I need to upgrade Storable to a sane version. It’s plastered with serious security issues and normal bugs, and hasn’t seen maintenance in years.
All recent fixes have come from us, which didn’t make it to cpan. See the latest version here, which fixes all of the known issues: https://github.com/perl11/cperl/tree/smoke/storable-classlen-rt130635/dist/Storable (sans ChangeLog updates) Major issues: - writable stack (serious security issue, p5p argues not so, POC in the test). - no 2GB support on 64bit systems. new LOBJECT tag for strings, array indices, hashes. POC in the tests. - bless and tie security restrictions with metasploit POC. Upstream is p5p which violently refuses to do their duties, so please let at least cpan and cperl have fixed versions. p5p will then eventually move it over to cpan/ -- Reini Urban rur...@cpanel.net
