diff -up perl-5.10.0/lib/Module/Load/Conditional.pm.BAD perl-5.10.0/lib/Module/Load/Conditional.pm --- perl-5.10.0/lib/Module/Load/Conditional.pm.BAD 2007-12-18 05:47:07.000000000 -0500 +++ perl-5.10.0/lib/Module/Load/Conditional.pm 2008-03-08 15:26:18.000000000 -0500 @@ -9,7 +9,7 @@ use Locale::Maketext::Simple Style => ' use Carp (); use File::Spec (); use FileHandle (); -use version qw[qv]; +use version; use constant ON_VMS => $^O eq 'VMS'; @@ -18,7 +18,7 @@ BEGIN { $FIND_VERSION $ERROR $CHECK_INC_HASH]; use Exporter; @ISA = qw[Exporter]; - $VERSION = '0.22'; + $VERSION = '0.24'; $VERBOSE = 0; $FIND_VERSION = 1; $CHECK_INC_HASH = 0; @@ -280,8 +280,14 @@ sub check_install { ### use qv(), as it will deal with developer release number ### ie ones containing _ as well. This addresses bug report ### #29348: Version compare logic doesn't handle alphas? + ### + ### Update from JPeacock: apparently qv() and version->new + ### are different things, and we *must* use version->new + ### here, or things like #30056 might start happening $href->{uptodate} = - qv( $args->{version} ) <= qv( $href->{version} ) ? 1 : 0; + version->new( $args->{version} ) <= version->new( $href->{version} ) + ? 1 + : 0; } return $href; @@ -301,7 +307,8 @@ sub _parse_version { ### regex breaks under -T, we must modifiy it so ### it captures the entire expression, and eval /that/ ### rather than $_, which is insecure. - + my $taint_safe_str = do { $str =~ /(^.*$)/sm; $1 }; + if( $str =~ /(?new + ### are different things, and we *must* use version->new + ### here, or things like #30056 might start happening if ( !$args->{nocache} && defined $CACHE->{$mod}->{usable} - && (qv($CACHE->{$mod}->{version}||0) >= qv($href->{$mod})) + && (version->new( $CACHE->{$mod}->{version}||0 ) + >= version->new( $href->{$mod} ) ) ) { $error = loc( q[Already tried to use '%1', which was unsuccessful], $mod); last BLOCK;