develooper Front page | perl.perl5.porters | Postings from December 2012

security notice: Storable

Ricardo Signes
December 5, 2012 15:48
security notice: Storable
Message ID:

A number of times over the years, there's been discussion about Storable as a
vector for attack.  If a user can feed you Storable data that you didn't
expect, he has a good chance of doing nasty things to your program.  This has
been discussed on p5p and at YAPCs, but sadly never made it into the

This has been fixed with

A release to CPAN containing this warning will also be made soon.

Thanks to Brian Carlson of cPanel who brought this to our attention.

rjbs Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at | Group listing | About