-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Mon, 25 Jul 2016 16:00:43 +0100 Source: perl Binary: perl-base perl-doc perl-debug libperl5.22 libperl-dev perl-modules-5.22 perl Architecture: source Version: 5.22.2-3 Distribution: unstable Urgency: high Maintainer: Niko Tyni <ntyni@debian.org> Changed-By: Dominic Hargreaves <dom@earth.li> Description: libperl-dev - Perl library: development files libperl5.22 - shared Perl library perl - Larry Wall's Practical Extraction and Report Language perl-base - minimal Perl system perl-debug - debug-enabled Perl interpreter perl-doc - Perl documentation perl-modules-5.22 - Core Perl modules Changes: perl (5.22.2-3) unstable; urgency=high . * [SECURITY] CVE-2016-1238: opportunistic loading of optional modules can make many programs unintentionally load code from the current working directory (which might be changed to another directory without the user realising). + allow user configurable removal of "." from @INC in /etc/perl/sitecustomize.pl for a transitional period. (See: #588017) + backport patches from [perl #127834] to fix known vulnerabilities even if the user does not configure "." to be removed from @INC + backport patches from [perl #127810] to fix various classes of build failures in perl and CPAN modules if "." is removed from @INC Checksums-Sha1: c280ae82ae30e33069cd739025522e72b135fae1 2333 perl_5.22.2-3.dsc 7496d32b4b9a2dbcfa59cb9fcdebfe52b3923eb1 161824 perl_5.22.2-3.debian.tar.xz Checksums-Sha256: a79e735efc06695a21ea3f4ab426bac99ee02815176d5bdc2c35c64e2d637a49 2333 perl_5.22.2-3.dsc 9831b979c752b97a4c6ca399dfb51e57b2c2c9dcd6bf30ff47cc97440974a0cc 161824 perl_5.22.2-3.debian.tar.xz Files: 1e2937be0012bede23fd5807b91936fe 2333 perl standard perl_5.22.2-3.dsc 7caa7d2964a0d72aa901c10106254aa9 161824 perl standard perl_5.22.2-3.debian.tar.xz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJXljHQAAoJEMAFfnFNaU+yK2EQAM7AL/TTJ6wDDqug1mxRTfRQ xSh8spxCUkuqqOd9IVQl/cPm49HSKqLhqBDGRI3CghBFDqzIMIHgHrp2/P5ybR9J NzWU9MIn8i4jwIgqMF51FTdBqwRzuqNeWMb2sLGQiZvbF2Fu2DPnsYu44eRcAw50 gvd/Swv6fdJv8kgBR98AsWeERYe6Et+svmJNH/Hx1vl2GQoqqIHHrSx0PkJoLJ02 DoLnfawOr0fAXj1nMweYHSZSk6obR86IFCkd+VUVSgdXYOZw536DhDl1M5gMxxO4 1Yt9RXgDgeqFspAfY36d87CctJiMi+iMA0cAYEuMqyMkGj+IDJUHqDufqdmMGixz oFIUFRRALlcsdgHcZ6mx3WdjrtRq16kK251Spi599WkJQCmqD3Skuk8dNxQ/T0Fj PUqZN+VApBXbxwOtI4pjET4I9cQYCCRHVIfHFQy3RE2zqVLxY2Hfy5duTuKZcxcT CmfmoCM0SqcRC8NRfAjQ2kkY0u4+wgem8Vf84KEkvkmiFrjZHPqPNKAMaFNYEYgv KW5Yj5g5Q5zVTaM/EFNVlacu/kSStyYVqdvENgoRMgllTdBHSW2ssdersFH5NbCT lCq6e7wuCQac9BQjqkONgYNBZ5iStNUhMmuJ/GuyRuJF8CCu3inGLkoxlxkagrdW 5QmUJhvnGih85QVIEG/T =Zdzh -----END PGP SIGNATURE-----
