[CVS] OpenPKG: openpkg-re/vcheck/ vc.perl56 openpkg-src/perl56/ perl56...

Fri, 21 Nov 2003 12:11:35 -0800 

  OpenPKG CVS Repository
  http://cvs.openpkg.org/
  ____________________________________________________________________________

  Server: cvs.openpkg.org                  Name:   Ralf S. Engelschall
  Root:   /e/openpkg/cvs                   Email:  [EMAIL PROTECTED]
  Module: openpkg-src openpkg-web openpkg$ Date:   21-Nov-2003 20:07:57
  Branch: HEAD                             Handle: 2003112119075402

  Modified files:
    openpkg-re/vcheck       vc.perl56
    openpkg-src/perl56      perl56.patch perl56.spec
    openpkg-web             news.txt

  Log:
    upgrading package: perl56 5.6.1 -> 5.6.2

  Summary:
    Revision    Changes     Path
    1.2         +1  -1      openpkg-re/vcheck/vc.perl56
    1.4         +46 -96     openpkg-src/perl56/perl56.patch
    1.9         +2  -2      openpkg-src/perl56/perl56.spec
    1.7491      +1  -0      openpkg-web/news.txt
  ____________________________________________________________________________

  patch -p0 <<'@@ .'
  Index: openpkg-re/vcheck/vc.perl56
  ============================================================================
  $ cvs diff -u -r1.1 -r1.2 vc.perl56
  --- openpkg-re/vcheck/vc.perl56       23 Jan 2003 15:14:38 -0000      1.1
  +++ openpkg-re/vcheck/vc.perl56       21 Nov 2003 19:07:54 -0000      1.2
  @@ -2,7 +2,7 @@
   }
   
