On Wed, Dec 05, 2012 at 04:05:01PM -0500, Ricardo Signes wrote:
> * Dominic Hargreaves <d...@earth.li> [2012-12-05T13:51:19]> > I wondered (and the question has arised within the Debian project) whether> > anyone might be relying on the previous behaviour? Have you been able to do> > any assessment of this?> > It's difficult to say, unfortunately, because (I suppose) most projects that> would use Locale::Maketext would not be CPAN projects, and so finding them is> not trivial.> > I did do some grepping of the CPAN and found zero cases.> > It should be quite easy to add this behavior back as optional, if we find> we've broken anything.> > I'm sorry I can't be more concrete!
Thanks for this. Has a CVE been assigned to this vulnerability yet,
and if so, what's the best way to do so?
Dominic Hargreaves | http://www.larted.org.uk/~dom/
PGP key 5178E2A5 from the.earth.li (keyserver,web,email)