perl-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Geoffrey Young <>
Subject Re: Security Fix [mp2]
Date Fri, 23 Mar 2007 15:07:54 GMT
Fred Moyer wrote:
> Geoffrey Young wrote:
>> Fred Moyer wrote:
>>> Philip gave a +1 here -
>>> I think I need another +1, right?
>> I'll work on it now.  this needs tests, though.  definitely in mp2, and
>> in mp1 if we can figure it out :)
> Ok I will add tests for this.  Sorry if I jumped the gun with the patch
> - was concerned that we were in some danger here, but reading through
> threads this morning I realize that those concerns may have been premature.

nope, you're good.

I've figured out that nothing we ship as a real handler in mp2 is
affected, and you can see why if you trace the cooker code back.

if you want to whip up a test for a custom cooker module feel free, but
I think we're ok.  I'll commit the test I have that doesn't break but
exercises the security breach.

in light of this, I don't think we need to force our a mp2 release.  but
I'll RM a mp1 release now.


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message