Skip Menu |
 

Preferred bug tracker

Please visit the preferred bug tracker to report your issue.

This queue is for tickets about the YAML CPAN distribution.

Report information
The Basics
Id: 20342
Status: new
Priority: 0/
Queue: YAML

People
Owner: Nobody in particular
Requestors: steve [...] silug.org
Cc:
AdminCc:

Bug Information
Severity: Important
Broken in: 0.62
Fixed in: (no value)



Subject: Test::YAML question/security concern
Download (untitled) / with headers
text/plain 532b
During a normal "make install", Test::YAML is installed on the system. Test::YAML includes this line: use lib 'lib'; It seems like that would be a security issue. Is Test::YAML intended to be a general-purpose tool for YAML hackers, or is it really just for testing YAML.pm? This was brought up regarding the Fedora Extras YAML package (https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=197539). For now I've just removed Test::YAML from the package, but if it is likely to be useful to others, I'll add it back in later.


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.