1 |
Description: Fix CVE-2016-1238: prevent arbitrary code execution |
2 |
Author: Dominic Hargreaves <dom@earth.li> |
3 |
Bug-Debian: https://bugs.debian.org/832439 |
4 |
Last-Update: 2016-07-26 |
5 |
--- |
6 |
This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ |
7 |
--- a/lib/Unicode/LineBreak.pm |
8 |
+++ b/lib/Unicode/LineBreak.pm |
9 |
@@ -47,7 +47,11 @@ |
10 |
ViramaAsJoiner => 'YES', |
11 |
); |
12 |
our $Config = {}; |
13 |
-eval { require Unicode::LineBreak::Defaults; }; |
14 |
+eval { |
15 |
+ local @INC = @INC; |
16 |
+ pop @INC if $INC[-1] eq '.'; |
17 |
+ require Unicode::LineBreak::Defaults; |
18 |
+}; |
19 |
push @Config, (%$Config); |
20 |
|
21 |
### Exportable constants |
22 |
|