diff options
author | Vladimir Smirnov <civil@gentoo.org> | 2014-03-11 18:40:39 +0000 |
---|---|---|
committer | Vladimir Smirnov <civil@gentoo.org> | 2014-03-11 18:40:39 +0000 |
commit | 5070526532261a0c5badf8d6e2571c72626f81e3 (patch) | |
tree | 42c2f519512e0cf53568ae1506123e2905254d0b | |
parent | Remove unnecessary --with-clang-resource-dir that broke the build whenever th... (diff) | |
download | historical-5070526532261a0c5badf8d6e2571c72626f81e3.tar.gz historical-5070526532261a0c5badf8d6e2571c72626f81e3.tar.bz2 historical-5070526532261a0c5badf8d6e2571c72626f81e3.zip |
Version bump.
With fix for #504178
Package-Manager: portage-2.2.8-r1/cvs/Linux x86_64
Manifest-Sign-Key: 0xA832680F
-rw-r--r-- | dev-perl/perltidy/ChangeLog | 11 | ||||
-rw-r--r-- | dev-perl/perltidy/Manifest | 29 | ||||
-rw-r--r-- | dev-perl/perltidy/files/perltidy-20130922.0.0-CVE-2014-2277.patch | 80 | ||||
-rw-r--r-- | dev-perl/perltidy/perltidy-20130922.0.0.ebuild | 30 |
4 files changed, 132 insertions, 18 deletions
diff --git a/dev-perl/perltidy/ChangeLog b/dev-perl/perltidy/ChangeLog index 9e0c16844bcc..e5f0b1548f32 100644 --- a/dev-perl/perltidy/ChangeLog +++ b/dev-perl/perltidy/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for dev-perl/perltidy -# Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/dev-perl/perltidy/ChangeLog,v 1.68 2013/03/26 10:12:58 ago Exp $ +# Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/dev-perl/perltidy/ChangeLog,v 1.69 2014/03/11 18:40:27 civil Exp $ + +*perltidy-20130922.0.0 (11 Mar 2014) + + 11 Mar 2014; Vladimir Smirnov <civil@gentoo.org> + +files/perltidy-20130922.0.0-CVE-2014-2277.patch, + +perltidy-20130922.0.0.ebuild: + Version bump. With fix for #504178 26 Mar 2013; Agostino Sarubbo <ago@gentoo.org> perltidy-20121207.0.0.ebuild: Stable for ppc, wrt bug #456596 diff --git a/dev-perl/perltidy/Manifest b/dev-perl/perltidy/Manifest index d1c6bceb943c..cc46f5db57a6 100644 --- a/dev-perl/perltidy/Manifest +++ b/dev-perl/perltidy/Manifest @@ -1,26 +1,23 @@ -----BEGIN PGP SIGNED MESSAGE----- -Hash: SHA512 +Hash: SHA256 +AUX perltidy-20130922.0.0-CVE-2014-2277.patch 2860 SHA256 f23db9075ed3cd947536652d485433e4577fa4a61a3003279366bbec2507e414 SHA512 2e217bf33e3436f30991f1fea29dd3c05a45436b6b8c27737717887c8680153f9efe0796cc26a3c3294be96e3e6ca2177c95088a38048bfa6c25925f0058fe53 WHIRLPOOL 090cbf63461b80c13d50750d0d96def256f5423d18607f30aa90dc8b1c14cc216187e14781052b98a5bd1ba7586de5681e65152adc9b4f6a632e207410a4fc7f DIST Perl-Tidy-20120714.tar.gz 404151 SHA256 3d79dc61e7f52176d01aa7e459a0c04e1d5eb893dae9d4aa714d4d9c2238ba1d SHA512 65062016fa56a676f77addbf2dd8d67df597515c2f35c680fa08c4784943472f504554e6e2ba17a7f6cb67ced23f35003a023cd0a44ed9857d4dc75d4ff52b03 WHIRLPOOL 