Vulnerabilities in cpan/ modules still affect perl; we should handle them

author: Karen Etheridge <ether@cpan.org> 2021-03-01 14:17:13 -0800
committer: Nicholas Clark <nick@ccl4.org> 2021-05-28 14:54:30 +0000
commit: 47199f631235f78bf077f54a7305bd518d5dcb35 (patch)
tree: 867a3c2581adec3936e1acca828fd1f3126d98ed /pod/perlsecpolicy.pod
parent: 1e870beca985cb6a4dbf3d59bc34b4a36b7280b1 (diff)
download: perl-47199f631235f78bf077f54a7305bd518d5dcb35.tar.gz
1 files changed, 4 insertions, 2 deletions
diff --git a/pod/perlsecpolicy.pod b/pod/perlsecpolicy.pod
index a982dc7176..456251bc0d 100644
--- a/pod/perlsecpolicy.pod
+++ b/pod/perlsecpolicy.pod
@@ -91,8 +91,10 @@ core Perl repository
 =back
 
 Files under the F<cpan/> directory in Perl's repository and release tarballs are
-developed and maintained independently. The Perl security team does not handle
-security issues for these modules.
+developed and maintained independently. The Perl security team does not
+directly handle security issues for these modules, but since this code is
+bundled with Perl, we will assist in forwarding the issue to the relevant
+maintainer(s) and you can still report these issues to us in secrecy.
 
 =head2 Bugs that may qualify as security issues in Perl
author	Karen Etheridge <ether@cpan.org>	2021-03-01 14:17:13 -0800
committer	Nicholas Clark <nick@ccl4.org>	2021-05-28 14:54:30 +0000
commit	47199f631235f78bf077f54a7305bd518d5dcb35 (patch)
tree	867a3c2581adec3936e1acca828fd1f3126d98ed /pod/perlsecpolicy.pod
parent	1e870beca985cb6a4dbf3d59bc34b4a36b7280b1 (diff)
download	perl-47199f631235f78bf077f54a7305bd518d5dcb35.tar.gz