From 8ba86dd30b2b4bfb47cad536d42b2a7d1b4e6a66 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppi...@redhat.com> Date: Tue, 14 Mar 2017 09:41:25 +0100 Subject: 3.38 bump
--- .gitignore | 1 + ...-1238-avoid-loading-optional-modules-from.patch | 29 ----------------- Test-Harness-3.38-Remove-shell-bangs.patch | 37 ++++++++++++++++++++++ perl-Test-Harness.spec | 18 +++++------ sources | 2 +- 5 files changed, 48 insertions(+), 39 deletions(-) delete mode 100644 Test-Harness-3.36-CVE-2016-1238-avoid-loading-optional-modules-from.patch create mode 100644 Test-Harness-3.38-Remove-shell-bangs.patch diff --git a/.gitignore b/.gitignore index c57314b..09d55cd 100644 --- a/.gitignore +++ b/.gitignore @@ -9,3 +9,4 @@ /Test-Harness-3.34.tar.gz /Test-Harness-3.35.tar.gz /Test-Harness-3.36.tar.gz +/Test-Harness-3.38.tar.gz diff --git a/Test-Harness-3.36-CVE-2016-1238-avoid-loading-optional-modules-from.patch b/Test-Harness-3.36-CVE-2016-1238-avoid-loading-optional-modules-from.patch deleted file mode 100644 index ba5a75d..0000000 --- a/Test-Harness-3.36-CVE-2016-1238-avoid-loading-optional-modules-from.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 59697efbfe58a2a9c2cc2aba11eca2acb64b27a8 Mon Sep 17 00:00:00 2001 -From: Tony Cook <t...@develop-help.com> -Date: Thu, 28 Jul 2016 14:18:12 +1000 -Subject: [PATCH] CVE-2016-1238: avoid loading optional modules from default . - -App::Prove (and hence prove) attempts to load plugins under both -the App::Prove::Plugin namespace and under the base namespace. - -If a plugin is only available under the base namespace, and a user runs -prove from a world-writable directory such as /tmp, an attacker can -App/Prove/Plugin/PluginName.pm to run code as the user running prove. ---- - bin/prove | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/bin/prove b/bin/prove -index 6637cc4..d71b238 100755 ---- a/bin/prove -+++ b/bin/prove -@@ -1,5 +1,6 @@ - #!/usr/bin/perl -w - -+BEGIN { pop @INC if $INC[-1] eq '.' } - use strict; - use warnings; - use App::Prove; --- -2.1.4 - diff --git a/Test-Harness-3.38-Remove-shell-bangs.patch b/Test-Harness-3.38-Remove-shell-bangs.patch new file mode 100644 index 0000000..2e1f424 --- /dev/null +++ b/Test-Harness-3.38-Remove-shell-bangs.patch @@ -0,0 +1,37 @@ +From 6ea0e48ac56fc2c5e8600b5313f6c49b553c946b Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppi...@redhat.com> +Date: Tue, 14 Mar 2017 09:45:12 +0100 +Subject: [PATCH] Remove shell bangs +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Signed-off-by: Petr Písař <ppi...@redhat.com> +--- + examples/analyze_tests.pl | 2 -- + examples/silent-harness.pl | 2 -- + 2 files changed, 4 deletions(-) + +diff --git a/examples/analyze_tests.pl b/examples/analyze_tests.pl +index c821f98..4076d9b 100644 +--- a/examples/analyze_tests.pl ++++ b/examples/analyze_tests.pl +@@ -1,5 +1,3 @@ +-#!/usr/bin/env perl +- + use strict; + use warnings; + +diff --git a/examples/silent-harness.pl b/examples/silent-harness.pl +index ae0e50e..6e477ed 100644 +--- a/examples/silent-harness.pl ++++ b/examples/silent-harness.pl +@@ -1,5 +1,3 @@ +-#!/usr/bin/perl +-# + # Run some tests and get back a data structure describing them. + + use strict; +-- +2.7.4 + diff --git a/perl-Test-Harness.spec b/perl-Test-Harness.spec index 3da5ea9..3c67dd1 100644 --- a/perl-Test-Harness.spec +++ b/perl-Test-Harness.spec @@ -1,20 +1,18 @@ Name: perl-Test-Harness -Version: 3.36 -Release: 369%{?dist} +Version: 3.38 +Release: 1%{?dist} Summary: Run Perl standard test scripts with statistics License: GPL+ or Artistic Group: Development/Libraries URL: http://search.cpan.org/dist/Test-Harness/ Source0: http://www.cpan.org/authors/id/L/LE/LEONT/Test-Harness-%{version}.tar.gz -# Avoid loading optional modules from default . (CVE-2016-1238) -Patch0: Test-Harness-3.36-CVE-2016-1238-avoid-loading-optional-modules-from.patch +# Remove hard-coded shell bangs +Patch0: Test-Harness-3.38-Remove-shell-bangs.patch BuildArch: noarch -BuildRequires: coreutils -BuildRequires: findutils BuildRequires: make BuildRequires: perl BuildRequires: perl-generators -BuildRequires: perl(ExtUtils::MakeMaker) +BuildRequires: perl(ExtUtils::MakeMaker) >= 6.76 BuildRequires: perl(strict) BuildRequires: perl(warnings) # Run-time: @@ -72,12 +70,11 @@ writing new code consider using TAP::Harness directly instead. %patch0 -p1 %build -perl Makefile.PL INSTALLDIRS=vendor +perl Makefile.PL INSTALLDIRS=vendor NO_PACKLIST=1 make %{?_smp_mflags} %install make pure_install DESTDIR=$RPM_BUILD_ROOT -find $RPM_BUILD_ROOT -type f -name .packlist -exec rm -f {} \; %{_fixperms} $RPM_BUILD_ROOT/* %check @@ -91,6 +88,9 @@ make test %{_mandir}/man3/* %changelog +* Tue Mar 14 2017 Petr Pisar <ppi...@redhat.com> - 3.38-1 +- 3.38 bump + * Sat Feb 11 2017 Fedora Release Engineering <rel...@fedoraproject.org> - 3.36-369 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild diff --git a/sources b/sources index 9a60b74..e408079 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -4c8d9c77e8e06ca96c7383c05c8f3616 Test-Harness-3.36.tar.gz +SHA512 (Test-Harness-3.38.tar.gz) = 99db87cee4436105fd3fe7d6cbd2adbdfbe16bdf4589985040ce3ed2580bb773c39331f58b529dd43303eacf64336cd38fb2e31750a56496ef4bef96ee3bf40c -- cgit v1.1 https://src.fedoraproject.org/cgit/perl-Test-Harness.git/commit/?h=master&id=8ba86dd30b2b4bfb47cad536d42b2a7d1b4e6a66 _______________________________________________ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org