On Thu, 22 Jun 2017 21:33:27 +0200, gregor herrmann wrote:
> Basically the diff between 0.422000-1 (with our changes) and 0.422400-1
> (with a different fix and without our patch) is:
>
>
> @@ -1824,6 +1824,11 @@ sub print_build_script {
> my $shebang = $self->_startperl;
> my $magic_number = $self->magic_number;
>
> +my $dot_in_inc_code = $INC[-1] eq '.' ? <<'END' : '';
> + if ($INC[-1] ne '.') {
> + push @INC, '.';
> + }
> +END
> print $fh <<EOF;
> $shebang
>
> @@ -1860,8 +1865,7 @@ BEGIN {
> (
> $quoted_INC
> );
> - push \@INC, "." unless grep { \$_ eq "." } \@INC; # Force my process to
> include . in \@INC.
> - \$ENV{"PERL_USE_UNSAFE_INC"} = 1; # Force all child processes to include .
> in \@INC.
> +$dot_in_inc_code
> }
>
> close(*DATA) unless eof(*DATA); # ensure no open handles to this script
>
>
> So what is not there anymore is PERL_USE_UNSAFE_INC=1.Dom, I think you're our expert on dot-in-inc; do you think my hunch is correct that we need to add PERL_USE_UNSAFE_INC back? (And if yes, where would be the best place - in the $dot_in_inc_code, and if yes within the if(); or after $dot_in_inc_code is output in the second hunk of the above diff? Cheers, gregor -- .''`. https://info.comodo.priv.at/ - Debian Developer https://www.debian.org : :' : OpenPGP fingerprint D1E1 316E 93A7 60A8 104D 85FA BB3A 6801 8649 AA06 `. `' Member of VIBE!AT & SPI, fellow of the Free Software Foundation Europe `- NP: Joan Baez: Gracias a la vida
signature.asc
Description: Digital Signature
