Hello community,

here is the log from the commit of package perl-IO-Socket-SSL for 
openSUSE:Factory checked in at 2016-04-11 09:11:16
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/perl-IO-Socket-SSL (Old)
 and      /work/SRC/openSUSE:Factory/.perl-IO-Socket-SSL.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "perl-IO-Socket-SSL"

Changes:
--------
--- /work/SRC/openSUSE:Factory/perl-IO-Socket-SSL/perl-IO-Socket-SSL.changes    
2016-03-18 21:29:31.000000000 +0100
+++ 
/work/SRC/openSUSE:Factory/.perl-IO-Socket-SSL.new/perl-IO-Socket-SSL.changes   
    2016-04-11 09:11:35.000000000 +0200
@@ -1,0 +2,11 @@
+Wed Apr  6 09:46:47 UTC 2016 - [email protected]
+
+- updated to 2.025
+   see /usr/share/doc/packages/perl-IO-Socket-SSL/Changes
+
+  2.025 2016/04/04
+  - Resolved memleak if SSL_crl_file was used: RT#113257, RT#113530
+    Thanks to avi[DOT]maslati[AT]forescout[DOT]com and
+    mark[DOT]kurman[AT]gmail[DOT]com for reporting the problem
+
+-------------------------------------------------------------------

Old:
----
  IO-Socket-SSL-2.024.tar.gz

New:
----
  IO-Socket-SSL-2.025.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ perl-IO-Socket-SSL.spec ++++++
--- /var/tmp/diff_new_pack.y0I1HC/_old  2016-04-11 09:11:36.000000000 +0200
+++ /var/tmp/diff_new_pack.y0I1HC/_new  2016-04-11 09:11:36.000000000 +0200
@@ -17,7 +17,7 @@
 
 
 Name:           perl-IO-Socket-SSL
-Version:        2.024
+Version:        2.025
 Release:        0
 %define cpan_name IO-Socket-SSL
 Summary:        Nearly transparent SSL encapsulation for IO::Socket::INET

++++++ IO-Socket-SSL-2.024.tar.gz -> IO-Socket-SSL-2.025.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/IO-Socket-SSL-2.024/Changes 
new/IO-Socket-SSL-2.025/Changes
--- old/IO-Socket-SSL-2.024/Changes     2016-02-06 20:34:22.000000000 +0100
+++ new/IO-Socket-SSL-2.025/Changes     2016-04-04 09:20:51.000000000 +0200
@@ -1,3 +1,7 @@
+2.025 2016/04/04
+- Resolved memleak if SSL_crl_file was used: RT#113257, RT#113530
+  Thanks to avi[DOT]maslati[AT]forescout[DOT]com and
+  mark[DOT]kurman[AT]gmail[DOT]com for reporting the problem
 2.024 2016/02/06
 - Work around issue where the connect fails on systems having only a loopback
   interface and where IO::Socket::IP is used as super class (default when
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/IO-Socket-SSL-2.024/META.json 
new/IO-Socket-SSL-2.025/META.json
--- old/IO-Socket-SSL-2.024/META.json   2016-02-06 20:36:49.000000000 +0100
+++ new/IO-Socket-SSL-2.025/META.json   2016-04-04 09:22:44.000000000 +0200
@@ -4,7 +4,7 @@
       "Steffen Ullrich <[email protected]>, Peter Behroozi, Marko Asplund"
    ],
    "dynamic_config" : 1,
-   "generated_by" : "ExtUtils::MakeMaker version 6.98, CPAN::Meta::Converter 
version 2.120630",
+   "generated_by" : "ExtUtils::MakeMaker version 6.66, CPAN::Meta::Converter 
version 2.120921",
    "license" : [
       "perl_5"
    ],
@@ -50,5 +50,5 @@
          "url" : "https://github.com/noxxi/p5-io-socket-ssl";
       }
    },
-   "version" : "2.024"
+   "version" : "2.025"
 }
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/IO-Socket-SSL-2.024/META.yml 
new/IO-Socket-SSL-2.025/META.yml
--- old/IO-Socket-SSL-2.024/META.yml    2016-02-06 20:36:49.000000000 +0100
+++ new/IO-Socket-SSL-2.025/META.yml    2016-04-04 09:22:43.000000000 +0200
@@ -3,26 +3,26 @@
 author:
   - 'Steffen Ullrich <[email protected]>, Peter Behroozi, Marko Asplund'
 build_requires:
-  ExtUtils::MakeMaker: '0'
+  ExtUtils::MakeMaker: 0
 configure_requires:
-  ExtUtils::MakeMaker: '0'
+  ExtUtils::MakeMaker: 0
 dynamic_config: 1
-generated_by: 'ExtUtils::MakeMaker version 6.98, CPAN::Meta::Converter version 
2.120630'
+generated_by: 'ExtUtils::MakeMaker version 6.66, CPAN::Meta::Converter version 
2.120921'
 license: perl
 meta-spec:
   url: http://module-build.sourceforge.net/META-spec-v1.4.html
-  version: '1.4'
+  version: 1.4
 name: IO-Socket-SSL
 no_index:
   directory:
     - t
     - inc
 requires:
-  Net::SSLeay: '1.46'
-  Scalar::Util: '0'
+  Net::SSLeay: 1.46
+  Scalar::Util: 0
 resources:
   bugtracker: https://rt.cpan.org/Dist/Display.html?Queue=IO-Socket-SSL
   homepage: https://github.com/noxxi/p5-io-socket-ssl
   license: http://dev.perl.org/licenses/
   repository: https://github.com/noxxi/p5-io-socket-ssl
-version: '2.024'
+version: 2.025
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/IO-Socket-SSL-2.024/lib/IO/Socket/SSL.pm 
new/IO-Socket-SSL-2.025/lib/IO/Socket/SSL.pm
--- old/IO-Socket-SSL-2.024/lib/IO/Socket/SSL.pm        2016-02-06 
20:29:52.000000000 +0100
+++ new/IO-Socket-SSL-2.025/lib/IO/Socket/SSL.pm        2016-04-04 
09:18:18.000000000 +0200
@@ -13,7 +13,7 @@
 
