diff options
-rw-r--r-- | abs/core/perl/0001-Append-CFLAGS-and-LDFLAGS-to-their-Config.pm-counter.patch | 83 | ||||
-rw-r--r-- | abs/core/perl/ChangeLog | 66 | ||||
-rw-r--r-- | abs/core/perl/PKGBUILD | 46 | ||||
-rw-r--r-- | abs/core/perl/digest_eval_hole.diff | 61 | ||||
-rw-r--r-- | abs/core/perl/fix-h2ph-and-tests.patch | 104 | ||||
-rwxr-xr-x[-rw-r--r--] | abs/core/perl/perlbin.sh | 0 |
6 files changed, 335 insertions, 25 deletions
diff --git a/abs/core/perl/0001-Append-CFLAGS-and-LDFLAGS-to-their-Config.pm-counter.patch b/abs/core/perl/0001-Append-CFLAGS-and-LDFLAGS-to-their-Config.pm-counter.patch new file mode 100644 index 0000000..1404460 --- /dev/null +++ b/abs/core/perl/0001-Append-CFLAGS-and-LDFLAGS-to-their-Config.pm-counter.patch @@ -0,0 +1,83 @@ +From bb249b0b26c2e79a6f55355ef94889070f07fd21 Mon Sep 17 00:00:00 2001 +From: Niko Tyni <ntyni@debian.org> +Date: Thu, 28 Apr 2011 09:18:54 +0300 +Subject: [PATCH] Append CFLAGS and LDFLAGS to their Config.pm counterparts in + EU::CBuilder + +Since ExtUtils::CBuilder 0.27_04 (bleadperl commit 06e8058f27e4), +CFLAGS and LDFLAGS from the environment have overridden the Config.pm +ccflags and ldflags settings. This can cause binary incompatibilities +between the core Perl and extensions built with EU::CBuilder. + +Append to the Config.pm values rather than overriding them. +--- + .../lib/ExtUtils/CBuilder/Base.pm | 6 +++- + dist/ExtUtils-CBuilder/t/04-base.t | 25 +++++++++++++++++++- + 2 files changed, 28 insertions(+), 3 deletions(-) + +diff --git a/dist/ExtUtils-CBuilder/lib/ExtUtils/CBuilder/Base.pm b/dist/ExtUtils-CBuilder/lib/ExtUtils/CBuilder/Base.pm +index b572312..2255c51 100644 +--- a/dist/ExtUtils-CBuilder/lib/ExtUtils/CBuilder/Base.pm ++++ b/dist/ExtUtils-CBuilder/lib/ExtUtils/CBuilder/Base.pm +@@ -40,11 +40,13 @@ sub new { + $self->{config}{$k} = $v unless exists $self->{config}{$k}; + } + $self->{config}{cc} = $ENV{CC} if defined $ENV{CC}; +- $self->{config}{ccflags} = $ENV{CFLAGS} if defined $ENV{CFLAGS}; ++ $self->{config}{ccflags} = join(" ", $self->{config}{ccflags}, $ENV{CFLAGS}) ++ if defined $ENV{CFLAGS}; + $self->{config}{cxx} = $ENV{CXX} if defined $ENV{CXX}; + $self->{config}{cxxflags} = $ENV{CXXFLAGS} if defined $ENV{CXXFLAGS}; + $self->{config}{ld} = $ENV{LD} if defined $ENV{LD}; +- $self->{config}{ldflags} = $ENV{LDFLAGS} if defined $ENV{LDFLAGS}; ++ $self->{config}{ldflags} = join(" ", $self->{config}{ldflags}, $ENV{LDFLAGS}) ++ if defined $ENV{LDFLAGS}; + + unless ( exists $self->{config}{cxx} ) { + my ($ccpath, $ccbase, $ccsfx ) = fileparse($self->{config}{cc}, qr/\.[^.]