aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2013-01-17 15:11:09 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2013-01-17 15:12:05 +0000
commit35e0f3007d2d9dfccce1e2bcd5867272e3c23347 (patch)
tree64d457bdb54ade5a13df7f734ae7ca99f0b16494
parent8c814a95fd7906f50766a235a472cdc2abdc5981 (diff)
downloadaports-35e0f3007d2d9dfccce1e2bcd5867272e3c23347.tar.gz
aports-35e0f3007d2d9dfccce1e2bcd5867272e3c23347.tar.bz2
aports-35e0f3007d2d9dfccce1e2bcd5867272e3c23347.tar.xz
main/perl: security upgrade to 5.12.5 (CVE-2012-5195)
fixes #1558
-rw-r--r--main/perl/APKBUILD6
-rw-r--r--main/perl/CVE-2011-2939.patch16
2 files changed, 2 insertions, 20 deletions
diff --git a/main/perl/APKBUILD b/main/perl/APKBUILD
index 88f8a0b100..9502766970 100644
--- a/main/perl/APKBUILD
+++ b/main/perl/APKBUILD
@@ -1,13 +1,12 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
# Contributor: Leonardo Arena <rnalrd@gmail.com>
pkgname=perl
-pkgver=5.12.4
+pkgver=5.12.5
pkgrel=0
pkgdesc="Larry Wall's Practical Extraction and Report Language"
url=http://www.perl.org
license="Artistic GPL-2"
source="http://www.perl.com/CPAN/src/perl-${pkgver}.tar.gz
- CVE-2011-2939.patch
CVE-2011-3597.patch
"
@@ -71,6 +70,5 @@ miniperl() {
cp "$srcdir/perl-$pkgver"/miniperl "$subpkgdir/usr/bin"
}
-md5sums="fd22aba88e4e27ab879f142eec6452a0 perl-5.12.4.tar.gz
-c0674ead60e89c20e2c8d9bbc2d7683a CVE-2011-2939.patch
+md5sums="3a647533aaa060a79aa0b9fa17198576 perl-5.12.5.tar.gz
0212067da7d533fe3939c0984cad4243 CVE-2011-3597.patch"
diff --git a/main/perl/CVE-2011-2939.patch b/main/perl/CVE-2011-2939.patch
deleted file mode 100644
index 7b5068d473..0000000000
--- a/main/perl/CVE-2011-2939.patch
+++ /dev/null
@@ -1,16 +0,0 @@
-diff --git a/cpan/Encode/Unicode/Unicode.xs b/cpan/Encode/Unicode/Unicode.xs
-index 16f4cd1..039f155 100644
---- a/cpan/Encode/Unicode/Unicode.xs
-+++ b/cpan/Encode/Unicode/Unicode.xs
-@@ -256,7 +256,10 @@ CODE:
- This prevents allocating too much in the rogue case of a large
- input consisting initially of long sequence uft8-byte unicode
- chars followed by single utf8-byte chars. */
-- STRLEN remaining = (e - s)/usize;
-+ /* +1
-+ fixes Unicode.xs!decode_xs n-byte heap-overflow
-+ */
-+ STRLEN remaining = (e - s)/usize + 1; /* +1 to avoid the leak */
- STRLEN max_alloc = remaining + (8*1024*1024);
- STRLEN est_alloc = remaining * UTF8_MAXLEN;
- STRLEN newlen = SvLEN(result) + /* min(max_alloc, est_alloc) */