From: Tomas Doran Date: Wed, 21 Aug 2013 15:44:12 +0000 (-0700) Subject: Doc fix for CVE-2013-1437 X-Git-Tag: 1.000015~1 X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=commitdiff_plain;h=c0278e58ecbced5d852526c1c5d088c8df6ba618;p=p5sagit%2FModule-Metadata.git Doc fix for CVE-2013-1437 --- diff --git a/Changes b/Changes index cfc90f9..84369ca 100644 --- a/Changes +++ b/Changes @@ -1,5 +1,7 @@ Release history for Module-Metadata + - Change wording about safety/security to satisfy CVE-2013-1437 + 1.000014 - 2014-05-09 - Remove "now installs to 'site' for perl 5.12+" from last version diff --git a/lib/Module/Metadata.pm b/lib/Module/Metadata.pm index 0a15924..77458e4 100644 --- a/lib/Module/Metadata.pm +++ b/lib/Module/Metadata.pm @@ -800,8 +800,10 @@ Module::Metadata - Gather package and POD information from perl module files =head1 DESCRIPTION -This module provides a standard way to gather metadata about a .pm file -without executing unsafe code. +This module provides a standard way to gather metadata about a .pm file through +(mostly) static analysis and (some) code execution. When determining the +version of a module, the C<$VERSION> assignment is Ced, as is traditional +in the CPAN toolchain. =head1 USAGE