Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 675396

Summary: dev-lang/perl-5.28.0: source unpack triggers virusscanner
Product: Gentoo Linux Reporter: Fabian Groffen <grobian>
Component: Current packagesAssignee: Gentoo Perl team <perl>
Status: RESOLVED OBSOLETE    
Severity: normal CC: prefix
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Fabian Groffen gentoo-dev 2019-01-14 13:30:12 UTC
A bit annoying, unfortunately I cannot circumvent the virusscanner which freaks out on CVE-2015-1592.inc and immediately quarantains it, resulting in this:

>>> Configuring source in /Users/fabian/Gentoo-10.12/var/tmp/portage/dev-lang/perl-5.28.0/work/perl-5.28.0 ...
 * This version of perl may partially support modules previously
 * installed in any of the following paths:
 *  /Users/fabian/Gentoo-10.12/usr/lib/perl5/vendor_perl/5.26.2
 *  /usr/lib/perl5/5.26.2
 * This is a temporary measure and you should aim to cleanup these paths
 * via world updates and perl-cleaner
First let's make sure your kit is complete.  Checking...
ls: cannot access 'dist/Storable/t/CVE-2015-1592.inc': No such file or directory

THIS PACKAGE SEEMS TO BE INCOMPLETE.

You have the option of continuing the configuration process, despite the
distinct possibility that your kit is damaged, by typing 'y'es.  If you
do, don't blame me if something goes wrong.  I advise you to type 'n'o
and contact the author (perlbug@perl.org).

Continue? [n] ABORTING...
 * ERROR: dev-lang/perl-5.28.0::gentoo_prefix failed (configure phase):


Upstream has solved this as follows, but unless there will be a new source tar, this won't help, as the patch will fail (file already gone).

 https://perl5.git.perl.org/perl.git/commitdiff/fb5f378b17e3b41db03064c19b9205db64a3354c?hp=f9fd00352c933f36c59d5f87da1a1c4467703e83

Would it be possible to manually patch MANIFEST and dist/Storable/t/CVE-2015-1592.t, next to rm -f'ing the dist/Storable/t/CVE-2015-1592.inc file?  That way the virusscanner's doings just generate another alert, but the build can continue.

Any ideas welcome (including masking and waiting for a perhaps soon to come new release from upstream).

Thanks,
Fabian
Comment 1 Andreas K. Hüttel archtester gentoo-dev 2019-05-11 17:43:26 UTC
I poked upstream and the code will likely be removed in 5.28.3 (sometime in June maybe).
Comment 2 Fabian Groffen gentoo-dev 2019-06-18 13:05:14 UTC
5.30 is out now, so nothing to do here