 package IO::Socket::SSL;
 
-our $VERSION = '2.024';
+our $VERSION = '2.025';
 
 use IO::Socket;
 use Net::SSLeay 1.46;
@@ -2379,6 +2379,7 @@
            if ($arg_hash->{'SSL_crl_file'}) {
                my $bio = 
Net::SSLeay::BIO_new_file($arg_hash->{'SSL_crl_file'}, 'r');
                my $crl = Net::SSLeay::PEM_read_bio_X509_CRL($bio);
+               Net::SSLeay::BIO_free($bio);
                if ( $crl ) {
                    
Net::SSLeay::X509_STORE_add_crl(Net::SSLeay::CTX_get_cert_store($ctx), $crl);
                } else {
@@ -2876,6 +2877,7 @@
        };
        if (!($done = $cache->get($certid))) {
            push @{ $todo{$uri}{ids} }, $certid;
+           push @{ $todo{$uri}{subj} }, $subj;
        } elsif ( $done->{hard_error} ) {
            # one error is enough to fail validation
            $hard_error = $done->{hard_error};
@@ -2922,11 +2924,13 @@
 
     # do we have a response
     if (!$resp) {
-       @soft_error = "http request failed"
+       @soft_error = "http request for OCSP failed; subject: ".
+           join("; ",@{$todo->{subj}});
 
     # is it an valid OCSP_RESPONSE
     } elsif ( ! eval { $resp = Net::SSLeay::d2i_OCSP_RESPONSE($resp) }) {
-       @soft_error = "invalid response (no OCSP_RESPONSE)";
+       @soft_error = "invalid response (no OCSP_RESPONSE); subject: ".
+           join("; ",@{$todo->{subj}});
        # hopefully short-time error
        $self->{cache}->put($_,{
            soft_error => "@soft_error",
@@ -2938,7 +2942,8 @@
            != Net::SSLeay::OCSP_RESPONSE_STATUS_SUCCESSFUL()
     ){
        @soft_error = "OCSP response failed: ".
-           Net::SSLeay::OCSP_response_status_str($status);
+           Net::SSLeay::OCSP_response_status_str($status).
+           "; subject: ".join("; ",@{$todo->{subj}});
        # hopefully short-time error
        $self->{cache}->put($_,{
            soft_error => "@soft_error",
@@ -2957,7 +2962,8 @@
            while ( my $err = Net::SSLeay::ERR_get_error()) {
                push @soft_error, Net::SSLeay::ERR_error_string($err);
            }
-           @soft_error = 'failed to verify OCSP response' if ! @soft_error;
+           @soft_error = 'failed to verify OCSP response; subject: '.
+               join("; ",@{$todo->{subj}}) if ! @soft_error;
        }
        # configuration problem or we don't know the signer
        $self->{cache}->put($_,{
@@ -2978,7 +2984,8 @@
                } elsif ( $rv->[2]{statusType} ==
                    Net::SSLeay::V_OCSP_CERTSTATUS_GOOD()) {
                    # soft error, like response after nextUpdate
-                   push @soft_error,$rv->[1];
+                   push @soft_error,$rv->[1]."; subject: ".
+                       join("; ",@{$todo->{subj}});
                    $self->{cache}->put($rv->[0],{
                        %{$rv->[2]},
                        soft_error => "@soft_error",
@@ -2987,7 +2994,8 @@
                } else {
                    # hard error
                    $self->{cache}->put($rv->[0],$rv->[2]);
-                   push @hard_error, $rv->[1];
+                   push @hard_error, $rv->[1]."; subject: ".
+                       join("; ",@{$todo->{subj}});
                }
            } else {
                push @miss,$rv->[0];
@@ -3003,7 +3011,8 @@
            $DEBUG>=2 && DEBUG("$uri just answered ".@found." of 
".(@found+@miss)." requests");
        }
     } else {
-       @soft_error = "no data in response";
+       @soft_error = "no data in response; subject: ".
+           join("; ",@{$todo->{subj}});
        # probably configuration problem
        $self->{cache}->put($_,{
            soft_error => "@soft_error",


Reply via email to