On 30.05.2013 23:18, Arch Website Notification wrote: > Insecure dependency in unlink while running with -T switch at /usr/share/perl5/vendor_perl/Net/Server/Daemonize.pm That has nothing to do with Net::Server, it's a bug in the code initially setting the variable used there. I have no idea why tainting behaviour seems to have changed with perl 5.18 (perldelta doesn't mention anything), but the only place I hit this problem was in spampd and there the variables were clearly tainted so I don't consider it a regression. If you are using that, please upgrade to the new version in AUR where I fixed those bugs. For more information about tainting please take a look at perlsec[1]. [1]: http://perldoc.perl.org/perlsec.html CC'ing arch-general since this might be interesting to someone.
Attachment:
signature.asc
Description: OpenPGP digital signature
