Mark.Martinec+sa at ijs
Jul 6, 2009, 5:22 PM
Post #2 of 2
(187 views)
Permalink
|
Warren,
> Something else is going wrong. sa-update fails with the *.pre files
> from trunk. If I delete and instead copy the *.pre files from 3.2.5,
> then sa-update succeeds.
>
> [root [at] newcapric ~]# sa-update
> Insecure dependency in mkdir while running with -T switch at
> /usr/lib/perl5/5.10.0/File/Path.pm line 104.
I've seen it last week, looks like an old Perl bug of a tainted $1
is rearing its head again. The following patch to File/Basename.pm
avoids the trouble:
--- Basename.pm~ 2009-06-09 16:31:34.000000000 +0200
+++ Basename.pm 2009-06-27 15:49:49.000000000 +0200
@@ -332,4 +332,5 @@
my $type = $Fileparse_fstype;
+ local $1;
if ($type eq 'MacOS') {
$_[0] =~ s/([^:]):\z/$1/s;
It is yet to be seen if it would be possible to provide a workaround
in SpamAssassin. Would you please open a bug report and let's
deal with this taint bug there.
Mark
|
