perl/hash_attack.t fails with perl 5.16.3-RC1

[John D Groenveld <jd...@elvis.arl.psu.edu>]

[Fri Mar 08 17:58:46 2013] [error] [client 127.0.0.1] Failed to mount the hash c
ollision attack at /tmp/mod_perl-2.0.7/t/response/TestPerl/hash_attack.pm line 1
03.\n

John
groenveld@acm.org

RE: perl/hash_attack.t fails with perl 5.16.3-RC1

[Steve Hay <St...@verosoftware.com>]

Steve Hay wrote on 2013-03-11:
> John D Groenveld wrote on 2013-03-08:
>> [Fri Mar 08 17:58:46 2013] [error] [client 127.0.0.1] Failed to
>> mount the hash c ollision attack at /tmp/mod_perl-
>> 2.0.7/t/response/TestPerl/hash_attack.pm line 1 03.\n
>> 
>> John
>> groenveld@acm.org
> 
> 
> Thanks for the report. This is a known test failure, brought about by
> the security fix which has just been applied to 5.16.3-RC1. 5.14.4,
> which has just been released, has the same test failure for the same
> reason. I have seen a patch for it on the perl5-security list, and
> will hopefully apply it soon.


This is now fixed in Subversion and will be in mod_perl-2.0.8, whenever
that gets released (hopefully not too long!).

RE: perl/hash_attack.t fails with perl 5.16.3-RC1

[Steve Hay <St...@verosoftware.com>]

John D Groenveld wrote on 2013-03-08:
> [Fri Mar 08 17:58:46 2013] [error] [client 127.0.0.1] Failed to mount
> the hash c ollision attack at /tmp/mod_perl-
> 2.0.7/t/response/TestPerl/hash_attack.pm line 1 03.\n
> 
> John
> groenveld@acm.org


Thanks for the report. This is a known test failure, brought about by
the security fix which has just been applied to 5.16.3-RC1. 5.14.4,
which has just been released, has the same test failure for the same
reason. I have seen a patch for it on the perl5-security list, and will
hopefully apply it soon.