Author: ken Date: 2011-11-17 17:40:17 -0700 (Thu, 17 Nov 2011) New Revision: 2333
Added: trunk/perl/perl-5.14.2-security_fixes-1.patch Removed: trunk/perl/perl-5.14.2-security_fixes.patch Log: Correct the name and header of this patch to meet LFS standards. Copied: trunk/perl/perl-5.14.2-security_fixes-1.patch (from rev 2329, trunk/perl/perl-5.14.2-security_fixes.patch) =================================================================== --- trunk/perl/perl-5.14.2-security_fixes-1.patch (rev 0) +++ trunk/perl/perl-5.14.2-security_fixes-1.patch 2011-11-18 00:40:17 UTC (rev 2333) @@ -0,0 +1,35 @@ +Submitted By: Ken Moffat <ken at linuxfromscratch dot org> +Date: 2011-11-16 +Initial Package Version: 5.14.2 (applies to earleir as well) +Upstream Status: Applied +Origin: Fedora +Description: Fixes CVE-2011-3597 + +From dbcab24bb98b4a243c8330bc7017c2080832b3f9 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <[email protected]> +Date: Tue, 4 Oct 2011 13:46:39 +0200 +Subject: [PATCH] Fix code injection in Digest + +See <https://bugzilla.redhat.com/show_bug.cgi?id=743010> for more details. +--- + cpan/Digest/Digest.pm | 4 +++- + 1 files changed, 3 insertions(+), 1 deletions(-) + +diff --git a/cpan/Digest/Digest.pm b/cpan/Digest/Digest.pm +index 384dfc8..4b923ae 100644 +--- a/cpan/Digest/Digest.pm ++++ b/cpan/Digest/Digest.pm +@@ -35,7 +35,9 @@ sub new + ($class, @args) = @$class if ref($class); + no strict 'refs'; + unless (exists ${"$class\::"}{"VERSION"}) { +- eval "require $class"; ++ my $pm_file = $class . ".pm"; ++ $pm_file =~ s{::}{/}g; ++ eval { require $pm_file }; + if ($@) { + $err ||= $@; + next; +-- +1.7.6.4 + Deleted: trunk/perl/perl-5.14.2-security_fixes.patch =================================================================== --- trunk/perl/perl-5.14.2-security_fixes.patch 2011-11-17 04:18:58 UTC (rev 2332) +++ trunk/perl/perl-5.14.2-security_fixes.patch 2011-11-18 00:40:17 UTC (rev 2333) @@ -1,28 +0,0 @@ -From dbcab24bb98b4a243c8330bc7017c2080832b3f9 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <[email protected]> -Date: Tue, 4 Oct 2011 13:46:39 +0200 -Subject: [PATCH] Fix code injection in Digest - -See <https://bugzilla.redhat.com/show_bug.cgi?id=743010> for more details. ---- - cpan/Digest/Digest.pm | 4 +++- - 1 files changed, 3 insertions(+), 1 deletions(-) - -diff --git a/cpan/Digest/Digest.pm b/cpan/Digest/Digest.pm -index 384dfc8..4b923ae 100644 ---- a/cpan/Digest/Digest.pm -+++ b/cpan/Digest/Digest.pm -@@ -35,7 +35,9 @@ sub new - ($class, @args) = @$class if ref($class); - no strict 'refs'; - unless (exists ${"$class\::"}{"VERSION"}) { -- eval "require $class"; -+ my $pm_file = $class . ".pm"; -+ $pm_file =~ s{::}{/}g; -+ eval { require $pm_file }; - if ($@) { - $err ||= $@; - next; --- -1.7.6.4 - -- http://linuxfromscratch.org/mailman/listinfo/patches FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
