Hello community,
here is the log from the commit of package apache2-mod_perl for
openSUSE:Factory checked in at 2013-06-28 11:46:49
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/apache2-mod_perl (Old)
and /work/SRC/openSUSE:Factory/.apache2-mod_perl.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "apache2-mod_perl"
Changes:
--------
--- /work/SRC/openSUSE:Factory/apache2-mod_perl/apache2-mod_perl.changes
2013-04-08 14:25:31.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.apache2-mod_perl.new/apache2-mod_perl.changes
2013-06-28 11:46:50.000000000 +0200
@@ -1,0 +2,36 @@
+Tue Jun 25 08:53:37 UTC 2013 - co...@suse.com
+
+- update to version 2.0.8 (http24 branch as used by debian):
+
+ Perl 5.16.3's fix for a rehash-based DoS makes it more difficult to invoke
+ the workaround for the old hash collision attack, which breaks mod_perl's
+ t/perl/hash_attack.t. Patch from rt.cpan.org #83916 improves the fix
+ previously applied as revision 1455340. [Zefram]
+
+ On Perl 5.17.6 and above, hash seeding has changed, and HvREHASH has
+ disappeared. Patch to update mod_perl accordingly from rt.cpan.org #83921.
+ [Zefram]
+
+ Restore build with Perl 5.8.1, 5.8.2 etc: take care to use
+ $Config{useithreads} rather than $Config{usethreads}, and supply definitions
+ of Newx and Newxz as necessary. [Steve Hay]
+
+ On Perl 5.17.9, t/apache/read2.t fails because an "uninitialized value"
+ warning is generated for the buffer being autovivified. This is because
+ the sv_setpvn() that's meant to vivify the buffer doesn't perform set
+ magic; the warning is generated by the immediately following SvPV_force().
+ Patch to fix this from rt.cpan.org #83922. [Zefram]
+
+ Fix t/perl/hash_attack.t to work with Perl 5.14.4, 5.16.3 etc, which
+ contain a fix for CVE-2013-1667 (memory exhaustion with arbitrary hash
+ keys). This resolves rt.perl.org #116863, from where the patch was taken.
+ [Hugo van der Sanden]
+
+ use APR::Finfo instead of Perl's stat() in ModPerl::RegistryCooker to
+ generate HTTP code 404 even if the requested filename contains newlines
+ [Torsten]
+- disable patch lfs-perl-5.14.patch as it no longer applies, but
+ I can't find out if it's still need for ppc64 or if upstream's
+ changes are good enough
+
+-------------------------------------------------------------------
Old:
----
mod_perl-2.0.7+svn1448242.tar.gz
New:
----
libapache2-mod-perl2_2.0.8+httpd24-r1449661.orig.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ apache2-mod_perl.spec ++++++
--- /var/tmp/diff_new_pack.ozAKxC/_old 2013-06-28 11:46:51.000000000 +0200
+++ /var/tmp/diff_new_pack.ozAKxC/_new 2013-06-28 11:46:51.000000000 +0200
@@ -52,15 +52,12 @@
Url: http://perl.apache.org/
Obsoletes: mod_perl_2
Conflicts: mod_perl
-Version: 2.0.7+svn1448242
+Version: 2.0.8
Release: 0
-Source0: http://perl.apache.org/dist/mod_perl-%{version}.tar.gz
+Source0:
http://ftp.de.debian.org/debian/pool/main/liba/libapache2-mod-perl2/libapache2-mod-perl2_2.0.8+httpd24-r1449661.orig.tar.gz
Patch: %{name}-2.0.4-tests.diff
+# PATCH-NEEDS-REBASE
Patch1: lfs-perl-5.14.patch
-#%define apache_test_version 1_99_15
-# cvs -d :pserver:anon...@cvs.apache.org:/home/cvspublic up -r
MODPERL_%{apache_test_version}
-#Source1: Apache-Test-%{apache_test_version}.tar.bz2
-#Url: http://perl.apache.org/
Icon: mod_perl.xpm
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@@ -115,8 +112,8 @@
%prep
#%setup -q -n modperl-2.0 -a 1
-%setup -q -n mod_perl-%{version}
-%patch1 -p1
+%setup -q -n httpd24
+#%patch1 -p1
find -name ".svn" -type d | xargs rm -rfv
%build
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