*/); +diff --git a/dist/ExtUtils-CBuilder/t/04-base.t b/dist/ExtUtils-CBuilder/t/04-base.t +index c3bf6b5..1bb15aa 100644 +--- a/dist/ExtUtils-CBuilder/t/04-base.t ++++ b/dist/ExtUtils-CBuilder/t/04-base.t +@@ -1,7 +1,7 @@ + #! perl -w + + use strict; +-use Test::More tests => 50; ++use Test::More tests => 64; + use Config; + use Cwd; + use File::Path qw( mkpath ); +@@ -326,6 +326,29 @@ is_deeply( $mksymlists_args, + "_prepare_mksymlists_args(): got expected arguments for Mksymlists", + ); + ++my %testvars = ( ++ CFLAGS => 'ccflags', ++ LDFLAGS => 'ldflags', ++); ++ ++while (my ($VAR, $var) = each %testvars) { ++ local $ENV{$VAR}; ++ $base = ExtUtils::CBuilder::Base->new( quiet => 1 ); ++ ok( $base, "ExtUtils::CBuilder::Base->new() returned true value" ); ++ isa_ok( $base, 'ExtUtils::CBuilder::Base' ); ++ like($base->{config}{$var}, qr/\Q$Config{$var}/, ++ "honours $var from Config.pm"); ++ ++ $ENV{$VAR} = "-foo -bar"; ++ $base = ExtUtils::CBuilder::Base->new( quiet => 1 ); ++ ok( $base, "ExtUtils::CBuilder::Base->new() returned true value" ); ++ isa_ok( $base, 'ExtUtils::CBuilder::Base' ); ++ like($base->{config}{$var}, qr/\Q$ENV{$VAR}/, ++ "honours $VAR from the environment"); ++ like($base->{config}{$var}, qr/\Q$Config{$var}/, ++ "doesn't override $var from Config.pm with $VAR from the environment"); ++} ++ + ##### + + for ($source_file, $object_file, $lib_file) { +-- +1.7.4.4 + diff --git a/abs/core/perl/ChangeLog b/abs/core/perl/ChangeLog new file mode 100644 index 0000000..9add39e --- /dev/null +++ b/abs/core/perl/ChangeLog @@ -0,0 +1,66 @@ +2011-06-22 Angel Velasquez <angvp@archlinux.org> + * Added a patch for ExtUtils doesnt overwrite CFLAGS and LDFLAGS + * Fixed #FS22197, FS#22441, FS#24767 + * Rebuilt perl 5.14.1-2 against db 5.2.28 + +2011-06-16 Angel Velasquez <angvp@archlinux.org> + * Fixed #FS24660 + * Rebuilt against db 5.2.28 + +2011-05-16 Angel Velasquez <angvp@archlinux.org> + * perl 5.14.0 + * Removed patch for h2ph warning from 5.12.3 + * Removed provides array, you can use corelist -v 5.14.0 to know the + modules included with the perl core, through Module::CoreList (thx j3nnn1 + for the tip) + +2010-11-07 kevin <kevin@archlinux.org> + + * perl 5.12.2-1 + - Using /usr/bin/*_perl for script directories + +2010-11-06 kevin <kevin@archlinux.org> + + - Removed otherlibdirs directive from Configure + - Removed /usr/*/perl5/site_perl/5.10.1 from INC + - Finally removed legacy dirs /usr/lib/perl5/current and + /usr/lib/perl5/site_perl/current from @INC + +2010-05-23 kevin <kevin@archlinux.org> + + * perl 5.12.1-2 + - Francois updated the provides array. + +2010-05-23 kevin <kevin@archlinux.org> + + * perl 5.12.1-1 + +2010-05-16 kevin <kevin@archlinux.org> + + * perl 5.12.0-2 + +2010-05-12 kevin <kevin@archlinux.org> + + - FS#19411. Removed the for loop in perlbin.sh which didn't work on zsh. + This makes the loop variables unnecessary so the script no longer + pollutes the user's environment. + - FS#19427. Added /usr/*/perl5/site_perl/5.10.1 to otherlibdirs to support + user built modules. + +2010-05-09 kevin <kevin@archlinux.org> + + * perl 5.12.0-1 + - Modified perlbin.sh to only add existing dirs to PATH. Fixes FS#17402, + path points to non-existant directories + +2010-05-07 kevin <kevin@archlinux.org> + + - Added this changelog. + - Added -Dinc_version_list=none to fix FS#19136, double entry in @INC. + This removes the duplicates and versioned directory entries. + - Change