(posted to lfs-dev and blfs-dev) Just catching up with links from last week's lwn.net. I looks as if a number of perl modules which we reference will need to be fixed for 5.26.
The original perl article is at http://blogs.perl.org/users/ryan_voots/2017/04/trials-and-troubles-with-changing-inc.html and the list of affected modules (as of a couple of weeks ago) is at http://cpan.simcop2387.info/failed.html Hopefully, the ones we care about will be fixed. For anybody who uses manual builds it looks like the environment variable PERL_USE_UNSAFE_INC will need to be set on problematic packages (and Bruce will be happy that cpan will apparently set that automatically, so that he won't see the problems :) - but equally the potential vulnerability will persist. Fortunately, it looks as if Module::Install is the main cause of problems, so with luck that will be fixed before perl-5.26 hits us. But as with everything else, testing those packages you care about will be required. ĸen -- I live in a city. I know sparrows from starlings. After that everything is a duck as far as I'm concerned. -- Monstrous Regiment -- http://lists.linuxfromscratch.org/listinfo/lfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
