Perl library Dpkg::Index no-longer usable with Perl taint-mode enabled

The Perl library Dpkg::Index used to be usable with taint mode (-T) enabled.

Specifically, it worked when using package 1.18.4ubuntu1 of libdpkg-perl in Ubuntu 16.04. This has since regressed in Ubuntu 18.04, which uses version 1.19.0.5ubuntu2.

The following perl script demonstrates the issue:

#!/usr/bin/perl -wT

use strict;
use warnings;

use Dpkg::Index;

1;

This script completes without error when run against 1.18. Running it against 1.19 results in the following taint error in the Dpkg::Vendor component, one of Dpkg::Index's dependencies:

% perl -wT poc.pl
Insecure dependency in eval while running with -T switch at /usr/share/perl5/Dpkg/Vendor.pm line 164.
Compilation failed in require at /usr/share/perl5/Dpkg/Control/Hash.pm line 25.
BEGIN failed--compilation aborted at /usr/share/perl5/Dpkg/Control/Hash.pm line 25.
Compilation failed in require at /usr/share/perl5/Dpkg/Control.pm line 47.
BEGIN failed--compilation aborted at /usr/share/perl5/Dpkg/Control.pm line 47.
Compilation failed in require at /usr/share/perl5/Dpkg/Index.pm line 26.
BEGIN failed--compilation aborted at /usr/share/perl5/Dpkg/Index.pm line 26.
Compilation failed in require at poc.pl line 6.
BEGIN failed--compilation aborted at poc.pl line 6.

This corresponds to the following code in get_vendor_object():

        eval qq{
            pop \@INC if \$INC[-1] eq '.';
            require Dpkg::Vendor::$name;
            \$obj = Dpkg::Vendor::$name->new();
        };

Commenting out the 'pop' line does not prevent the "Insecure dependency" error.