Front page | perl.perl5.porters |
Postings from December 2012
On Wed, 2012-12-26 at 15:45 -0600, Todd Rinaldo wrote: > The upcoming release will include perl 5.14.3 provided as a set of RPMs > installed to the prefix /usr/local/cpanel/3rdparty/perl/514. We are > working to step away from messing with /usr/bin/perl since it breaks > what CentOS can and can't install. To make sure I understand you correctly -- you mean the upcoming January release will ship with a stock /usr/bin/perl, and cPanel will run out of its own perl installed into /usr/local/cpanel/3rdparty/perl/514 ? > We will ship a patched version of Storable based on 2.39 (2.40 is just > a doc release, right?). 2.40 is a doc release, yes. However, it documents the vulnerability in question, so I find it surprising that you would not build upon that. Implicit in this statement of shipping a patched version of Storable is that you intend to privately fork Storable again, merely starting from 2.39 this time. Can you explain the rationale behind not submitting those patches to the core Storable, so that you can ship an official release? We will likely be suggesting that cPanel customers install a separate perl for RT; of course, due to other vendor problems (Scalar::Util shipped without weaken, Sys::Syslog or File::Temp being forcibly downgraded by yum, etc), we oft-times already suggest that. - AlexThread Previous