From e23baf131a48342bff7a00f06b2f84abbf139847 Mon Sep 17 00:00:00 2001 From: Karen Etheridge Date: Mon, 1 Mar 2021 14:17:13 -0800 Subject: [PATCH] Vulnerabilities in cpan/ modules still affect perl; we should handle them --- pod/perlsecpolicy.pod | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/pod/perlsecpolicy.pod b/pod/perlsecpolicy.pod index 07a702495dfe..734ce527a348 100644 --- a/pod/perlsecpolicy.pod +++ b/pod/perlsecpolicy.pod @@ -92,8 +92,10 @@ core Perl repository =back Files under the F directory in Perl's repository and release tarballs are -developed and maintained independently. The Perl security team does not handle -security issues for these modules. +developed and maintained independently. The Perl security team does not +directly handle security issues for these modules, but since this code is +bundled with Perl, we will assist in forwarding the issue to the relevant +maintainer(s) and you can still report these issues to us in secrecy. =head2 Bugs that may qualify as security issues in Perl