scriptdirs to /usr/lib/perl5/{core,vendor,site}_perl/bin to fix + Fix FS#13808, binaries don't follow FHS. + - Stopped using versioned directories in sitelib and sitearch. + + +# vim: set ft=changelog ts=4 sw=4 et: diff --git a/abs/core/perl/PKGBUILD b/abs/core/perl/PKGBUILD index 0dd8177..58b94e7 100644 --- a/abs/core/perl/PKGBUILD +++ b/abs/core/perl/PKGBUILD @@ -1,26 +1,25 @@ -# $Id$ -# Maintainer: Florian Pritz <bluewind@xinu.at> -# Contributor: Angel Velasquez <angvp@archlinux.org> +# $Id: PKGBUILD 160587 2012-06-02 10:54:59Z bluewind $ +# Maintainer: Angel Velasquez <angvp@archlinux.org> # Contributor: kevin <kevin.archlinux.org> # Contributor: judd <jvinet.zeroflux.org> -# Contributor: francois <francois.archlinux.org> - +# Contributor: francois <francois.archlinux.org> pkgname=perl -pkgver=5.18.1 -pkgrel=1 +pkgver=5.16.0 +pkgrel=2 pkgdesc="A highly capable, feature-rich programming language" arch=(i686 x86_64) license=('GPL' 'PerlArtistic') url="http://www.perl.org" groups=('base') depends=('gdbm' 'db' 'coreutils' 'glibc' 'sh') -source=(http://www.cpan.org/src/5.0/perl-${pkgver}.tar.bz2 - perlbin.sh - perlbin.csh - provides.pl) +changelog=ChangeLog +source=(http://www.cpan.org/src/5.0/perl-${pkgver}.tar.bz2 +perlbin.sh +perlbin.csh +provides.pl) install=perl.install options=('makeflags' '!purge') -md5sums=('4ec1a3f3824674552e749ae420c5e68c' +md5sums=('15a2f95fb27231e10998240f13acf961' '5ed2542fdb9a60682f215bd33701e61a' '1f0cbbee783e8a6d32f01be5118e0d5e' '999c3eea6464860704abbb055a0f0896') @@ -30,23 +29,19 @@ if [[ ${0##*/} = "parse_pkgbuilds.sh" ]]; then true && provides=($(bsdtar -q -O -xf "/srv/ftp/pool/packages/$pkgname-$pkgver-$pkgrel-$CARCH.pkg.tar.xz" .PKGINFO | sed -rn 's#^provides = (.*)#\1#p')) fi -prepare() { - cd ${srcdir}/${pkgname}-${pkgver} -} - build() { cd ${srcdir}/${pkgname}-${pkgver} if [ "${CARCH}" = "x86_64" ]; then # for x86_64 arch_opts="-Dcccdlflags='-fPIC'" - else + else # for i686 arch_opts="" fi ./Configure -des -Dusethreads -Duseshrplib -Doptimize="${CFLAGS}" \ - -Dprefix=/usr -Dvendorprefix=/usr \ + -Dprefix=/usr -Dinstallprefix=${pkgdir}/usr -Dvendorprefix=/usr \ -Dprivlib=/usr/share/perl5/core_perl \ -Darchlib=/usr/lib/perl5/core_perl \ -Dsitelib=/usr/share/perl5/site_perl \ @@ -64,7 +59,7 @@ build() { check() { cd ${srcdir}/${pkgname}-${pkgver} - TEST_JOBS=$(echo $MAKEFLAGS | sed 's/.*-j\([0-9][0-9]*\).*/\1/') make test_harness || true + TEST_JOBS=$(echo $MAKEFLAGS | sed 's/.*-j\([0-9][0-9]*\).*/\1/') make test_harness # make test } @@ -74,15 +69,14 @@ package() { provides=(${new_provides[@]}) cd ${srcdir}/${pkgname}-${pkgver} - make DESTDIR="$pkgdir" install + make install ### Perl Settings ### # Change man page extensions for site and vendor module builds. - # Set no mail address since bug reports should go to the bug tracker - # and not someone's email. + # Use archlinux email address instead of my own. sed -e '/^man1ext=/ s/1perl/1p/' -e '/^man3ext=/ s/3perl/3pm/' \ - -e "/^cf_email=/ s/'.*'/''/" \ - -e "/^perladmin=/ s/'.