commit perl-HTTP-Daemon for openSUSE:Factory

Source-Sync Sat, 11 Mar 2023 09:24:44 -0800

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package perl-HTTP-Daemon for 
openSUSE:Factory checked in at 2023-03-11 18:23:38
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/perl-HTTP-Daemon (Old)
 and      /work/SRC/openSUSE:Factory/.perl-HTTP-Daemon.new.31432 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "perl-HTTP-Daemon"

Sat Mar 11 18:23:38 2023 rev:18 rq:1070691 version:6.16

Changes:
--------
--- /work/SRC/openSUSE:Factory/perl-HTTP-Daemon/perl-HTTP-Daemon.changes        
2022-07-31 23:00:48.847669107 +0200
+++ 
/work/SRC/openSUSE:Factory/.perl-HTTP-Daemon.new.31432/perl-HTTP-Daemon.changes 
    2023-03-11 18:24:29.403021329 +0100
@@ -1,0 +2,28 @@
+Thu Mar  9 16:44:14 UTC 2023 - Tina MÃ¼ller <[email protected]>
+
+- Remove patches
+  - CVE-2022-31081-2.patch
+  - CVE-2022-31081-Add-new-test-for-Content-Length-issues.patch
+  - CVE-2022-31081.patch
+  They were fixed upstream (bsc#1201157)
+
+-------------------------------------------------------------------
+Sat Feb 25 03:06:35 UTC 2023 - Tina MÃ¼ller <[email protected]>
+
+- updated to 6.16
+   see /usr/share/doc/packages/perl-HTTP-Daemon/Changes
+
+  6.16      2023-02-24 03:07:14Z
+    - Bump LWP::UserAgent to 6.37 in TestSuggests (GH#65) (Olaf Alders)
+
+  6.15      2023-02-22 22:02:46Z
+    - Fix CVE-2022-31081: Inconsistent Interpretation of HTTP Requests
+      Correctly handle multiple Content-Length headers and its variants
+      (Theo van Hoesel)
+      Closes "Discrepancies in the Parsing of Content Length header ..." 
(GH#56)
+      (blessingcharles)
+    - kill test server with KILL rather than QUIT (GH#63) (Graham Knop)
+    - Create TestServer test lib for running daemon process (GH#62) (Graham 
Knop)
+    - Clean up tests (GH#61) (Graham Knop)
+
+-------------------------------------------------------------------

Old:
----
  CVE-2022-31081-2.patch
  CVE-2022-31081-Add-new-test-for-Content-Length-issues.patch
  CVE-2022-31081.patch
  HTTP-Daemon-6.14.tar.gz

New:
----
  HTTP-Daemon-6.16.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ perl-HTTP-Daemon.spec ++++++
--- /var/tmp/diff_new_pack.2BoDzu/_old  2023-03-11 18:24:29.979024332 +0100
+++ /var/tmp/diff_new_pack.2BoDzu/_new  2023-03-11 18:24:29.983024353 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package perl-HTTP-Daemon
 #
-# Copyright (c) 2022 SUSE LLC
+# Copyright (c) 2023 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -18,18 +18,13 @@
 
 %define cpan_name HTTP-Daemon
 Name:           perl-HTTP-Daemon
-Version:        6.14
+Version:        6.16
 Release:        0
-Summary:        Simple http server class
 License:        Artistic-1.0 OR GPL-1.0-or-later
+Summary:        Simple http server class
 URL:            https://metacpan.org/release/%{cpan_name}
 Source0:        
https://cpan.metacpan.org/authors/id/O/OA/OALDERS/%{cpan_name}-%{version}.tar.gz
 Source1:        cpanspec.yml
-# PATCH-FIX-SECURITY bsc#1201157 [email protected]
-# Fix request smuggling in HTTP::Daemon
-Patch0:         CVE-2022-31081.patch
-Patch1:         CVE-2022-31081-2.patch
-Patch2:         CVE-2022-31081-Add-new-test-for-Content-Length-issues.patch
 BuildArch:      noarch
 BuildRequires:  perl
 BuildRequires:  perl-macros
@@ -37,14 +32,12 @@
 BuildRequires:  perl(HTTP::Request) >= 6
 BuildRequires:  perl(HTTP::Response) >= 6
 BuildRequires:  perl(HTTP::Status) >= 6
-BuildRequires:  perl(HTTP::Tiny) >= 0.042
 BuildRequires:  perl(IO::Socket::IP) >= 0.32
 BuildRequires:  perl(LWP::MediaTypes) >= 6
 BuildRequires:  perl(Module::Build::Tiny) >= 0.034
 BuildRequires:  perl(Module::Metadata)
 BuildRequires:  perl(Test::More) >= 0.98
 BuildRequires:  perl(Test::Needs)
-BuildRequires:  perl(URI)
 Requires:       perl(HTTP::Date) >= 6
 Requires:       perl(HTTP::Request) >= 6
 Requires:       perl(HTTP::Response) >= 6
@@ -70,8 +63,7 @@
 back various responses.
 
 %prep
-%autosetup  -n %{cpan_name}-%{version} -p1
-find . -type f ! -path "*/t/*" ! -name "*.pl" ! -path "*/bin/*" ! -path 
"*/script/*" ! -name "configure" -print0 | xargs -0 chmod 644
+%autosetup  -n %{cpan_name}-%{version}
 
 %build
 perl Build.PL --installdirs=vendor

++++++ HTTP-Daemon-6.14.tar.gz -> HTTP-Daemon-6.16.tar.gz ++++++
++++ 4074 lines of diff (skipped)

commit perl-HTTP-Daemon for openSUSE:Factory

Reply via email to