summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--system/perl/APKBUILD10
-rw-r--r--system/perl/CVE-2021-36770.patch29
-rw-r--r--system/perl/zlib-test.patch80
3 files changed, 86 insertions, 33 deletions
diff --git a/system/perl/APKBUILD b/system/perl/APKBUILD
index adb76b6c4..bdc02b98c 100644
--- a/system/perl/APKBUILD
+++ b/system/perl/APKBUILD
@@ -3,7 +3,7 @@
# Contributor: Sheila Aman <sheila@vulpine.house>
# Maintainer: Adélie Perl Team <adelie-perl@lists.adelielinux.org>
pkgname=perl
-pkgver=5.34.0
+pkgver=5.34.1
pkgrel=0
pkgdesc="Larry Wall's Practical Extraction and Report Language"
url="https://www.perl.org/"
@@ -16,10 +16,12 @@ subpackages="$pkgname-doc $pkgname-dev"
source="https://www.cpan.org/src/5.0/perl-$pkgver.tar.gz
musl-locale.patch
musl-stack-size.patch
- CVE-2021-36770.patch
+ zlib-test.patch
"
# secfixes:
+# 5.34.1-r0:
+# - CVE-2021-36770
# 5.26.3-r0:
# - CVE-2018-12015
# - CVE-2018-18311
@@ -112,7 +114,7 @@ dev() {
default_dev
}
-sha512sums="3bd2ae3900df54801b42a1ab1c136b20438f3a162d88c1e030c5d91e96ad5cf76d5ccbcf9e75388fa29bcc26db0b1c5df3d1240d48136159462c912c9258d405 perl-5.34.0.tar.gz
+sha512sums="bf17f2c6fce1b046dce11450f28823fe5df6341f259ec351a4445768feb38706413be867a32c1fd916567657ca9f08c838030e02bb8a3bc1cd8a1350c007cf3a perl-5.34.1.tar.gz
a78b5fb1a2b6f60b401329cfd2d8349d4fdcc19628cde0e9b840b82e1a02e705f7d7413fe206aa13ed714ab93a65b62ac3d85dfd526ca8048621d5d89b22f0ef musl-locale.patch
c004d6612ec754e5947255a2e2d15b5581f187c32495aeeec9f4fa286919bd9f40c72b63db61e3f4004b09288af2063a6a14b67e5c289e9a8b23ebd7c216e16f musl-stack-size.patch
-2eb4986ac56f394e584ed5b16be40ccc0b689512fc23746588a3947db49c53be96dbbc25b8256513142c7a613481ea11b9154dfd4d0a67f05ef0662fedfd476a CVE-2021-36770.patch"
+bbb2beb49604982c42c833b229852bc8bca4e3498f97fcfbb3bf7de10dddbef3b21c917f333958c64feb99a65f4093773e33018ae0e91dadeecdf985ab0ed3a2 zlib-test.patch"
diff --git a/system/perl/CVE-2021-36770.patch b/system/perl/CVE-2021-36770.patch
deleted file mode 100644
index c3c443900..000000000
--- a/system/perl/CVE-2021-36770.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From c1a937fef07c061600a0078f4cb53fe9c2136bb9 Mon Sep 17 00:00:00 2001
-From: Ricardo Signes <rjbs@semiotic.systems>
-Date: Mon, 9 Aug 2021 08:14:05 -0400
-Subject: [PATCH] Encode.pm: apply a local patch for CVE-2021-36770
-
-I expect Encode to see a new release today.
-
-Without this fix, Encode::ConfigLocal can be loaded from a path relative
-to the current directory, because the || operator will evaluate @INC in
-scalar context, putting an integer as the only value in @INC.
