1.632 bump
This commit is contained in:
Jitka Plesnikova
parent
289dc45c46
commit
bd73eca074
1
.gitignore
vendored
1
.gitignore
vendored
@ -14,3 +14,4 @@ DBI-1.613.tar.gz
|
||||
/DBI-1.628.tar.gz
|
||||
/DBI-1.630.tar.gz
|
||||
/DBI-1.631.tar.gz
|
||||
/DBI-1.632.tar.gz
|
||||
|
||||
@ -1,55 +0,0 @@
|
||||
From cd8fcbbf402e1d70c9f325f8b0fcd99e02cf14be Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
|
||||
Date: Mon, 18 Nov 2013 12:52:09 +0100
|
||||
Subject: [PATCH] Security notice for Proxy
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
PlRPC is not secure due to Storable. Warn Proxy users about it.
|
||||
|
||||
Signed-off-by: Petr Písař <ppisar@redhat.com>
|
||||
---
|
||||
lib/DBD/Proxy.pm | 7 +++++++
|
||||
lib/DBI/ProxyServer.pm | 7 +++++++
|
||||
2 files changed, 14 insertions(+)
|
||||
|
||||
diff --git a/lib/DBD/Proxy.pm b/lib/DBD/Proxy.pm
|
||||
index 287b2dc..5948255 100644
|
||||
--- a/lib/DBD/Proxy.pm
|
||||
+++ b/lib/DBD/Proxy.pm
|
||||
@@ -974,6 +974,13 @@ The workaround is storing the modified local copy back to the server:
|
||||
$dbh->{"csv_tables"} = $tables;
|
||||
|
||||
|
||||
+=head1 SECURITY WARNING
|
||||
+
|
||||
+L<RPC::PlClient> used underneath is not secure due to serializing and
|
||||
+deserializing data with L<Storable> module. Use the proxy driver only in
|
||||
+trusted environment.
|
||||
+
|
||||
+
|
||||
=head1 AUTHOR AND COPYRIGHT
|
||||
|
||||
This module is Copyright (c) 1997, 1998
|
||||
diff --git a/lib/DBI/ProxyServer.pm b/lib/DBI/ProxyServer.pm
|
||||
index 68ad4af..78a0d78 100644
|
||||
--- a/lib/DBI/ProxyServer.pm
|
||||
+++ b/lib/DBI/ProxyServer.pm
|
||||
@@ -867,6 +867,13 @@ Don't try to put parameters into the sql-query like this:
|
||||
=back
|
||||
|
||||
|
||||
+=head1 SECURITY WARNING
|
||||
+
|
||||
+L<RPC::PlServer> used underneath is not secure due to serializing and
|
||||
+deserializing data with L<Storable> module. Use the proxy driver only in
|
||||
+trusted environment.
|
||||
+
|
||||
+
|
||||
=head1 AUTHOR
|
||||
|
||||
Copyright (c) 1997 Jochen Wiedmann
|
||||
--
|
||||
1.8.3.1
|
||||
|
||||
@ -9,15 +9,13 @@
|
||||
%endif
|
||||
|
||||
Name: perl-DBI
|
||||
Version: 1.631
|
||||
Release: 7%{?dist}
|
||||
Version: 1.632
|
||||
Release: 1%{?dist}
|
||||
Summary: A database access API for perl
|
||||
Group: Development/Libraries
|
||||
License: GPL+ or Artistic
|
||||
URL: http://dbi.perl.org/
|
||||
Source0: http://www.cpan.org/authors/id/T/TI/TIMB/DBI-%{version}.tar.gz
|
||||
# Add a security warning about use of RPC::PlClient, bug #1030578, CPAN RT#90475
|
||||
Patch0: DBI-1.630-Security-notice-for-Proxy.patch
|
||||
BuildRequires: perl
|
||||
BuildRequires: perl(ExtUtils::MakeMaker)
|
||||
BuildRequires: perl(File::Find)
|
||||
@ -105,7 +103,6 @@ the use of existing DBI frameworks like DBIx::Class.
|
||||
|
||||
%prep
|
||||
%setup -q -n DBI-%{version}
|
||||
%patch0 -p1
|
||||
iconv -f iso8859-1 -t utf-8 lib/DBD/Gofer.pm >lib/DBD/Gofer.pm.new &&
|
||||
mv lib/DBD/Gofer.pm{.new,}
|
||||
chmod 644 ex/*
|
||||
@ -159,6 +156,9 @@ make test
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Wed Nov 12 2014 Jitka Plesnikova <jplesnik@redhat.com> - 1.632-1
|
||||
- 1.632 bump
|
||||
|
||||
* Sun Sep 07 2014 Jitka Plesnikova <jplesnik@redhat.com> - 1.631-7
|
||||
- Perl 5.20 re-rebuild of bootstrapped packages
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user