diff options
author | Michał Masłowski <mtjm@mtjm.eu> | 2013-03-19 11:22:26 +0100 |
---|---|---|
committer | Michał Masłowski <mtjm@mtjm.eu> | 2013-03-19 11:22:26 +0100 |
commit | 56bf63be7060f55d0048fc1f2e37526723bf0dc7 (patch) | |
tree | 5072df371092a3bfded8d6aadca1af5018523291 /core | |
parent | d697117f3e2c400f8a7cae7bbbbf27166edc277a (diff) | |
parent | b54c21859be3590a319ceade1f58d0b89ac5ef32 (diff) |
Merge branch 'master' of ssh://parabolagnulinux.org:1863/home/parabola/abslibre-pre-mips64el
Conflicts:
community/bitcoin/PKGBUILD
community/chmsee/PKGBUILD
community/projectm/PKGBUILD
extra/apache/PKGBUILD
extra/gv/PKGBUILD
extra/libdc1394/PKGBUILD
extra/libraw1394/PKGBUILD
extra/samba/PKGBUILD
extra/sg3_utils/PKGBUILD
extra/upower/PKGBUILD
extra/xf86-input-aiptek/PKGBUILD
extra/xf86-video-modesetting/PKGBUILD
extra/xorg-server/PKGBUILD
libre/rp-pppoe-libre/PKGBUILD
Diffstat (limited to 'core')
-rw-r--r-- | core/perl/CVE-2013-1667.patch | 50 | ||||
-rw-r--r-- | core/perl/PKGBUILD | 11 | ||||
-rw-r--r-- | core/perl/digest_eval_hole.diff | 61 | ||||
-rw-r--r-- | core/perl/fix-h2ph-and-tests.patch | 104 |
4 files changed, 4 insertions, 222 deletions
diff --git a/core/perl/CVE-2013-1667.patch b/core/perl/CVE-2013-1667.patch deleted file mode 100644 index 8a8f98d32..000000000 --- a/core/perl/CVE-2013-1667.patch +++ /dev/null @@ -1,50 +0,0 @@ -commit 9ec0b001b87d32f1d39b038b72846a5c20417be3 (refs/remotes/origin/maint-5.16) -Author: Andy Dougherty <doughera@lafayette.edu> -Date: Wed Jan 16 12:30:43 2013 -0500 - - Avoid wraparound when casting unsigned size_t to signed ssize_t. - - Practically, this only affects a perl compiled with 64-bit IVs on a 32-bit - system. In that instance a value of count >= 2**31 would turn negative - when cast to (ssize_t). - -diff --git a/perlio.c b/perlio.c -index 7782728..cccfdcd 100644 ---- a/perlio.c -+++ b/perlio.c -@@ -2164,7 +2164,7 @@ PerlIOBase_read(pTHX_ PerlIO *f, void *vbuf, Size_t count) - SSize_t avail = PerlIO_get_cnt(f); - SSize_t take = 0; - if (avail > 0) -- take = ((SSize_t)count < avail) ? (SSize_t)count : avail; -+ take = (((SSize_t) count >= 0) && ((SSize_t)count < avail)) ? (SSize_t)count : avail; - if (take > 0) { - STDCHAR *ptr = PerlIO_get_ptr(f); - Copy(ptr, buf, take, STDCHAR); -@@ -4098,7 +4098,7 @@ PerlIOBuf_unread(pTHX_ PerlIO *f, const void *vbuf, Size_t count) - */ - b->posn -= b->bufsiz; - } -- if (avail > (SSize_t) count) { -+ if ((SSize_t) count >= 0 && avail > (SSize_t) count) { - /* - * If we have space for more than count, just move count - */ -@@ -4148,7 +4148,7 @@ PerlIOBuf_write(pTHX_ PerlIO *f, const void *vbuf, Size_t count) - } - while (count > 0) { - SSize_t avail = b->bufsiz - (b->ptr - b->buf); -- if ((SSize_t) count < avail) -+ if ((SSize_t) count >= 0 && (SSize_t) count < avail) - avail = count; - if (flushptr > buf && flushptr <= buf + avail) - avail = flushptr - buf; -@@ -4423,7 +4423,7 @@ PerlIOPending_read(pTHX_ PerlIO *f, void *vbuf, Size_t count) - { - SSize_t avail = PerlIO_get_cnt(f); - SSize_t got = 0; -- if ((SSize_t)count < avail) -+ if ((SSize_t) count >= 0 && (SSize_t)count < avail) - avail = count; - if (avail > 0) - got = PerlIOBuf_read(aTHX_ f, vbuf, avail); diff --git