Bug#880368: YAML::XS::Load expects utf8 octets, not perl's encoding; use slurp_raw
Don Armstrong
don at debian.org
Sun Nov 5 20:23:17 UTC 2017
On Sun, 05 Nov 2017, Dominique Dumont wrote:
> Anyway, using YAML::Any has several problems:
> - it's deprecated
> - it may load YAML or YAML::XS which have some security issues [1]
Heh; that's a pretty nice bug.
> Instead, I'm going to replace YAML::Any with YAML::Tiny (which is more than
> enough in this case).
Sounds great; any solution is good for me. [I just want to be able to
write out UTF-8 names of copyright holders.]
> Thanks for the report . This helps me improve dpkg model for cme (and
> led to the release of Config::Model::Tester 3.003 which did not handle
> utf-8 correctly while checking file content).
No problem! Thanks for maintaining this. [It made updating
debian/copyright in autorandr much, much easier.]
--
Don Armstrong https://www.donarmstrong.com
The game of science is, in principle, without end. He who decides one
day that scientific statements do not call for any further test, and
that they can be regarded as finally verified, retires from the game.
-- Sir Karl Popper _The Logic of Scientific Discovery_ §11
More information about the pkg-perl-maintainers
mailing list