[Frugalware-git] frugalware-current: perl-lwp-protocol-https-6.06-2-x86_64

Sun, 20 Jul 2014 02:07:21 -0700 

Git-Url: 
http://git.frugalware.org/gitweb/gitweb.cgi?p=frugalware-current.git;a=commitdiff;h=303fe00151e111896610b7c72dfea289175252ed

commit 303fe00151e111896610b7c72dfea289175252ed
Author: kikadf <[email protected]>
Date:   Sun Jul 20 11:08:28 2014 +0200

perl-lwp-protocol-https-6.06-2-x86_64

* Fix CVE-2014-3230

diff --git a/source/lib-extra/perl-lwp-protocol-https/CVE-2014-3230.patch 
b/source/lib-extra/perl-lwp-protocol-https/CVE-2014-3230.patch
new file mode 100644
index 0000000..d672a7d
--- /dev/null
+++ b/source/lib-extra/perl-lwp-protocol-https/CVE-2014-3230.patch
@@ -0,0 +1,25 @@
+Description: Fix peer certificate verification
+ LWP::Protocol::HTTPS disabled peer certificate verification in case
+ only hostname verification was disabled.
+Origin: vendor
+Bug: https://github.com/libwww-perl/lwp-protocol-https/pull/14
+Bug-Debian: https://bugs.debian.org/746579
+Forwarded: not-needed
+Author: Steffen Ullrich <[email protected]>
+Last-Update: 2014-05-04
+
+--- a/lib/LWP/Protocol/https.pm
++++ b/lib/LWP/Protocol/https.pm
+@@ -21,7 +21,11 @@
+       $ssl_opts{SSL_verifycn_scheme} = 'www';
+     }
+     else {
+-      $ssl_opts{SSL_verify_mode} = 0;
++      if ( $Net::HTTPS::SSL_SOCKET_CLASS eq 'Net::SSL' ) {
++              $ssl_opts{SSL_verifycn_scheme} = '';
++      } else {
++              $ssl_opts{SSL_verifycn_scheme} = 'none';
++      }
+     }
+     if ($ssl_opts{SSL_verify_mode}) {
+       unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) 
{
diff --git a/source/lib-extra/perl-lwp-protocol-https/FrugalBuild 
b/source/lib-extra/perl-lwp-protocol-https/FrugalBuild
index 08a0ef9..fc5b233 100644
--- a/source/lib-extra/perl-lwp-protocol-https/FrugalBuild
+++ b/source/lib-extra/perl-lwp-protocol-https/FrugalBuild
@@ -7,7 +7,13 @@ pkgver=6.06
pkgdesc="Provides https support for LWP::UserAgent"
depends=('perl-io-socket-ssl' 'perl-mozilla-ca' 'perl-net-http' 'perl-libwww')
Finclude perl
-pkgrel=1
+pkgrel=2
groups=('lib-extra')
archs=('i686' 'x86_64')
sha1sums=('210a2f7ba3f82ffc7a18836d0a4356986080d407')
+
+# FSA fix ***
+source=(${source[@]} CVE-2014-3230.patch)
+sha1sums=(${sha1sums[@]} 'd40684ef3bae1ecbde8311a70ea51a68d2947f2d')
+# ***********
+
_______________________________________________
Frugalware-git mailing list
[email protected]
http://frugalware.org/mailman/listinfo/frugalware-git

Reply via email to