*'/''/" \ + -e "/^cf_email=/ s/'.*'/'kevin@archlinux.org'/" \ + -e "/^perladmin=/ s/'.*'/'kevin@archlinux.org'/" \ -i ${pkgdir}/usr/lib/perl5/core_perl/Config_heavy.pl ### CPAN Settings ### @@ -100,12 +94,14 @@ package() { # Profile script to set paths to perl scripts. install -D -m755 ${srcdir}/perlbin.sh \ ${pkgdir}/etc/profile.d/perlbin.sh - # Profile script to set paths to perl scripts on csh. (FS#22441) + # Profile script to set paths to perl scripts on csh. (FS#22441) install -D -m755 ${srcdir}/perlbin.csh \ ${pkgdir}/etc/profile.d/perlbin.csh (cd ${pkgdir}/usr/bin; mv perl${pkgver} perl) (cd ${pkgdir}/usr/bin/core_perl; ln -sf c2ph pstruct; ln -sf s2p psed) + grep -Rl "${pkgdir}" ${pkgdir}/usr | \ + xargs sed -i "s^${pkgdir}^^g" # Remove all pod files *except* those under /usr/share/perl5/core_perl/pod/ # (FS#16488) diff --git a/abs/core/perl/digest_eval_hole.diff b/abs/core/perl/digest_eval_hole.diff new file mode 100644 index 0000000..4790413 --- /dev/null +++ b/abs/core/perl/digest_eval_hole.diff @@ -0,0 +1,61 @@ +From 4b6a7324284e7435a361c58f7ddb32fc0c635bd0 Mon Sep 17 00:00:00 2001 +From: "Michael G. Schwern" <schwern@pobox.com> +Date: Mon, 3 Oct 2011 19:05:29 +0100 +Subject: Close the eval "require $module" security hole in + Digest->new($algorithm) + +Also the filter was incomplete. + +Bug-Debian: http://bugs.debian.org/644108 + +Patch-Name: fixes/digest_eval_hole.diff +--- + cpan/Digest/Digest.pm | 6 ++++-- + cpan/Digest/t/security.t | 14 ++++++++++++++ + 2 files changed, 18 insertions(+), 2 deletions(-) + create mode 100644 cpan/Digest/t/security.t + +diff --git a/cpan/Digest/Digest.pm b/cpan/Digest/Digest.pm +index 384dfc8..d714434 100644 +--- a/cpan/Digest/Digest.pm ++++ b/cpan/Digest/Digest.pm +@@ -24,7 +24,7 @@ sub new + shift; # class ignored + my $algorithm = shift; + my $impl = $MMAP{$algorithm} || do { +- $algorithm =~ s/\W+//; ++ $algorithm =~ s/\W+//g; + "Digest::$algorithm"; + }; + $impl = [$impl] unless ref($impl); +@@ -35,7 +35,9 @@ sub new + ($class, @args) = @$class if ref($class); + no strict 'refs'; + unless (exists ${"$class\::"}{"VERSION"}) { +- eval "require $class"; ++ my $pm_file = $class . ".pm"; ++ $pm_file =~ s{::}{/}g; ++ eval { require $pm_file }; + if ($@) { + $err ||= $@; + next; +diff --git a/cpan/Digest/t/security.t b/cpan/Digest/t/security.t +new file mode 100644 +index 0000000..5cba122 +--- /dev/null ++++ b/cpan/Digest/t/security.t +@@ -0,0 +1,14 @@ ++#!/usr/bin/env perl ++ ++# Digest->new() had an exploitable eval ++ ++use strict; ++use warnings; ++ ++use Test::More tests => 1; ++ ++use Digest; ++ ++$LOL::PWNED = 0; ++eval { Digest->new(q[MD;5;$LOL::PWNED = 42]) }; ++is $LOL::PWNED, 0; diff --git a/abs/core/perl/fix-h2ph-and-tests.patch b/abs/core/perl/fix-h2ph-and-tests.patch new file mode 100644 index 0000000..a2d176e --- /dev/null +++ b/abs/core/perl/fix-h2ph-and-tests.patch @@ -0,0 +1,104 @@ +From 8d66b3f930dc6d88b524d103e304308ae73a46e7 Mon Sep 17 00:00:00 2001 +From: Robin Barker <rmbarker@cpan.org> +Date: Thu, 22 Apr 2010 11:51:20 +0100 +Subject: [PATCH 1/1] Fix h2ph and test + +--- + lib/h2ph.t | 12 ++++++++++-- + utils/h2ph.PL | 28 +++++++++++++++++++++++----- + 2 files changed, 33 insertions(+), 7 deletions(-) + +diff --git a/lib/h2ph.t b/lib/h2ph.t +index 27dd7b9..8d62d46 100644 +--- a/lib/h2ph.t ++++ b/lib/h2ph.t +@@ -18,7 +18,7 @@ if (!