From: Niko Tyni <ntyni@debian.org>
Date: Fri, 8 Jul 2016 15:55:37 +0200
Subject: [PATCH] Make Module::Build set PERL_UNSAFE_INC.

Cf. CVE-2016-1238

Author: Todd Rinaldo <toddr@cpan.org>
Origin: https://gist.githubusercontent.com/toddr/d77d8d5fa9caa8f96b7758a126caa4dc/raw/3b1a327efdd9a6babf5eed8fb9c241a6d4909be6/fix.patch
Bug: https://github.com/Perl-Toolchain-Gang/Module-Build/issues/69
---

 lib/Module/Build/Base.pm | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/lib/Module/Build/Base.pm b/lib/Module/Build/Base.pm
--- a/lib/Module/Build/Base.pm
+++ b/lib/Module/Build/Base.pm
@@ -1860,6 +1860,8 @@ BEGIN {
     (
 $quoted_INC
     );
+  push \@INC, "." unless grep { \$_ eq "." } \@INC; # Force my process to include . in \@INC.
+  \$ENV{"PERL_USE_UNSAFE_INC"} = 1; # Force all child processes to include . in \@INC.
 }
 
 close(*DATA) unless eof(*DATA); # ensure no open handles to this script