https://bugzilla.redhat.com/show_bug.cgi?id=2035273 --- Comment #5 from Tomas Hoger <thoger@xxxxxxxxxx> --- There is another fix needed to properly fix the first attack vector in addition to the commit already linked in comment 2 above: https://github.com/andk/cpanpm/commit/46fe910becd5746adca92e18660567c9e8d37eb5 https://github.com/andk/cpanpm/commit/7f9e5e8c52f535c1c13e177595a5ef4710c72058 https://github.com/andk/cpanpm/commit/c03257dbebccd4deeff1987d5efd98113643f717 These commits are also included in 2.29. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2035273 _______________________________________________ perl-devel mailing list -- perl-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to perl-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
