This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse the repository at this point in the history
CVE-2016-1238: don't load optional modules from default .
App::Cpan attempts to load several optional modules, which an attacker can use if cpan is run from a directory writable by other users, such as /tmp.
- Loading branch information
Showing 1 changed file with 16 additions and 5 deletions.