4145441b521e20fd18d729b7d66e3e52cefb4471532c6da2c0815165a19ee3c066b16d1d4f80dc1f0265bfbdb7304b36f279d96ddaab47cbe0e3ed8aca16bf50 DIST Perl-Tidy-20121207.tar.gz 420435 SHA256 78e81d595647bd80e6bbd48ffefcc0f61418fec7b9208c4caedb317b7c8475dd SHA512 b3b96dbafaf5657a94813a090318c13b51d46c094a842ea1a2e0cc0fcea42950fef281049bb267dbbbe277084729f0da95e20d8598f790ffccb3bc72fba1999a WHIRLPOOL 4e6112318d8335933005d43e725b124ad2322f3c0fa74f059d63b6fb8ee3f852eda925d1a223186e6895db5dc54f4b51ca1bdbb9d2079c5baa2756b8f687f5cc +DIST Perl-Tidy-20130922.tar.gz 422005 SHA256 e58cd6f00067dc814d2cecab209087d3b282648371b5a2ebd6f48484c030b762 SHA512 8c8d0cc388f0f74fdbd86238cf0b50c84619102a0dd6ffb0176b05877c7bef616d7f11104294246b7275e526dde29d1f0bb146a36b7234222fb462097976409b WHIRLPOOL 11338dafe884b67884ef73495379ecb1ffbba636de93b224716c353439cf1f1e78ed03baace9bf46daf898025e807706bb4bcc7efb99a7052b0926642c1eae67 EBUILD perltidy-20120714.0.0.ebuild 650 SHA256 b5a139177ca0943447ff97c110242355b6793cb29db6d0bb8056a48c3fc46ebd SHA512 8a8ebd11103490272d0163dda00ff27a5944423b09e5588eef6e76c34096f803e302faccdc0d514f69fd2f330f7dfaf4d809492d76f7895d0f71923aa2b2a4dd WHIRLPOOL 2c994832d14e81ab9d976aa416b4f498b0f060eeb05d51ad3d034af18d23a841fe816e1875be6bc070a8b38dad2946f10829c577c761bd18e4faaba795daf97c EBUILD perltidy-20121207.0.0.ebuild 646 SHA256 e34b37cdd0f07951f83f777a15afe1aef286181228c7d1ea64d6a86f27096edc SHA512 3f71ff2b8f8dd4bc377a815a1dadb509f7e67b55e2e90e636b14e52eaf3a4b5586dd2fa9f5d60b3ecd6e7db3c29b7611d4989556de200f45bbdaf1c05caa1c98 WHIRLPOOL 51befb4c53e798c0afaca2b54e27ac8a58b2683f6d5b32b30791d788f45cdb35166181bd130fcccb7122070f25095aed02e84086bfeb1634ecd72b0eefc17c94 -MISC ChangeLog 7806 SHA256 623009ad803b060b00f88f81c8bda90c98103d4bd0c11a28be17dd774968fb3b SHA512 c845b3d3e7a78195ccd7365b91569bf2c40ffc8d2883ddcb667685a2f892ecff213fecb0e63cfaf184e6b671dd6087c9ce5e2ece01034e23e8952b0d6f070217 WHIRLPOOL 448349a4fbd08fd1310177d2c0ad351f227816107a3dfd8fba4f5d114096902b236effab11d3db913c57c361dc8d4516ff199f38280e11c5bf5f31e32df168f5 +EBUILD perltidy-20130922.0.0.ebuild 717 SHA256 c9bd7a64dde31780acb7b249755a0944744f70631a5fc7e8e2c4352ee3d19314 SHA512 0ba2ea4958d5713e917a10ca820269651082f0a4ec68225d128011635783c44138017ed18443bb673547b3fcaecceded62e146a67c3cb16e000d10a7a196b0ae WHIRLPOOL 9135fbb15347e5165ce6c4b3fa0cc94473e7de23dd2674b06a5889a36d1c4b0dcf091ab3e1c97ff6b94a90aaa019de9280927cfc2894cc3b7e53be1efcbbfb0e +MISC ChangeLog 8020 SHA256 121d0b73ebdb37aec13f9cddc74e0fe111af377bc3ee2479a32bafb576a66053 SHA512 d17aa05e241b77e95df9bd0eb77042af5c4a1417cce3a94d5cd9598dca0a81104a15731f8b5b0ab8ea0bda2adc42736832ad6744e7b19b0823f60d4e46b8411a WHIRLPOOL 2b470040841cfeef5c5a14d8dabe4ff1f3f208efbcde95c75925b2044aa9901545b9fb25e12e97b73e446a827c34617644ff70b9ce5d3371eebd9b5f666f894b