release@lists.debian.org
- Subject: Re: Bug#588017: perl: current directory in @INC potentially harmful
- From: Dominic Hargreaves <dom@earth.li>
- Date: Sun, 15 Aug 2010 16:24:33 +0100
- Message-id: <[🔎] 20100815152433.GK547@urchin.earth.li>
- In-reply-to: <87iq3q9e91.fsf@marvin.43-1.org>
- References: <20100704051620.4417.21801.reportbug@marvin.43-1.org> <4C30C62B.50602@debian.org> <20100704174732.GG4484@urchin.earth.li> <20100712184734.GE4265@crustynet.org.uk> <20100804120252.GA21395@madeleine.local.invalid> <87iq3q9e91.fsf@marvin.43-1.org>
On Thu, Aug 05, 2010 at 07:58:34AM +0900, Ansgar Burchardt wrote:
> Niko Tyni <ntyni@debian.org> writes:
>
> > While I agree it's potentially harmful, I think fixing it has a very
> > high risk of breaking user scripts. It's definitely not something to do
> > in a stable security update, and I'm not enthusiastic about diverging
> > from upstream at all here.
>
> I agree. This is very likely to break things.
>
> > Ansgar, could you please discuss this upstream on the perl5-porters
> > list?
>
> Just sent a message there [1]. Let's see what they think about this.
Upstream agrees that this isn't readily fixable.
I think this means that a squeeze-ignore tag and/or a severity downgrade
would be appropriate here?
Cheers,
Dominic.
--
Dominic Hargreaves | http://www.larted.org.uk/~dom/
PGP key 5178E2A5 from the.earth.li (keyserver,web,email)
Reply to: