diff options
| author | Steve Hay <steve.m.hay@googlemail.com> | 2016-07-29 08:12:07 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2016-07-29 08:12:07 +0100 |
| commit | bd91c3dffe77ffe31ed245ed571cb1a7f74c5afd (patch) | |
| tree | 5d6e872195fac3b80075a0304e443f310975ffd2 | |
| parent | 95330178b26b96232dddb188f82ad33da0d0b293 (diff) | |
| parent | 0d6c5b25583e098b7b85ff89a9a74f8e7d80ba55 (diff) | |
| download | perl-libnet-bd91c3dffe77ffe31ed245ed571cb1a7f74c5afd.tar.gz | |
Merge pull request #29 from tonycoz/cve-2016-1238
CVE-2016-1238: avoid loading Net::LocalCfg from default .
| -rw-r--r-- | lib/Net/Config.pm | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/lib/Net/Config.pm b/lib/Net/Config.pm index 0fb8713..a593538 100644 --- a/lib/Net/Config.pm +++ b/lib/Net/Config.pm @@ -24,7 +24,12 @@ our $VERSION = "3.10"; our($CONFIGURE, $LIBNET_CFG); -eval { local $SIG{__DIE__}; require Net::LocalCfg }; +eval { + local @INC = @INC; + pop @INC if $INC[-1] eq '.'; + local $SIG{__DIE__}; + require Net::LocalCfg; +}; our %NetConfig = ( nntp_hosts => [], |