3.38 bump
This commit is contained in:
Petr Písař
parent
6d23a28328
commit
8ba86dd30b
|
|
@ -9,3 +9,4 @@
|
|||
/Test-Harness-3.34.tar.gz
|
||||
/Test-Harness-3.35.tar.gz
|
||||
/Test-Harness-3.36.tar.gz
|
||||
/Test-Harness-3.38.tar.gz
|
||||
|
|
|
|||
|
|
@ -1,29 +0,0 @@
|
|||
From 59697efbfe58a2a9c2cc2aba11eca2acb64b27a8 Mon Sep 17 00:00:00 2001
|
||||
From: Tony Cook <tony@develop-help.com>
|
||||
Date: Thu, 28 Jul 2016 14:18:12 +1000
|
||||
Subject: [PATCH] CVE-2016-1238: avoid loading optional modules from default .
|
||||
|
||||
App::Prove (and hence prove) attempts to load plugins under both
|
||||
the App::Prove::Plugin namespace and under the base namespace.
|
||||
|
||||
If a plugin is only available under the base namespace, and a user runs
|
||||
prove from a world-writable directory such as /tmp, an attacker can
|
||||
App/Prove/Plugin/PluginName.pm to run code as the user running prove.
|
||||
---
|
||||
bin/prove | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/bin/prove b/bin/prove
|
||||
index 6637cc4..d71b238 100755
|
||||
--- a/bin/prove
|
||||
+++ b/bin/prove
|
||||
@@ -1,5 +1,6 @@
|
||||
#!/usr/bin/perl -w
|
||||
|
||||
+BEGIN { pop @INC if $INC[-1] eq '.' }
|
||||
use strict;
|
||||
use warnings;
|
||||
use App::Prove;
|
||||
--
|
||||
2.1.4
|
||||
|
||||
|
|
@ -0,0 +1,37 @@
|
|||
From 6ea0e48ac56fc2c5e8600b5313f6c49b553c946b Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
|
||||
Date: Tue, 14 Mar 2017 09:45:12 +0100
|
||||
Subject: [PATCH] Remove shell bangs
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
Signed-off-by: Petr Písař <ppisar@redhat.com>
|
||||
---
|
||||
examples/analyze_tests.pl | 2 --
|
||||
examples/silent-harness.pl | 2 --
|
||||
2 files changed, 4 deletions(-)
|
||||
|
||||
diff --git a/examples/analyze_tests.pl b/examples/analyze_tests.pl
|
||||
index c821f98..4076d9b 100644
|
||||
--- a/examples/analyze_tests.pl
|
||||
+++ b/examples/analyze_tests.pl
|
||||
@@ -1,5 +1,3 @@
|
||||
-#!/usr/bin/env perl
|
||||
-
|
||||
use strict;
|
||||
use warnings;
|
||||
|
||||
diff --git a/examples/silent-harness.pl b/examples/silent-harness.pl
|
||||
index ae0e50e..6e477ed 100644
|
||||
--- a/examples/silent-harness.pl
|
||||
+++ b/examples/silent-harness.pl
|
||||
@@ -1,5 +1,3 @@
|
||||
-#!/usr/bin/perl
|
||||
-#
|
||||
# Run some tests and get back a data structure describing them.
|
||||
|
||||
use strict;
|
||||
--
|
||||
2.7.4
|
||||
|
||||
|
|
@ -1,20 +1,18 @@
|
|||
Name: perl-Test-Harness
|
||||
Version: 3.36
|
||||
Release: 369%{?dist}
|
||||
Version: 3.38
|
||||
Release: 1%{?dist}
|
||||
Summary: Run Perl standard test scripts with statistics
|
||||
License: GPL+ or Artistic
|
||||
Group: Development/Libraries
|
||||
URL: http://search.cpan.org/dist/Test-Harness/
|
||||
Source0: http://www.cpan.org/authors/id/L/LE/LEONT/Test-Harness-%{version}.tar.gz
|
||||
# Avoid loading optional modules from default . (CVE-2016-1238)
|
||||
Patch0: Test-Harness-3.36-CVE-2016-1238-avoid-loading-optional-modules-from.patch
|
||||
# Remove hard-coded shell bangs
|
||||
Patch0: Test-Harness-3.38-Remove-shell-bangs.patch
|
||||
BuildArch: noarch
|
||||
BuildRequires: coreutils
|
||||
BuildRequires: findutils
|
||||
BuildRequires: make
|
||||
BuildRequires: perl
|
||||
BuildRequires: perl-generators
|
||||
BuildRequires: perl(ExtUtils::MakeMaker)
|
||||
BuildRequires: perl(ExtUtils::MakeMaker) >= 6.76
|
||||
BuildRequires: perl(strict)
|
||||
BuildRequires: perl(warnings)
|
||||
# Run-time:
|
||||
|
|
@ -72,12 +70,11 @@ writing new code consider using TAP::Harness directly instead.
|
|||
%patch0 -p1
|
||||
|
||||
%build
|
||||
perl Makefile.PL INSTALLDIRS=vendor
|
||||
perl Makefile.PL INSTALLDIRS=vendor NO_PACKLIST=1
|
||||
make %{?_smp_mflags}
|
||||
|
||||
%install
|
||||
make pure_install DESTDIR=$RPM_BUILD_ROOT
|
||||
find $RPM_BUILD_ROOT -type f -name .packlist -exec rm -f {} \;
|
||||
%{_fixperms} $RPM_BUILD_ROOT/*
|
||||
|
||||
%check
|
||||
|
|
@ -91,6 +88,9 @@ make test
|
|||
%{_mandir}/man3/*
|
||||
|
||||
%changelog
|
||||
* Tue Mar 14 2017 Petr Pisar <ppisar@redhat.com> - 3.38-1
|
||||
- 3.38 bump
|
||||
|
||||
* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.36-369
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue