diff options
Diffstat (limited to 'meta/recipes-devtools/perl/perl/perl-fix-CVE-2016-1238.patch')
-rw-r--r-- | meta/recipes-devtools/perl/perl/perl-fix-CVE-2016-1238.patch | 352 |
1 files changed, 0 insertions, 352 deletions
diff --git a/meta/recipes-devtools/perl/perl/perl-fix-CVE-2016-1238.patch b/meta/recipes-devtools/perl/perl/perl-fix-CVE-2016-1238.patch deleted file mode 100644 index 730ef178ad..0000000000 --- a/meta/recipes-devtools/perl/perl/perl-fix-CVE-2016-1238.patch +++ /dev/null @@ -1,352 +0,0 @@ -From 9987be3d24286d96d9dccec0433253ee8ad894b4 Mon Sep 17 00:00:00 2001 -From: Tony Cook <tony@develop-help.com> -Date: Tue, 21 Jun 2016 10:02:02 +1000 -Subject: [PATCH] perl: fix CVE-2016-1238 - -(perl #127834) remove . from the end of @INC if complex modules are loaded - -While currently Encode and Storable are know to attempt to load modules -not included in the core, updates to other modules may lead to those -also attempting to load new modules, so be safe and remove . for those -as well. - -Backport patch from http://perl5.git.perl.org/perl.git/commitdiff/cee96d52c39b1e7b36e1c62d38bcd8d86e9a41ab - -Upstream-Status: Backport -CVE: CVE-2016-1238 -Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com> ---- - cpan/Archive-Tar/bin/ptar | 1 + - cpan/Archive-Tar/bin/ptardiff | 1 + - cpan/Archive-Tar/bin/ptargrep | 1 + - cpan/CPAN/scripts/cpan | 1 + - cpan/Digest-SHA/shasum | 1 + - cpan/Encode/bin/enc2xs | 1 + - cpan/Encode/bin/encguess | 1 + - cpan/Encode/bin/piconv | 1 + - cpan/Encode/bin/ucmlint | 1 + - cpan/Encode/bin/unidump | 1 + - cpan/ExtUtils-MakeMaker/bin/instmodsh | 1 + - cpan/IO-Compress/bin/zipdetails | 1 + - cpan/JSON-PP/bin/json_pp | 1 + - cpan/Test-Harness/bin/prove | 1 + - dist/ExtUtils-ParseXS/lib/ExtUtils/xsubpp | 1 + - dist/Module-CoreList/corelist | 1 + - ext/Pod-Html/bin/pod2html | 1 + - utils/c2ph.PL | 1 + - utils/h2ph.PL | 2 ++ - utils/h2xs.PL | 2 ++ - utils/libnetcfg.PL | 1 + - utils/perlbug.PL | 1 + - utils/perldoc.PL | 5 ++++- - utils/perlivp.PL | 2 ++ - utils/splain.PL | 6 ++++++ - 25 files changed, 36 insertions(+), 1 deletion(-) - -diff --git a/cpan/Archive-Tar/bin/ptar b/cpan/Archive-Tar/bin/ptar -index 0eaffa7..9dc6402 100644 ---- a/cpan/Archive-Tar/bin/ptar -+++ b/cpan/Archive-Tar/bin/ptar -@@ -1,6 +1,7 @@ - #!/usr/bin/perl - use strict; - -+BEGIN { pop @INC if $INC[-1] eq '.' } - use File::Find; - use Getopt::Std; - use Archive::Tar; -diff --git a/cpan/Archive-Tar/bin/ptardiff b/cpan/Archive-Tar/bin/ptardiff -index 66bd859..4668fa6 100644 ---- a/cpan/Archive-Tar/bin/ptardiff -+++ b/cpan/Archive-Tar/bin/ptardiff -@@ -1,5 +1,6 @@ - #!