(-e $extracted_program)) { + exit 0; + } + +-plan(4); ++plan(5); + + # quickly compare two text files + sub txt_compare { +@@ -41,8 +41,16 @@ $result = runperl( progfile => 'lib/h2ph.pht', + stderr => 1 ); + like( $result, qr/syntax OK$/, "output compiles"); + ++$result = runperl( progfile => '_h2ph_pre.ph', ++ switches => ['-c'], ++ stderr => 1 ); ++like( $result, qr/syntax OK$/, "preamble compiles"); ++ + $result = runperl( switches => ["-w"], +- prog => '$SIG{__WARN__} = sub { die $_[0] }; require q(lib/h2ph.pht);'); ++ stderr => 1, ++ prog => <<'PROG' ); ++$SIG{__WARN__} = sub { die $_[0] }; require q(lib/h2ph.pht); ++PROG + is( $result, '', "output free of warnings" ); + + # cleanup +diff --git a/utils/h2ph.PL b/utils/h2ph.PL +index 8f56db4..1255807 100644 +--- a/utils/h2ph.PL ++++ b/utils/h2ph.PL +@@ -401,7 +401,10 @@ if ($opt_e && (scalar(keys %bad_file) > 0)) { + exit $Exit; + + sub expr { +- $new = '"(assembly code)"' and return if /\b__asm__\b/; # freak out. ++ if (/\b__asm__\b/) { # freak out ++ $new = '"(assembly code)"'; ++ return ++ } + my $joined_args; + if(keys(%curargs)) { + $joined_args = join('|', keys(%curargs)); +@@ -770,7 +773,7 @@ sub inc_dirs + sub build_preamble_if_necessary + { + # Increment $VERSION every time this function is modified: +- my $VERSION = 2; ++ my $VERSION = 3; + my $preamble = "$Dest_dir/_h2ph_pre.ph"; + + # Can we skip building the preamble file? +@@ -798,7 +801,16 @@ sub build_preamble_if_necessary + # parenthesized value: d=(v) + $define{$_} = $1; + } +- if ($define{$_} =~ /^([+-]?(\d+)?\.\d+([eE][+-]?\d+)?)[FL]?$/) { ++ if (/^(\w+)\((\w)\)$/) { ++ my($macro, $arg) = ($1, $2); ++ my $def = $define{$_}; ++ $def =~ s/$arg/\$\{$arg\}/g; ++ print PREAMBLE <<DEFINE; ++unless (defined &$macro) { sub $macro(\$) { my (\$$arg) = \@_; \"$def\" } } ++ ++DEFINE ++ } elsif ++ ($define{$_} =~ /^([+-]?(\d+)?\.\d+([eE][+-]?\d+)?)[FL]?$/) { + # float: + print PREAMBLE + "unless (defined &$_) { sub $_() { $1 } }\n\n"; +@@ -807,8 +819,14 @@ sub build_preamble_if_necessary + print PREAMBLE + "unless (defined &$_) { sub $_() { $1 } }\n\n"; + } elsif ($define{$_} =~ /^\w+$/) { +- print PREAMBLE +- "unless (defined &$_) { sub $_() { &$define{$_} } }\n\n"; ++ my $def = $define{$_}; ++ if ($isatype{$def}) { ++ print PREAMBLE ++ "unless (defined &$_) { sub $_() { \"$def\" } }\n\n"; ++ } else { ++ print PREAMBLE ++ "unless (defined &$_) { sub $_() { &$def } }\n\n"; ++ } + } else { + print PREAMBLE + "unless (defined &$_) { sub $_() { \"", +-- +1.6.5.2.74.g610f9.dirty + diff --git a/abs/core/perl/perlbin.sh b/abs/core/perl/perlbin.sh index 20f8304..20f8304 100644..100755 --- a/abs/core/perl/perlbin.sh +++ b/abs/core/perl/perlbin.sh |