MISC metadata.xml 1491 SHA256 576c8c55eddf732b437797d4a78a7423c4b2df16ad31b19918fdeffad40422d7 SHA512 5d4ed6775483d489805fd2ccabbc135ccba3155350bf498077c34cd30b028ce797e01265c0c8863d7b270cfabfdf3ab44311b4b49fc3ed6440c000f0dffe0db2 WHIRLPOOL 0433a2b08ae1c2c04b1d9b840aaec662226e04f0d9df7cf37505c76b445944c8e4d4cd3b81b1e686a2d367880cc682259379f5a6c8e925bbffd8e68654c9e3e4 -----BEGIN PGP SIGNATURE----- -Version: GnuPG v2.0.19 (GNU/Linux) +Version: GnuPG v2.0.22 (GNU/Linux) -iQIcBAEBCgAGBQJRUXQYAAoJELp701BxlEWfM3gP/j+ehzBmsxkth6udGiaTr2pz -7cM9siC39lHLbFewMxvZ8RCNgFlBt1LLoG1W35dsq4kKsgQJ0jyrWlLJZ637ukVO -X6Kk/OPS9Yov+W88Ey5ctEZBBPjqj3NoWTlhthey7n44wcPwyKOnatf87PXX0zrB -mtcdC+wV0cMSB26hp+z7JGq1Q+FAeZ9BEeKupj8BZ2C3v4ud33MopF/Sox0HCkPo -QEhxNcPJMmR6KIs/ejiJjJey40KPYuSkqOEm3bbsLXJoN1ifMZyOxucYNAA2JGqP -l8x73rP7KHCpZnUfdZ6GzyrJpwFRyu6yEDQgK8GLXcA/MxqXB2tkJVONhD4wdUTT -XJ3Y1S9RmsexeiTboGESDpMCDWMW7Mqb6gfIrcWQkVAQb0M1PhdcieWFucxHVj36 -q84rFeqkD74unBJOOMxD/8E2zWMmD70SEgFU0PeOMt792uhQBan2uhklXlXc4EoE -dxRFjjIrSX5+kKB6KBqrF69hgxMtEtOjnOKDDzzymg8EeB6umsJMaVKpkEnttbkz -X0O3f3UvZyTDvo42DPj7C8+jsbVaQO5oZg4zKA9d26ci4WTU3muhoK6jurAM0Wct -Sn8uiVvUox9RIL2vP5eVkBsydiDxYBA6enqR0fkfw6xpcDiaRcU5m21U+k5CIukt -uKTKPn/0EXlhrLwLKzqD -=Ss4z +iQEcBAEBCAAGBQJTH1i2AAoJEIMvOqnEeZDCYOcH/2bFzA6vhCBILGxzxN0qhyk/ +y7i4EO3h9U5duMRnMjHWStRv5GtZyOas0G3REUhMn1SizX1xPPEQW01KdmxYt7QU +LKGkt5ndxk5w/7RyM/NKQ1K3unCeN1dinvRldgwWxnEsebI0XJDx4pRBxltPPdJX +v9GYirDHgEO/4ErV0+nL/7CcoVAgEiy8C8Z2/afAFCMhIuzY629plG8cDy6gbFY7 +kcXcqK208bolvF0BtHJ1gSlFpp6Txt1dMNkqgnwTVDtApjH3hA4+0K0ITK9h2aB1 +wu06Vi6Vjo6pTEjA52uoUjXNdkjKU/1IdabDvud1hZtv4qxHIDLR62uqvVYOevM= +=mfy1 -----END PGP SIGNATURE----- diff --git a/dev-perl/perltidy/files/perltidy-20130922.0.0-CVE-2014-2277.patch b/dev-perl/perltidy/files/perltidy-20130922.0.0-CVE-2014-2277.patch new file mode 100644 index 000000000000..f52e3f6b7f1f --- /dev/null +++ b/dev-perl/perltidy/files/perltidy-20130922.0.0-CVE-2014-2277.patch @@ -0,0 +1,80 @@ +Description: Replace insecure make_temporary_filename with File::Temp::tempfile +Forwarded: http://lists.example.com/2010/03/1234.html +Origin: vendor, http://bugs.debian.org/740670 +Author: Don Armstrong <don@debian.org> +Last-Update: 2010-03-29 +--- a/lib/Perl/Tidy.pm ++++ b/lib/Perl/Tidy.pm +@@ -76,6 +76,7 @@ + use IO::File; + use File::Basename; + use File::Copy; ++use File::Temp qw(tempfile); + + BEGIN { + ( $VERSION = q($Id: perltidy-20130922.0.0-CVE-2014-2277.patch,v 1.1 2014/03/11 18:40:27 civil Exp $) ) =~ s/^.*\s+(\d+)\/(\d+)\/(\d+).