diff options
| author | V3n3RiX <venerix@koprulu.sector> | 2024-12-22 06:30:44 +0000 |
|---|---|---|
| committer | V3n3RiX <venerix@koprulu.sector> | 2024-12-22 06:30:44 +0000 |
| commit | 5a2cecfc8661e1d3a762adf05cf8eb142cd41710 (patch) | |
| tree | 341806a72603cc8845e7e1595289e7a8b9570f2a /dev-perl/HTTP-Body | |
| parent | d2bcdab82e5f5f38a8ab54026e8aa94edb1b77a6 (diff) | |
gentoo auto-resync : 22:12:2024 - 06:30:44
Diffstat (limited to 'dev-perl/HTTP-Body')
| -rw-r--r-- | dev-perl/HTTP-Body/HTTP-Body-1.220.0-r1.ebuild | 45 | ||||
| -rw-r--r-- | dev-perl/HTTP-Body/Manifest | 3 | ||||
| -rw-r--r-- | dev-perl/HTTP-Body/files/HTTP-Body-1.190.0-CVE-2013-4407.patch | 31 |
3 files changed, 0 insertions, 79 deletions
diff --git a/dev-perl/HTTP-Body/HTTP-Body-1.220.0-r1.ebuild b/dev-perl/HTTP-Body/HTTP-Body-1.220.0-r1.ebuild deleted file mode 100644 index 59a843fa9274..000000000000 --- a/dev-perl/HTTP-Body/HTTP-Body-1.220.0-r1.ebuild +++ /dev/null @@ -1,45 +0,0 @@ -# Copyright 1999-2021 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -DIST_AUTHOR=GETTY -DIST_VERSION=1.22 -inherit perl-module - -DESCRIPTION="HTTP Body Parser" - -SLOT="0" -KEYWORDS="~alpha amd64 ~ppc ~ppc64 ~sparc x86" -IUSE="test" -RESTRICT="!test? ( test )" - -# HTTP::Headers -> HTTP-Message -# HTTP::Request::Common -> HTTP-Message -# IO::File -> IO -RDEPEND=" - virtual/perl-Carp - virtual/perl-Digest-MD5 - >=virtual/perl-File-Temp-0.140.0 - dev-perl/HTTP-Message - >=virtual/perl-IO-1.140.0 -" -BDEPEND="${RDEPEND} - virtual/perl-ExtUtils-MakeMaker - test? ( - virtual/perl-Encode - virtual/perl-File-Spec - >=virtual/perl-File-Temp-0.140.0 - dev-perl/HTTP-Message - dev-perl/Test-Deep - >=virtual/perl-Test-Simple-0.860.0 - ) -" - -PERL_RM_FILES=( - t/02pod.t - t/03podcoverage.t - t/04critic.t -) - -PATCHES=( "${FILESDIR}/${PN}-1.190.0-CVE-2013-4407.patch" ) diff --git a/dev-perl/HTTP-Body/Manifest b/dev-perl/HTTP-Body/Manifest index f68fd20150cc..fa23faa06e6d 100644 --- a/dev-perl/HTTP-Body/Manifest +++ b/dev-perl/HTTP-Body/Manifest @@ -1,7 +1,4 @@ -AUX HTTP-Body-1.190.0-CVE-2013-4407.patch 1288 BLAKE2B 776bf905aae20f57c89b443bd19860d2165d9df9061470dd2e789a4554a9950488127a42dc096a4e22d6866b2219ac7dc6b847c0ec551c947c09c6a1b8651b3f SHA512 9e2988eb26b54588d314c9ea7511dfcb1c4d91cac60fda7db5f3c41ebf72d6b16cb1e3983817d63ea28b413f82489c3e69f332daab0ff049349ec97b4498bfae AUX HTTP-Body-1.230.0-CVE-2013-4407.patch 1396 BLAKE2B fc7aac2586fe65e89c6f33b6bae84cdd111219e6114797f120a95099bfd19c7df5d5dba04aaf4851d174205aa9faf0ae1311f47e50da36a896a83675f76ab038 SHA512 427328319e14f132ca5cecd8359269a045e67a05412019096da2a374e6e96a0fdf1319ce478646ea1184e4e03786ee229774afbe2a2d361603065a5d8677d549 -DIST HTTP-Body-1.22.tar.gz 26163 BLAKE2B c6b2cf67fd9964fe253251dd91a67b11563c3cb157ad670733254acb3d44fcede97dcfb84d09ed52bc9f8cc60275838abd8f110aa01aed3bb18400bcc108b255 SHA512 