summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoey Hess <joey@kitenet.net>2007-12-17 19:25:44 -0500
committerJoey Hess <joey@kitenet.net>2007-12-17 19:25:44 -0500
commit67dcf175cbe6241f0dcf3564424ca178476ebdfb (patch)
tree91198940209ee45e2720152c94daa641450234a7
parentbe85c0ca6d22ad4e566decab30edf494e07f51bf (diff)
* Work around perl taint checking bug #411786, where perl sometimes randomly
sets the taint flag on untainted variables, by disabling taint checking in the deb. This sucks.
-rw-r--r--debian/changelog3
-rwxr-xr-xdebian/rules3
-rw-r--r--doc/bugs/Insecure_dependency_in_mkdir.mdwn4
3 files changed, 7 insertions, 3 deletions
diff --git a/debian/changelog b/debian/changelog
index 3d9f01207..fe3c6b16c 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -59,6 +59,9 @@ ikiwiki (2.16) UNRELEASED; urgency=low
* Re-organise dependencies and recommends now that recommends are installed
by default.
* Don't refuse to render files with ".." in their name. (Anchor the regexp.)
+ * Work around perl taint checking bug #411786, where perl sometimes randomly
+ sets the taint flag on untainted variables, by disabling taint checking
+ in the deb. This sucks.
-- Joey Hess <joeyh@debian.org> Sun, 16 Dec 2007 16:55:23 -0500
diff --git a/debian/rules b/debian/rules
index af33131d9..ef0e7f827 100755
--- a/debian/rules
+++ b/debian/rules
@@ -4,7 +4,8 @@ build: build-stamp
build-stamp:
dh_testdir
perl Makefile.PL PREFIX=/usr INSTALLDIRS=vendor
- $(MAKE)
+ # taint checking disabled due to perl bug #411786
+ $(MAKE) NOTAINT=1
$(MAKE) test
touch build-stamp
diff --git a/doc/bugs/Insecure_dependency_in_mkdir.mdwn b/doc/bugs/Insecure_dependency_in_mkdir.mdwn
index 4c7d8ebbe..68fb2cb57 100644
--- a/doc/bugs/Insecure_dependency_in_mkdir.mdwn
+++ b/doc/bugs/Insecure_dependency_in_mkdir.mdwn
@@ -59,5 +59,5 @@ I can't see any related entries. Any ideas?
>> --[[Joey]]
>> I'd forgotten about [this perl bug](http://bugs.debian.org/411786).
->> If your problem is that bug, I can't help, it's a real bug in perl.
->> --[[Joey]]
+>> All I can do is work around it by disabling the taint checking. :-(
+>> (Which I've [[done]].) --[[Joey]]