Fix Encode(3p) loading module from incorrect relative path

This is upstream commit
https://github.com/Perl/perl5/commit/c1a937fef07c061600a0078f4cb53fe9c2136bb9

Quoting upstream:

    Without this fix, Encode::ConfigLocal can be loaded from a path
    relative to the current directory, because the || operator will
    evaluate @inc in scalar context, putting an integer as the only
    value in @inc.

Addresses CVE-2021-36770

diff --git a/gnu/usr.bin/perl/cpan/Encode/Encode.pm b/gnu/usr.bin/perl/cpan/Encode/Encode.pm
index de06ba1..e4a23d7 100644 (file)
--- a/gnu/usr.bin/perl/cpan/Encode/Encode.pm
+++ b/gnu/usr.bin/perl/cpan/Encode/Encode.pm
@@ -7,7 +7,8 @@ use warnings;
 use constant DEBUG => !!$ENV{PERL_ENCODE_DEBUG};
 our $VERSION;
 BEGIN {
-    $VERSION = sprintf "%d.%02d", q$Revision: 3.06 $ =~ /(\d+)/g;
+    $VERSION = "3.06_01";
+    $VERSION = eval $VERSION;
     require XSLoader;
     XSLoader::load( __PACKAGE__, $VERSION );
 }
@@ -65,8 +66,8 @@ require Encode::Config;
 eval {
     local $SIG{__DIE__};
     local $SIG{__WARN__};
-    local @INC = @INC || ();
-    pop @INC if $INC[-1] eq '.';
+    local @INC = @INC;
+    pop @INC if @INC && $INC[-1] eq '.';
     require Encode::ConfigLocal;
 };