   prog perl56 = {
  -  version   = 5.6.1
  +  version   = 5.6.2
     url       = ftp://ftp.cpan.org/pub/CPAN/src/
     regex     = perl-(5\.6\.\d+)\.tar\.gz
   }
  @@ .
  patch -p0 <<'@@ .'
  Index: openpkg-src/perl56/perl56.patch
  ============================================================================
  $ cvs diff -u -r1.3 -r1.4 perl56.patch
  --- openpkg-src/perl56/perl56.patch   2 Oct 2003 13:24:58 -0000       1.3
  +++ openpkg-src/perl56/perl56.patch   21 Nov 2003 19:07:56 -0000      1.4
  @@ -1,57 +1,7 @@
  ---- ext/Opcode/Safe.pm.orig
  -+++ ext/Opcode/Safe.pm
  -@@ -213,7 +213,7 @@
  -     # Create anon sub ref in root of compartment.
  -     # Uses a closure (on $expr) to pass in the code to be executed.
  -     # (eval on one line to keep line numbers as expected by caller)
  --    my $evalcode = sprintf('package %s; sub { eval $expr; }', $root);
  -+    my $evalcode = sprintf('package %s; sub { @_ = (); eval $expr; }', $root);
  -     my $evalsub;
  - 
  -     if ($strict) { use strict; $evalsub = eval $evalcode; }
  -@@ -227,7 +227,7 @@
  -     my $root = $obj->{Root};
  - 
  -     my $evalsub = eval
  --        sprintf('package %s; sub { do $file }', $root);
  -+        sprintf('package %s; sub { @_ = (); do $file }', $root);
  -     return Opcode::_safe_call_sv($root, $obj->{Mask}, $evalsub);
  - }
  -
  ---- makedepend.SH.orig       Mon Mar 19 08:33:17 2001
  -+++ makedepend.SH    Sun May 19 15:17:49 2002
  -@@ -141,6 +141,8 @@
  -         $cppstdin $finc -I. $cppflags $cppminus <UU/$file.c |
  -         $sed \
  -                 -e '/^#.*<stdin>/d' \
  -+                -e '/^#.*<built-in>/d' \
  -+                -e '/^#.*<command line>/d' \
  -         -e '/^#.*"-"/d' \
  -         -e 's#\.[0-9][0-9]*\.c#'"$file.c#" \
  -         -e 's/^[     ]*#[    ]*line/#/' \
  -@@ -155,6 +157,8 @@
  -         $sed \
  -         -e '1d' \
  -         -e '/^#.*<stdin>/d' \
  -+                -e '/^#.*<built-in>/d' \
  -+                -e '/^#.*<command line>/d' \
  -         -e '/^#.*"-"/d' \
  -         -e 's#\.[0-9][0-9]*\.c#'"$file.c#" \
  -         -e 's/^[     ]*#[    ]*line/#/' \
  ---- hints/dec_osf.sh.orig    Fri Feb 23 03:57:55 2001
  -+++ hints/dec_osf.sh Wed Jun  5 16:34:54 2002
  -@@ -65,7 +65,7 @@
  -     # reset
  -     _DEC_cc_style=
  - case "`$cc -v 2>&1 | grep cc`" in
  --*gcc*)      _gcc_version=`$cc --version 2>&1 | tr . ' '`
  -+*gcc*)      _gcc_version=`$cc --version 2>&1 | head -1 | sed -e 's;^gcc (GCC) ;;' 
-e 's;^cc (GCC) ;;' | tr . ' '`
  -     set $_gcc_version
  -     if test "$1" -lt 2 -o \( "$1" -eq 2 -a \( "$2" -lt 95 -o \( "$2" -eq 95 -a 
"$3" -lt 2 \) \) \); then
  -         cat >&4 <<EOF
  ---- hints/freebsd.sh.orig    2002-08-26 16:57:58.000000000 +0200
  -+++ hints/freebsd.sh 2002-08-26 16:58:44.000000000 +0200
  -@@ -104,9 +104,10 @@
  +Index: hints/freebsd.sh
  +--- hints/freebsd.sh.orig    Wed Oct 15 22:26:16 2003
  ++++ hints/freebsd.sh Fri Nov 21 19:57:03 2003
  +@@ -117,9 +117,10 @@
    *)
            objformat=`/usr/bin/objformat`
            if [ x$objformat = xelf ]; then
  @@ -65,9 +15,38 @@
                lddlflags="-shared "
            else
                if [ -e /usr/lib/aout ]; then
  ---- perl.c.orig      2001-03-22 06:05:02.000000000 +0100
  -+++ perl.c   2003-09-03 14:40:14.000000000 +0200
  -@@ -3414,39 +3414,6 @@
  +Index: lib/CGI.pm
  +--- lib/CGI.pm.orig  Thu Jul 31 00:45:36 2003
  ++++ lib/CGI.pm       Fri Nov 21 19:57:03 2003
  +@@ -1498,8 +1498,11 @@
  +     $enctype = $enctype || &URL_ENCODED;
  +     unless (defined $action) {
  +        $action = $self->url(-absolute=>1,-path=>1);
  +-       $action .= "?$ENV{QUERY_STRING}" if $ENV{QUERY_STRING};
  ++       if (length($ENV{QUERY_STRING})>0) {
  ++           $action .= "?".$self->escapeHTML($ENV{QUERY_STRING},1);
  ++       }
  +     }
  ++    $action = escape($action);
  +     $action = qq(action="$action");
  +     my($other) = @other ? " @other" : '';
  +     $self->{'.parametersToAdd'}={};
  +Index: makedepend.SH
  +--- makedepend.SH.orig       Thu Jul 31 00:46:59 2003
  ++++ makedepend.SH    Fri Nov 21 19:57:03 2003
  +@@ -146,6 +146,8 @@
  +         $cppstdin $finc -I. $cppflags $cppminus <UU/$file.c |
  +         $sed \
  +                 -e '/^#.*<stdin>/d' \
  ++                -e '/^#.*<built-in>/d' \
  ++                -e '/^#.*<command line>/d' \
  +         -e '/^#.*"-"/d' \
  +         -e 's#\.[0-9][0-9]*\.c#'"$file.c#" \
  +         -e 's/^[     ]*#[    ]*line/#/' \
  +Index: perl.c
  +--- perl.c.orig      Thu Nov 13 22:14:56 2003
  ++++ perl.c   Fri Nov 21 19:57:03 2003
  +@@ -3421,39 +3421,6 @@
        incpush(APPLLIB_EXP, TRUE, TRUE);
    #endif
    
  @@ -107,10 +86,12 @@
    #ifdef SITEARCH_EXP
        /* sitearch is always relative to sitelib on Windows for
         * DLL-based path intuition to work correctly */
  -@@ -3487,6 +3454,39 @@
  -     incpush(PERL_VENDORLIB_STEM, FALSE, TRUE);
  - #endif
  +@@ -3492,6 +3459,39 @@
    
