Hello community, here is the log from the commit of package perl for openSUSE:11.4 checked in at Tue Nov 22 15:49:55 CET 2011.
-------- --- old-versions/11.4/UPDATES/all/perl/perl.changes 2011-05-03 18:18:17.000000000 +0200 +++ 11.4/perl/perl.changes 2011-11-21 18:28:04.000000000 +0100 @@ -1,0 +2,5 @@ +Mon Nov 21 18:25:02 CET 2011 - m...@suse.de + +- fix heap overflow bug in Unicode.xs [bnc#728662] [CVE-2011-2939] + +------------------------------------------------------------------- calling whatdependson for 11.4-i586 New: ---- perl-decode_xs.diff ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ perl.spec ++++++ --- /var/tmp/diff_new_pack.4Cd6yI/_old 2011-11-22 15:48:38.000000000 +0100 +++ /var/tmp/diff_new_pack.4Cd6yI/_new 2011-11-22 15:48:38.000000000 +0100 @@ -21,7 +21,7 @@ Name: perl Summary: The Perl interpreter Version: 5.12.3 -Release: 11.<RELEASE16> +Release: 11.<RELEASE18> %define pversion 5.12.3 License: Artistic License .. ; GPLv2+ Group: Development/Languages/Perl @@ -43,6 +43,7 @@ Patch9: perl-HiRes.t-timeout.diff Patch10: perl-lcuctaint.diff Patch11: perl-saverecontext.diff +Patch12: perl-decode_xs.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build PreReq: perl-base = %version #PreReq: %fillup_prereq @@ -144,6 +145,7 @@ %patch9 -p1 %patch10 %patch11 +%patch12 %build cp -a lib savelib ++++++ perl-decode_xs.diff ++++++ --- ./cpan/Encode/Unicode/Unicode.xs.orig 2011-11-21 17:10:28.000000000 +0000 +++ ./cpan/Encode/Unicode/Unicode.xs 2011-11-21 17:11:35.000000000 +0000 @@ -246,7 +246,8 @@ CODE: This prevents allocating too much in the rogue case of a large input consisting initially of long sequence uft8-byte unicode chars followed by single utf8-byte chars. */ - STRLEN remaining = (e - s)/usize; + /* +1 fixes Unicode.xs!decode_xs n-byte heap-overflow */ + STRLEN remaining = (e - s)/usize + 1; /* +1 to avoid the leak */ STRLEN max_alloc = remaining + (8*1024*1024); STRLEN est_alloc = remaining * UTF8_MAXLEN; STRLEN newlen = SvLEN(result) + /* min(max_alloc, est_alloc) */ continue with "q"... Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org