Back to perl PTS page

Accepted perl 5.22.2-3 (source) into unstable



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Mon, 25 Jul 2016 16:00:43 +0100
Source: perl
Binary: perl-base perl-doc perl-debug libperl5.22 libperl-dev perl-modules-5.22 perl
Architecture: source
Version: 5.22.2-3
Distribution: unstable
Urgency: high
Maintainer: Niko Tyni <ntyni@debian.org>
Changed-By: Dominic Hargreaves <dom@earth.li>
Description:
 libperl-dev - Perl library: development files
 libperl5.22 - shared Perl library
 perl       - Larry Wall's Practical Extraction and Report Language
 perl-base  - minimal Perl system
 perl-debug - debug-enabled Perl interpreter
 perl-doc   - Perl documentation
 perl-modules-5.22 - Core Perl modules
Changes:
 perl (5.22.2-3) unstable; urgency=high
 .
   * [SECURITY] CVE-2016-1238: opportunistic loading of optional
     modules can make many programs unintentionally load code
     from the current working directory (which might be changed to
     another directory without the user realising).
     + allow user configurable removal of "." from @INC in
       /etc/perl/sitecustomize.pl for a transitional period. (See: #588017)
     + backport patches from [perl #127834] to fix known vulnerabilities
       even if the user does not configure "." to be removed from @INC
     + backport patches from [perl #127810] to fix various classes of
       build failures in perl and CPAN modules if "." is removed from
       @INC
Checksums-Sha1:
 c280ae82ae30e33069cd739025522e72b135fae1 2333 perl_5.22.2-3.dsc
 7496d32b4b9a2dbcfa59cb9fcdebfe52b3923eb1 161824 perl_5.22.2-3.debian.tar.xz
Checksums-Sha256:
 a79e735efc06695a21ea3f4ab426bac99ee02815176d5bdc2c35c64e2d637a49 2333 perl_5.22.2-3.dsc
 9831b979c752b97a4c6ca399dfb51e57b2c2c9dcd6bf30ff47cc97440974a0cc 161824 perl_5.22.2-3.debian.tar.xz
Files:
 1e2937be0012bede23fd5807b91936fe 2333 perl standard perl_5.22.2-3.dsc
 7caa7d2964a0d72aa901c10106254aa9 161824 perl standard perl_5.22.2-3.debian.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJXljHQAAoJEMAFfnFNaU+yK2EQAM7AL/TTJ6wDDqug1mxRTfRQ
xSh8spxCUkuqqOd9IVQl/cPm49HSKqLhqBDGRI3CghBFDqzIMIHgHrp2/P5ybR9J
NzWU9MIn8i4jwIgqMF51FTdBqwRzuqNeWMb2sLGQiZvbF2Fu2DPnsYu44eRcAw50
gvd/Swv6fdJv8kgBR98AsWeERYe6Et+svmJNH/Hx1vl2GQoqqIHHrSx0PkJoLJ02
DoLnfawOr0fAXj1nMweYHSZSk6obR86IFCkd+VUVSgdXYOZw536DhDl1M5gMxxO4
1Yt9RXgDgeqFspAfY36d87CctJiMi+iMA0cAYEuMqyMkGj+IDJUHqDufqdmMGixz
oFIUFRRALlcsdgHcZ6mx3WdjrtRq16kK251Spi599WkJQCmqD3Skuk8dNxQ/T0Fj
PUqZN+VApBXbxwOtI4pjET4I9cQYCCRHVIfHFQy3RE2zqVLxY2Hfy5duTuKZcxcT
CmfmoCM0SqcRC8NRfAjQ2kkY0u4+wgem8Vf84KEkvkmiFrjZHPqPNKAMaFNYEYgv
KW5Yj5g5Q5zVTaM/EFNVlacu/kSStyYVqdvENgoRMgllTdBHSW2ssdersFH5NbCT
lCq6e7wuCQac9BQjqkONgYNBZ5iStNUhMmuJ/GuyRuJF8CCu3inGLkoxlxkagrdW
5QmUJhvnGih85QVIEG/T
=Zdzh
-----END PGP SIGNATURE-----