| Summary: | perl-CPANPLUS: unnecessary download of 03modlist.data.gz | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Florian Weimer <fweimer> | ||||||
| Component: | perl-CPANPLUS | Assignee: | perl-maint-list | ||||||
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Martin Kyral <mkyral> | ||||||
| Severity: | unspecified | Docs Contact: | |||||||
| Priority: | unspecified | ||||||||
| Version: | 7.0 | CC: | mkyral, ppisar | ||||||
| Target Milestone: | rc | Keywords: | Patch | ||||||
| Target Release: | --- | ||||||||
| Hardware: | Unspecified | ||||||||
| OS: | Unspecified | ||||||||
| Whiteboard: | |||||||||
| Fixed In Version: | perl-CPANPLUS-0.91.38-3.el7 | Doc Type: | Bug Fix | ||||||
| Doc Text: |
Cause:
Running cpanp command.
Consequence:
CPANPLUS mirrors 03modlist.data.gz which is not used by
CPANPLUS anymore.
Fix:
CPANPLUS::Internals::Source Perl module has been modified
not to download dslip database.
Result:
CPANPLUS does not perform useless downloads anymore.
|
Story Points: | --- | ||||||
| Clone Of: | Environment: | ||||||||
| Last Closed: | 2014-06-12 07:56:57 UTC | Type: | Bug | ||||||
| Regression: | --- | Mount Type: | --- | ||||||
| Documentation: | --- | CRM: | |||||||
| Verified Versions: | Category: | --- | |||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||
| Bug Depends On: | |||||||||
| Bug Blocks: | 1035754 | ||||||||
| Attachments: |
|
||||||||
Indeed, the file seems unused now. I will propose a patch to the upstream. Created attachment 834310 [details]
Proposed fix
Created attachment 835171 [details]
Upstream fix
The patch has been accepted by upstream as:
commit 68f75c070e1c77a63164a8d127ea775d0ddb62dc
Author: Petr Písař <ppisar>
Date: Mon Dec 9 19:52:01 2013 +0000
[RT#91273] Useless downloading 03modlist.data.gz
|
The modlist parser has been disabled with this line in lib/CPANPLUS/Internals/Source.pm: return {}; # Quick hack which was added to the __create_dslip_tree sub. This is nice because of the evals further down, which appear to enable arbitrary code execution. However, the 03modlist.data.gz file is still downloaded and stored locally, which seems wasteful.