You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@spamassassin.apache.org by bu...@bugzilla.spamassassin.org on 2010/03/02 17:09:47 UTC

[Bug 6341] make test failure for taint on config_tree_recurse

https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6341

--- Comment #1 from Mark Martinec <Ma...@ijs.si> 2010-03-02 16:09:46 UTC ---
(In reply to comment #0)
> NOTE: this might be related to config_tree_recurse bug 6019
> 
> t/config_tree_recurse.............Insecure dependency in unlink while running
> with -T switch at /usr/lib/perl5/5.6.1/File/Path.pm line 233.
> t/config_tree_recurse.............dubious
>         Test returned status 17 (wstat 4352, 0x1100) 
> 
> perl is older 5.6.1, obviously.  
> 
> File::Path was upgraded to latest 2.0.8.  I stumbled on this while testing the
> SVN trunk and spamd errors on multiple systems.  I'm opening a ticket primarily
> because it might be a larger issue.

That was fixed in later versions of File::Path, the 2.0.8 does not seem
to be recent enough. Not sure which one brought the untainting fix,
it is certainly present in later versions. Try:
  $ perl -le 'use File::Path; print File::Path->VERSION'
mine reports 2.08 .

-- 
Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.