*$/$1$2$3/; # all one line for MakeMaker +@@ -235,35 +236,6 @@ + return undef; + } + +-sub make_temporary_filename { +- +- # Make a temporary filename. +- # The POSIX tmpnam() function has been unreliable for non-unix systems +- # (at least for the win32 systems that I've tested), so use a pre-defined +- # name for them. A disadvantage of this is that two perltidy +- # runs in the same working directory may conflict. However, the chance of +- # that is small and manageable by the user, especially on systems for which +- # the POSIX tmpnam function doesn't work. +- my $name = "perltidy.TMP"; +- if ( $^O =~ /win32|dos/i || $^O eq 'VMS' || $^O eq 'MacOs' ) { +- return $name; +- } +- eval "use POSIX qw(tmpnam)"; +- if ($@) { return $name } +- use IO::File; +- +- # just make a couple of tries before giving up and using the default +- for ( 0 .. 3 ) { +- my $tmpname = tmpnam(); +- my $fh = IO::File->new( $tmpname, O_RDWR | O_CREAT | O_EXCL ); +- if ($fh) { +- $fh->close(); +- return ($tmpname); +- last; +- } +- } +- return ($name); +-} + + # Here is a map of the flow of data from the input source to the output + # line sink: +@@ -1324,11 +1296,7 @@ + my ( $fh_stream, $fh_name ) = + Perl::Tidy::streamhandle( $stream, 'r' ); + if ($fh_stream) { +- my ( $fout, $tmpnam ); +- +- # TODO: fix the tmpnam routine to return an open filehandle +- $tmpnam = Perl::Tidy::make_temporary_filename(); +- $fout = IO::File->new( $tmpnam, 'w' ); ++ my ( $fout, $tmpnam ) = tempfile(); + + if ($fout) { + $fname = $tmpnam; +@@ -5159,14 +5127,7 @@ + # Pod::Html requires a real temporary filename + # If we are making a frame, we have a name available + # Otherwise, we have to fine one +- my $tmpfile; +- if ( $rOpts->{'frames'} ) { +- $tmpfile = $self->{_toc_filename}; +- } +- else { +- $tmpfile = Perl::Tidy::make_temporary_filename(); +- } +- my $fh_tmp = IO::File->new( $tmpfile, 'w' ); ++ my ($fh_tmp,$tmpfile) = tempfile(); + unless ($fh_tmp) { + Perl::Tidy::Warn + "unable to open temporary file $tmpfile; cannot use pod2html\n"; diff --git a/dev-perl/perltidy/perltidy-20130922.0.0.ebuild b/dev-perl/perltidy/perltidy-20130922.0.0.ebuild new file mode 100644 index 000000000000..b5c753d44334 --- /dev/null +++ b/dev-perl/perltidy/perltidy-20130922.0.0.ebuild @@ -0,0 +1,30 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/dev-perl/perltidy/perltidy-20130922.0.0.ebuild,v 1.1 2014/03/11 18:40:27 civil Exp $ + +EAPI=4 + +MY_PN=Perl-Tidy +MODULE_AUTHOR=SHANCOCK +MODULE_VERSION=20130922 +inherit perl-module + +DESCRIPTION="Perl script indenter and beautifier" +HOMEPAGE="http://perltidy.sourceforge.net/ ${HOMEPAGE}" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~ppc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~x86-macos ~sparc-solaris" +IUSE="" + +SRC_TEST="do" + +src_prepare() { + epatch "${FILESDIR}/${P}-CVE-2014-2277.patch" +} + +src_install() { + perl-module_src_install + docinto examples + dodoc "${S}"/examples/* +} |