develooper Front page | perl.perl5.porters | Postings from December 2018

[perl #133706] Fwd: [perlorg/perlweb] Perl source code archiveperl-5.28.0.tar.gz triggers CVE2015-1592 alert in McAfee (#280)

From:
Tony Cook via RT
Date:
December 5, 2018 03:45
Subject:
[perl #133706] Fwd: [perlorg/perlweb] Perl source code archiveperl-5.28.0.tar.gz triggers CVE2015-1592 alert in McAfee (#280)
Message ID:
rt-4.0.24-7722-1543981475-1402.133706-15-0@perl.org
On Sun, 02 Dec 2018 21:25:01 -0800, tonyc wrote:
> On Sat, 01 Dec 2018 10:12:18 -0800, robert wrote:
> > FYI.
> 
> Maybe remove the packaged exploit code entirely, instead test the
> detection logic, per the attached patch.
> 
> I'll apply this in a couple of days unless someone objects.

Applied as fb5f378b17e3b41db03064c19b9205db64a3354c with an improved commit message.

Tony

---
via perlbug:  queue: perl5 status: open
https://rt.perl.org/Ticket/Display.html?id=133706



nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About