a/core/perl/PKGBUILD b/core/perl/PKGBUILD index c56ed15d6..6c5229c31 100644 --- a/core/perl/PKGBUILD +++ b/core/perl/PKGBUILD @@ -1,4 +1,4 @@ -# $Id: PKGBUILD 179840 2013-03-10 11:43:57Z bluewind $ +# $Id: PKGBUILD 180140 2013-03-18 08:31:17Z bluewind $ # Maintainer: Florian Pritz <bluewind@xinu.at> # Contributor: Angel Velasquez <angvp@archlinux.org> # Contributor: kevin <kevin.archlinux.org> @@ -6,8 +6,8 @@ # Contributor: francois <francois.archlinux.org> pkgname=perl -pkgver=5.16.2 -pkgrel=4 +pkgver=5.16.3 +pkgrel=1 pkgdesc="A highly capable, feature-rich programming language" arch=(i686 x86_64 'mips64el') license=('GPL' 'PerlArtistic') @@ -16,15 +16,13 @@ groups=('base') depends=('gdbm' 'db' 'coreutils' 'glibc' 'sh') source=(http://www.cpan.org/src/5.0/perl-${pkgver}.tar.bz2 cgi-cr-escaping.diff - CVE-2013-1667.patch perlbin.sh perlbin.csh provides.pl) install=perl.install options=('makeflags' '!purge') -md5sums=('2818ab01672f005a4e552a713aa27b08' +md5sums=('025102de0e4a597cf541e57da80c6aa3' '0486659c9eefe682364a3e364d814296' - '3725d479a42547c6bae33b793b948054' '5ed2542fdb9a60682f215bd33701e61a' '1f0cbbee783e8a6d32f01be5118e0d5e' '999c3eea6464860704abbb055a0f0896') @@ -37,7 +35,6 @@ build() { cd ${srcdir}/${pkgname}-${pkgver} patch -i "$srcdir/cgi-cr-escaping.diff" -p1 - patch -i "$srcdir/CVE-2013-1667.patch" -p1 if [ "${CARCH}" != "i686" ]; then arch_opts="-Dcccdlflags='-fPIC'" diff --git a/core/perl/digest_eval_hole.diff b/core/perl/digest_eval_hole.diff deleted file mode 100644 index 47904137b..000000000 --- a/core/perl/digest_eval_hole.diff +++ /dev/null @@ -1,61 +0,0 @@ -From 4b6a7324284e7435a361c58f7ddb32fc0c635bd0 Mon Sep 17 00:00:00 2001 -From: "Michael G. Schwern" <schwern@pobox.com> -Date: Mon, 3 Oct 2011 19:05:29 +0100 -Subject: Close the eval "require $module" security hole in - Digest->new($algorithm) - -Also the filter was incomplete. - -Bug-Debian: http://bugs.debian.org/644108 - -Patch-Name: fixes/digest_eval_hole.diff ---- - cpan/Digest/Digest.pm | 6 ++++-- - cpan/Digest/t/security.t | 14 ++++++++++++++ - 2 files changed, 18 insertions(+), 2 deletions(-) - create mode 100644 cpan/Digest/t/security.t - -diff --git a/cpan/Digest/Digest.pm b/cpan/Digest/Digest.pm -index 384dfc8..d714434 100644 ---- a/cpan/Digest/Digest.pm -+++ b/cpan/Digest/Digest.pm -@@ -24,7 +24,7 @@ sub new - shift; # class ignored - my $algorithm = shift; - my $impl = $MMAP{$algorithm} || do { -- $algorithm =~ s/\W+//; -+ $algorithm =~ s/\W+//g; - "Digest::$algorithm"; - }; - $impl = [$impl] unless ref($impl); -@@ -35,7 +35,9 @@ sub new - ($class, @args) = @$class if ref($class); - no strict 'refs'; - unless (exists ${"$class\::"}{"VERSION"}) { -- eval "require $class"; -+ my $pm_file = $class . ".pm"; -+ $pm_file =~ s{::}{/}g; -+ eval { require $pm_file }; - if ($@) { - $err ||= $@; - next; -diff --git a/cpan/Digest/t/security.t b/cpan/Digest/t/security.t -new file mode 100644 -index 0000000..5cba122 ---- /dev/null -+++ b/cpan/Digest/t/security.t -@@ -0,0 +1,14 @@ -+#!