62665989d76699a3c3747d8f4e23d2009488bc229220bcf6fc07fc425e6ac5118f6ea48c75af681c2f29e9ed644d7a7979368cc36df77aca0544786b523c9cfe DIST HTTP-Body-1.23.tar.gz 26980 BLAKE2B 2ad08b894a26a06089dff6294f978583d49ee5aa770fb195d01fc6db7a39bda0cb831ed5137afabbc75598e2dbe3fb8dd0681f688776270d01f99498abb17c23 SHA512 b02fb8652ceebdaa858ff12fe759ded62eefa7f23e5bf8b90e31a52d4433f13d29986f9646141b92a6a4ea58e1be007c6f675c3e2b26559fa0ff9333e69f3ebb -EBUILD HTTP-Body-1.220.0-r1.ebuild 882 BLAKE2B 9e09a31ec43e3afe07642fb423371976c333fe9a6e1875f22a9dcd3c87050b3e4a2c094ec01064e570cf0408aa213919c27fa02bb39bd0633baceec74bff14bf SHA512 a6c501b1552b67ee885d1b1788cb91d18955bff0229689bf39a5f48f38a6fd578dfb81b5ff482e60bf96d3740631c913b3fc86ca357a1219dfa3747e264aa9f0 EBUILD HTTP-Body-1.230.0.ebuild 843 BLAKE2B bc2183125182bec440142d1833eb1a64ce3dc2091b61d329e70bc3b22641cc78a80b6af51747ede0beddf92c92c483b1c06f5c9cdec99582f9c3652c913ed4b3 SHA512 96578d9f499165ca12a34fc78db1d2bb9920c4c3b0c61f57ac35069cc2ceae2e15a35cd08164e570bd5cea9967967d14778ae774283286565bd4c7770307bf5d MISC metadata.xml 737 BLAKE2B ebbe4c571edaeef494e7df4625fd8388f5808a895c545c55ca7eb4e501fe485d493e1c474e0cc03c458f53c16e3cc96e7bd42454bcb6990505f8aa3bafcf6888 SHA512 814d21c03ff8829f92d3da6df27bea873db8759f0dc56b93b9743909c6465df17f9c74d9b0618d947883e7895e9103157811354c3287beb490cd03fe4ade3855 diff --git a/dev-perl/HTTP-Body/files/HTTP-Body-1.190.0-CVE-2013-4407.patch b/dev-perl/HTTP-Body/files/HTTP-Body-1.190.0-CVE-2013-4407.patch deleted file mode 100644 index 292cac3aa6f4..000000000000 --- a/dev-perl/HTTP-Body/files/HTTP-Body-1.190.0-CVE-2013-4407.patch +++ /dev/null @@ -1,31 +0,0 @@ -Description: Allow only word characters in filename suffixes - CVE-2013-4407: Allow only word characters in filename suffixes. An - attacker able to upload files to a service that uses - HTTP::Body::Multipart could use this issue to upload a file and create - a specifically-crafted temporary filename on the server, that when - processed without further validation, could allow execution of commands - on the server. -Origin: vendor -Bug: https://rt.cpan.org/Ticket/Display.html?id=88342 -Bug-Debian: http://bugs.debian.org/721634 -Bug-RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=1005669 -Forwarded: no -Author: Salvatore Bonaccorso <carnil@debian.org> -Last-Update: 2013-10-21 - -Updated by Andreas K. Huettel <dilfridge@gentoo.org> for HTTP-Body-1.19 - -diff -ruN HTTP-Body-1.19.orig/lib/HTTP/Body/MultiPart.pm HTTP-Body-1.19/lib/HTTP/Body/MultiPart.pm ---- HTTP-Body-1.19.orig/lib/HTTP/Body/MultiPart.pm 2013-12-06 16:07:25.000000000 +0100 -+++ HTTP-Body-1.19/lib/HTTP/Body/MultiPart.pm 2014-11-30 23:17:19.652051615 +0100 -@@ -258,8 +258,8 @@ - - =cut - --our $basename_regexp = qr/[^.]+(\.[^\\\/]+)$/; --#our $basename_regexp = qr/(\.\w+(?:\.\w+)*)$/; -+#our $basename_regexp = qr/[^.]+(\.[^\\\/]+)$/; -+our $basename_regexp = qr/(\.\w+(?:\.\w+)*)$/; - - sub handler { - my ( $self, $part ) = @_; |