/ 
PathTools-3.19
Security Advisories (2)
CVE-2016-1238 (2016-02-08)

Does not properly remove . (period) characters from the end of the includes directory array, which might allow local users to gain privileges via a Trojan horse module under the current working directory.

CVE-2015-8607 (2016-01-11)

Does not properly preserve the taint attribute of data, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string.

Changes for version 3.19 - 2006-07-11

  • When abs2rel() is called with two relative paths (e.g. abs2rel('foo/bar/baz', 'foo/bar')) the resolution algorithm needlessly called cwd() (twice!) to turn both arguments into absolute paths. Now it avoids the cwd() calls with a workaround, making a big efficiency win when abs2rel() is called repeatedly. [Brendan O'Dea]
  • Added a build-time dependency on ExtUtils::Install version 1.39 when on Windows. This is necessary because version 1.39 knows how to replace an in-use Cwd shared library, but previous versions don't. [Suggested by Adam Kennedy]
  • Fixed File::Spec::Win32->canonpath('foo/../bar'), which was returning \bar, and now properly returns just bar. [Spotted by Heinrich Tegethoff]

Modules

Cwd
get pathname of current working directory
File::Spec
portably perform operations on file names
File::Spec::Cygwin
methods for Cygwin file specs
File::Spec::Epoc
methods for Epoc file specs
File::Spec::Functions
portably perform operations on file names
File::Spec::Mac
File::Spec for Mac OS (Classic)
File::Spec::OS2
methods for OS/2 file specs
File::Spec::Unix
File::Spec for Unix, base for other File::Spec modules
File::Spec::VMS
methods for VMS file specs
File::Spec::Win32
methods for Win32 file specs

Other files