/usr/bin/env perl -+ -+# Digest->new() had an exploitable eval -+ -+use strict; -+use warnings; -+ -+use Test::More tests => 1; -+ -+use Digest; -+ -+$LOL::PWNED = 0; -+eval { Digest->new(q[MD;5;$LOL::PWNED = 42]) }; -+is $LOL::PWNED, 0; diff --git a/core/perl/fix-h2ph-and-tests.patch b/core/perl/fix-h2ph-and-tests.patch deleted file mode 100644 index a2d176ec6..000000000 --- a/core/perl/fix-h2ph-and-tests.patch +++ /dev/null @@ -1,104 +0,0 @@ -From 8d66b3f930dc6d88b524d103e304308ae73a46e7 Mon Sep 17 00:00:00 2001 -From: Robin Barker <rmbarker@cpan.org> -Date: Thu, 22 Apr 2010 11:51:20 +0100 -Subject: [PATCH 1/1] Fix h2ph and test - ---- - lib/h2ph.t | 12 ++++++++++-- - utils/h2ph.PL | 28 +++++++++++++++++++++++----- - 2 files changed, 33 insertions(+), 7 deletions(-) - -diff --git a/lib/h2ph.t b/lib/h2ph.t -index 27dd7b9..8d62d46 100644 ---- a/lib/h2ph.t -+++ b/lib/h2ph.t -@@ -18,7 +18,7 @@ if (!(-e $extracted_program)) { - exit 0; - } - --plan(4); -+plan(5); - - # quickly compare two text files - sub txt_compare { -@@ -41,8 +41,16 @@ $result = runperl( progfile => 'lib/h2ph.pht', - stderr => 1 ); - like( $result, qr/syntax OK$/, "output compiles"); - -+$result = runperl( progfile => '_h2ph_pre.ph', -+ switches => ['-c'], -+ stderr => 1 ); -+like( $result, qr/syntax OK$/, "preamble compiles"); -+ - $result = runperl( switches => ["-w"], -- prog => '$SIG{__WARN__} = sub { die $_[0] }; require q(lib/h2ph.pht);'); -+ stderr => 1, -+ prog => <<'PROG' ); -+$SIG{__WARN__} = sub { die $_[0] }; require q(lib/h2ph.pht); -+PROG - is( $result, '', "output free of warnings" ); - - # cleanup -diff --git a/utils/h2ph.PL b/utils/h2ph.PL -index 8f56db4..1255807 100644 ---- a/utils/h2ph.PL -+++ b/utils/h2ph.PL -@@ -401,7 +401,10 @@ if ($opt_e && (scalar(keys %bad_file) > 0)) { - exit $Exit; - - sub expr { -- $new = '"(assembly code)"' and return if /\b__asm__\b/; # freak out. -+ if (/\b__asm__\b/) { # freak out -+ $new = '"(assembly code)"'; -+ return -+ } - my $joined_args; - if(keys(%curargs)) { - $joined_args = join('|', keys(%curargs)); -@@ -770,7 +773,7 @@ sub inc_dirs - sub build_preamble_if_necessary - { - # Increment $VERSION every time this function is modified: -- my $VERSION = 2; -+ my $VERSION = 3; - my $preamble = "$Dest_dir/_h2ph_pre.ph"; - - # Can we skip building the preamble file? -@@ -798,7 +801,16 @@ sub build_preamble_if_necessary - # parenthesized value: d=(v) - $define{$_} = $1; - } -- if ($define{$_} =~ /^([+-]?(\d+)?\.\d+([eE][+-]?\d+)?)[FL]?$/) { -+ if (/^(\w+)\((\w)\)$/) { -+ my($macro, $arg) = ($1, $2); -+ my $def = $define{$_}; -+ $def =~ s/$arg/\$\{$arg\}/g; -+ print PREAMBLE <<DEFINE; -+unless (defined &$macro) { sub $macro(\$) { my (\$$arg) = \@_; \"$def\" } } -+ -+DEFINE -+ } elsif -+ ($define{$_} =~ /^([+-]?(\d+)?\.\d+([eE][+-]?\d+)?)[FL]?$/) { - # float: - print PREAMBLE - "unless (defined &$_) { sub $_() { $1 } }\n\n"; -@@ -807,8 +819,14 @@ sub build_preamble_if_necessary - print PREAMBLE - "unless (defined &$_) { sub $_() { $1 } }\n\n"; - } elsif ($define{$_} =~ /^\w+$/) { -- print PREAMBLE -- "unless (defined &$_) { sub $_() { &$define{$_} } }\n\n"; -+ my $def = $define{$_}; -+ if ($isatype{$def}) { -+ print PREAMBLE -+ "unless (defined &$_) { sub $_() { \"$def\" } }\n\n"; -+ } else { -+ print PREAMBLE -+ "unless (defined &$_) { sub $_() { &$def } }\n\n"; -+ } - } else { - print PREAMBLE - "unless (defined &$_) { sub $_() { \"", --- -1.6.5.2.74.g610f9.dirty - |