----
- cpan/Encode/Encode.pm | 7 ++++---
- 1 file changed, 4 insertions(+), 3 deletions(-)
-
-diff --git a/cpan/Encode/Encode.pm b/cpan/Encode/Encode.pm
-index a56a99947fd..b96a8504169 100644
---- a/cpan/Encode/Encode.pm
-+++ b/cpan/Encode/Encode.pm
-@@ -65,8 +66,8 @@ require Encode::Config;
- eval {
- local $SIG{__DIE__};
- local $SIG{__WARN__};
-- local @INC = @INC || ();
-- pop @INC if $INC[-1] eq '.';
-+ local @INC = @INC;
-+ pop @INC if @INC && $INC[-1] eq '.';
- require Encode::ConfigLocal;
- };
-
diff --git a/system/perl/zlib-test.patch b/system/perl/zlib-test.patch
new file mode 100644
index 000000000..1cb8f5e80
--- /dev/null
+++ b/system/perl/zlib-test.patch
@@ -0,0 +1,80 @@
+diff --git a/cpan/Compress-Raw-Zlib/t/02zlib.t b/cpan/Compress-Raw-Zlib/t/02zlib.t
+index 64c8944..9b2e9cb 100644
+--- a/cpan/Compress-Raw-Zlib/t/02zlib.t
++++ b/cpan/Compress-Raw-Zlib/t/02zlib.t
+@@ -13,6 +13,7 @@ use bytes;
+ use Test::More ;
+ use CompTestUtils;
+
++use constant ZLIB_1_2_12_0 => 0x12C0;
+
+ BEGIN
+ {
+@@ -490,7 +491,16 @@ SKIP:
+ last if $status == Z_STREAM_END or $status != Z_OK ;
+ }
+
+- cmp_ok $status, '==', Z_DATA_ERROR ;
++ # Z_STREAM_END returned by 1.12.2, Z_DATA_ERROR for older zlib
++ if (ZLIB_VERNUM >= ZLIB_1_2_12_0)
++ {
++ cmp_ok $status, '==', Z_STREAM_END ;
++ }
++ else
++ {
++ cmp_ok $status, '==', Z_DATA_ERROR ;
++ }
++
+ is $GOT, $goodbye ;
+
+
+@@ -514,7 +524,17 @@ SKIP:
+ is length($rest), $len2, "expected compressed output";
+
+ $GOT = '';
+- cmp_ok $k->inflate($rest, $GOT), '==', Z_DATA_ERROR, "inflate returns Z_DATA_ERROR";
++ $status = $k->inflate($rest, $GOT);
++ # Z_STREAM_END returned by 1.12.2, Z_DATA_ERROR for older zlib
++ if (ZLIB_VERNUM >= ZLIB_1_2_12_0)
++ {
++ cmp_ok $status, '==', Z_STREAM_END ;
++ }
++ else
++ {
++ cmp_ok $status, '==', Z_DATA_ERROR ;
++ }
++
+ is $GOT, $goodbye ;
+ }
+
+diff --git a/cpan/IO-Compress/t/cz-03zlib-v1.t b/cpan/IO-Compress/t/cz-03zlib-v1.t
+index 9b75f9b..41734d0 100644
+--- a/cpan/IO-Compress/t/cz-03zlib-v1.t
++++ b/cpan/IO-Compress/t/cz-03zlib-v1.t
+@@ -14,6 +14,8 @@ use Test::More ;
+ use CompTestUtils;
+ use Symbol;
+
++use constant ZLIB_1_2_12_0 => 0x12C0;
++
+ BEGIN
+ {
+ # use Test::NoWarnings, if available
+@@ -700,7 +702,16 @@ EOM
+
+ ($GOT, $status) = $k->inflate($rest) ;
+
+- ok $status == Z_DATA_ERROR ;
++ # Z_STREAM_END returned by 1.12.2, Z_DATA_ERROR for older zlib
++ if (ZLIB_VERNUM >= ZLIB_1_2_12_0)
++ {
++ cmp_ok $status, '==', Z_STREAM_END ;
++ }
++ else
++ {
++ cmp_ok $status, '==', Z_DATA_ERROR ;
++ }
++
+ ok $Z . $GOT eq $goodbye ;
+ }
+
generated by cgit v1.2.3-60-g2f50 (git 2.42.0) at 2024-06-29 13:18:54 +0000