Re: CVE-2021-36770: Encode.pm loads code from outside expected @INC - nntp.perl.org

Front page | perl.perl5.porters | Postings from August 2021

Re: CVE-2021-36770: Encode.pm loads code from outside expected @INC

Thread Previous | Thread Next

From:

Achim Gratz

Date:

August 14, 2021 17:26

Subject:

Re: CVE-2021-36770: Encode.pm loads code from outside expected @INC

Message ID:

87k0koj5xd.fsf@Rainer.invalid

Dan Book writes:
> A less fragile version of this would be:
>
> require File::Basename;
> local @INC = File::Basename::dirname($INC{'Encode.pm'});

Good idea, plus it would actually work, since this module is in the
perl_base package, so always available.  I'll do that in the next
release.


Regards,
Achim.
-- 
+<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+

Wavetables for the Waldorf Blofeld:
http://Synth.Stromeko.net/Downloads.html#BlofeldUserWavetables

Thread Previous | Thread Next

CVE-2021-36770: Encode.pm loads code from outside expected @INC by Ricardo Signes

Re: CVE-2021-36770: Encode.pm loads code from outside expected @INC by Achim Gratz

Re: CVE-2021-36770: Encode.pm loads code from outside expected @INC by Dan Book

Re: CVE-2021-36770: Encode.pm loads code from outside expected @INC by Achim Gratz
Re: CVE-2021-36770: Encode.pm loads code from outside expected @INC by Dan Book

Re: CVE-2021-36770: Encode.pm loads code from outside expected @INC by Leon Timmermans

Re: CVE-2021-36770: Encode.pm loads code from outside expected @INC by Achim Gratz

Re: CVE-2021-36770: Encode.pm loads code from outside expected @INC by Dan Book

Re: CVE-2021-36770: Encode.pm loads code from outside expected @INC by ASSI

Re: CVE-2021-36770: Encode.pm loads code from outside expected @INC by Dan Book

[Encode] 3.12 Released, update NOW to address CVE-2021-36770 by Dan Kogai

[Encode] 3.13 Released by Dan Kogai

[Encode] 3.14 Released by Dan Kogai

Re: [Encode] 3.14 Released by Eric Wong

[Encode] 3.15 Released by Dan Kogai

[Encode] 3.16 Released by Dan Kogai

[Encode] 3.17 Released by Dan Kogai

[Encode] 3.18 Released by Dan Kogai

[Encode] 3.19 Released by Dan Kogai

Re: [Encode] 3.19 Released by James E Keenan

Re: [Encode] 3.18 Released by Yuki Kimoto

Re: [Encode] 3.15 Released by James E Keenan

leak testing modules [was: [Encode] 3.15 Released] by Eric Wong

Leak testing WAS Re: leak testing modules [was: [Encode] 3.15Released] by Felipe Gasper
Re: leak testing modules [was: [Encode] 3.15 Released] by Paul "LeoNerd" Evans

Re: leak testing modules [was: [Encode] 3.15 Released] by Eric Wong

Re: leak testing modules [was: [Encode] 3.15 Released] by H.Merijn Brand

Re: [Encode] 3.13 Released by Yuki Kimoto

nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About