develooper Front page | perl.perl5.porters | Postings from August 2012

Re: the "require" branch, maintperl, and security

Thread Previous | Thread Next
From:
Ricardo Signes
Date:
August 1, 2012 13:11
Subject:
Re: the "require" branch, maintperl, and security
Message ID:
20120801201118.GA25980@cancer.codesimply.com
* Nicholas Clark <nick@ccl4.org> [2012-07-26T05:50:06]
> On Wed, Jul 25, 2012 at 09:24:13PM -0000, Father Chrysostomos wrote:
> > rjbs wrote:
> > > The smoke-me/require branch contains a fix for this bug, and will land on
> > > blead shortly assuming further testing finds no problems.
> > 
> > That fix does not look correct to me.
> > 
> > Why should require ::foo be treated as require foo, but not ::::foo or
> > main::foo?
> 
> As to ::foo vs ::::foo, because they are not the same:
> [...]

The answer to the disagreement here is not obvious to me without more time, and
we've classified this problem as only a bug fix, rather than a critical
security issue, so I am tempted to get 5.16.1 shipped for the CLEAR bug fixes
rather than wait much longer for this.

If a consensus is reached Real Soon, great.  Otherwise, I'll probably try to
get this out and then spend time looking at the various ::::: forms.

-- 
rjbs

Thread Previous | Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About