  + #ifdef PERL_VENDORLIB_STEM /* Search for version-specific dirs below here */
  +     incpush(PERL_VENDORLIB_STEM, FALSE, TRUE);
  ++#endif
  ++
   +#ifdef ARCHLIB_EXP
   +    incpush(ARCHLIB_EXP, FALSE, FALSE);
   +#endif
  @@ -142,13 +123,12 @@
   +    incpush(PRIVLIB_EXP, TRUE, FALSE);
   +#else
   +    incpush(PRIVLIB_EXP, FALSE, FALSE);
  -+#endif
  -+
  - #ifdef PERL_OTHERLIBDIRS
  -     incpush(PERL_OTHERLIBDIRS, TRUE, TRUE);
    #endif
  ---- installperl.orig 2001-03-20 18:40:22.000000000 +0100
  -+++ installperl      2003-09-03 14:41:38.000000000 +0200
  + 
  + #ifdef PERL_OTHERLIBDIRS
  +Index: installperl
  +--- installperl.orig Thu Jul 31 00:45:27 2003
  ++++ installperl      Fri Nov 21 19:57:03 2003
   @@ -129,6 +129,8 @@
    my $installarchlib = $Config{installarchlib};
    my $installsitelib = $Config{installsitelib};
  @@ -167,33 +147,3 @@
    
    if (chdir "lib") {
        $do_installarchlib = ! samepath($installarchlib, '.');
  -
  -http://stein.cshl.org/WWW/software/CGI/
  -    under "Revision History" find "Fixed cross-site scripting bug
  -    reported by obscure" note attached to Version 2.94. A quick fix was
  -    introduced in 2.94. It was replaced by a more careful patch in 2.99.
  -
  -http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0615
  -    Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm
  -    allows remote attackers to insert web script via a URL that is fed
  -    into the form's action parameter
  -
  -This is a backport of the 2.99 patch for 2.752 which is the version
  -embedded with perl 5.6.1
  -
  ---- lib/CGI.pm.orig  2001-03-03 20:53:20.000000000 +0100
  -+++ lib/CGI.pm       2003-10-02 15:18:00.000000000 +0200
  -@@ -1498,8 +1498,11 @@
  -     $enctype = $enctype || &URL_ENCODED;
  -     unless (defined $action) {
  -        $action = $self->url(-absolute=>1,-path=>1);
  --       $action .= "?$ENV{QUERY_STRING}" if $ENV{QUERY_STRING};
  -+       if (length($ENV{QUERY_STRING})>0) {
  -+           $action .= "?".$self->escapeHTML($ENV{QUERY_STRING},1);
  -+       }
  -     }
  -+    $action = escape($action);
  -     $action = qq(action="$action");
  -     my($other) = @other ? " @other" : '';
  -     $self->{'.parametersToAdd'}={};
  -
  @@ .
  patch -p0 <<'@@ .'
  Index: openpkg-src/perl56/perl56.spec
  ============================================================================
  $ cvs diff -u -r1.8 -r1.9 perl56.spec
  --- openpkg-src/perl56/perl56.spec    2 Oct 2003 13:24:58 -0000       1.8
  +++ openpkg-src/perl56/perl56.spec    21 Nov 2003 19:07:56 -0000      1.9
  @@ -32,8 +32,8 @@
   Distribution: OpenPKG [EVAL]
   Group:        Language
   License:      GPL/Artistic
  -Version:      5.6.1
  -Release:      20031002
  +Version:      5.6.2
  +Release:      20031121
   
   #   list of sources
   Source0:      ftp://ftp.cpan.org/pub/CPAN/src/perl-%{version}.tar.gz
  @@ .
  patch -p0 <<'@@ .'
  Index: openpkg-web/news.txt
  ============================================================================
  $ cvs diff -u -r1.7490 -r1.7491 news.txt
  --- openpkg-web/news.txt      21 Nov 2003 19:03:31 -0000      1.7490
  +++ openpkg-web/news.txt      21 Nov 2003 19:07:55 -0000      1.7491
  @@ -1,3 +1,4 @@
  +21-Nov-2003: Upgraded package: P<perl56-5.6.2-20031121>
   21-Nov-2003: Upgraded package: P<doxygen-1.3.5-20031121>
   21-Nov-2003: Upgraded package: P<perl-gtk-20031121-20031121>
   21-Nov-2003: Upgraded package: P<openvpn-1.5.0-20031121>
  @@ .
______________________________________________________________________
The OpenPKG Project                                    www.openpkg.org
CVS Repository Commit List                     [EMAIL PROTECTED]

Reply via email to