commit perl for openSUSE:11.4

Tue, 22 Nov 2011 06:49:58 -0800 

Hello community,

here is the log from the commit of package perl for openSUSE:11.4
checked in at Tue Nov 22 15:49:55 CET 2011.



--------
--- old-versions/11.4/UPDATES/all/perl/perl.changes     2011-05-03 
18:18:17.000000000 +0200
+++ 11.4/perl/perl.changes      2011-11-21 18:28:04.000000000 +0100
@@ -1,0 +2,5 @@
+Mon Nov 21 18:25:02 CET 2011 - m...@suse.de
+
+- fix heap overflow bug in Unicode.xs [bnc#728662] [CVE-2011-2939]
+
+-------------------------------------------------------------------

calling whatdependson for 11.4-i586


New:
----
  perl-decode_xs.diff

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ perl.spec ++++++
--- /var/tmp/diff_new_pack.4Cd6yI/_old  2011-11-22 15:48:38.000000000 +0100
+++ /var/tmp/diff_new_pack.4Cd6yI/_new  2011-11-22 15:48:38.000000000 +0100
@@ -21,7 +21,7 @@
 Name:           perl
 Summary:        The Perl interpreter
 Version:        5.12.3
-Release:        11.<RELEASE16>
+Release:        11.<RELEASE18>
 %define pversion 5.12.3
 License:        Artistic License .. ; GPLv2+
 Group:          Development/Languages/Perl
@@ -43,6 +43,7 @@
 Patch9:         perl-HiRes.t-timeout.diff
 Patch10:        perl-lcuctaint.diff
 Patch11:        perl-saverecontext.diff
+Patch12:        perl-decode_xs.diff
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 PreReq:         perl-base = %version
 #PreReq:         %fillup_prereq
@@ -144,6 +145,7 @@
 %patch9 -p1
 %patch10
 %patch11
+%patch12
 
 %build
 cp -a lib savelib

++++++ perl-decode_xs.diff ++++++
--- ./cpan/Encode/Unicode/Unicode.xs.orig       2011-11-21 17:10:28.000000000 
+0000
+++ ./cpan/Encode/Unicode/Unicode.xs    2011-11-21 17:11:35.000000000 +0000
@@ -246,7 +246,8 @@ CODE:
               This prevents allocating too much in the rogue case of a large
               input consisting initially of long sequence uft8-byte unicode
               chars followed by single utf8-byte chars. */
-           STRLEN remaining = (e - s)/usize;
+           /* +1 fixes Unicode.xs!decode_xs n-byte heap-overflow */
+           STRLEN remaining = (e - s)/usize + 1; /* +1 to avoid the leak */
            STRLEN max_alloc = remaining + (8*1024*1024);
            STRLEN est_alloc = remaining * UTF8_MAXLEN;
            STRLEN newlen = SvLEN(result) + /* min(max_alloc, est_alloc) */
continue with "q"...



Remember to have fun...

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

Reply via email to