/usr/bin/perl - -+BEGIN { pop @INC if $INC[-1] eq '.' } - use strict; - use Archive::Tar; - use Getopt::Std; -diff --git a/cpan/Archive-Tar/bin/ptargrep b/cpan/Archive-Tar/bin/ptargrep -index 1a320f1..8dc6b4f 100644 ---- a/cpan/Archive-Tar/bin/ptargrep -+++ b/cpan/Archive-Tar/bin/ptargrep -@@ -4,6 +4,7 @@ - # archive. See 'ptargrep --help' for more documentation. - # - -+BEGIN { pop @INC if $INC[-1] eq '.' } - use strict; - use warnings; - -diff --git a/cpan/CPAN/scripts/cpan b/cpan/CPAN/scripts/cpan -index 5f4320e..ccba47e 100644 ---- a/cpan/CPAN/scripts/cpan -+++ b/cpan/CPAN/scripts/cpan -@@ -1,5 +1,6 @@ - #!/usr/local/bin/perl - -+BEGIN { pop @INC if $INC[-1] eq '.' } - use strict; - use vars qw($VERSION); - -diff --git a/cpan/Digest-SHA/shasum b/cpan/Digest-SHA/shasum -index 14ddd60..62a2b0e 100644 ---- a/cpan/Digest-SHA/shasum -+++ b/cpan/Digest-SHA/shasum -@@ -13,6 +13,7 @@ - ## "-0" option for reading bit strings, and - ## "-p" option for portable digests (to be deprecated). - -+BEGIN { pop @INC if $INC[-1] eq '.' } - use strict; - use warnings; - use Fcntl; -diff --git a/cpan/Encode/bin/enc2xs b/cpan/Encode/bin/enc2xs -index 4d64e38..473a15c 100644 ---- a/cpan/Encode/bin/enc2xs -+++ b/cpan/Encode/bin/enc2xs -@@ -4,6 +4,7 @@ BEGIN { - # with $ENV{PERL_CORE} set - # In case we need it in future... - require Config; import Config; -+ pop @INC if $INC[-1] eq '.'; - } - use strict; - use warnings; -diff --git a/cpan/Encode/bin/encguess b/cpan/Encode/bin/encguess -index 5d7ac80..0be5c7c 100644 ---- a/cpan/Encode/bin/encguess -+++ b/cpan/Encode/bin/encguess -@@ -1,5 +1,6 @@ - #!./perl - use 5.008001; -+BEGIN { pop @INC if $INC[-1] eq '.' } - use strict; - use warnings; - use Encode; -diff --git a/cpan/Encode/bin/piconv b/cpan/Encode/bin/piconv -index c1dad9e..60b2a59 100644 ---- a/cpan/Encode/bin/piconv -+++ b/cpan/Encode/bin/piconv -@@ -1,6 +1,7 @@ - #!./perl - # $Id: piconv,v 2.7 2014/05/31 09:48:48 dankogai Exp $ - # -+BEGIN { pop @INC if $INC[-1] eq '.' } - use 5.8.0; - use strict; - use Encode ; -diff --git a/cpan/Encode/bin/ucmlint b/cpan/Encode/bin/ucmlint -index 622376d..25e0d67 100644 ---- a/cpan/Encode/bin/ucmlint -+++ b/cpan/Encode/bin/ucmlint -@@ -3,6 +3,7 @@ - # $Id: ucmlint,v 2.2 2008/03/12 09:51:11 dankogai Exp $ - # - -+BEGIN { pop @INC if $INC[-1] eq '.' } - use strict; - our $VERSION = do { my @r = (q$Revision: 2.2 $ =~ /\d+/g); sprintf "%d."."%02d" x $#r, @r }; - -diff --git a/cpan/Encode/bin/unidump b/cpan/Encode/bin/unidump -index ae0da30..f190827 100644 ---- a/cpan/Encode/bin/unidump -+++ b/cpan/Encode/bin/unidump -@@ -1,5 +1,6 @@ - #!./perl - -+BEGIN { pop @INC if $INC[-1] eq '.' } - use strict; - use Encode; - use Getopt::Std; -diff --git a/cpan/ExtUtils-MakeMaker/bin/instmodsh b/cpan/ExtUtils-MakeMaker/bin/instmodsh -index e551434..b3b109f 100644 ---- a/cpan/ExtUtils-MakeMaker/bin/instmodsh -+++ b/cpan/ExtUtils-MakeMaker/bin/instmodsh -@@ -1,5 +1,6 @@ - #!/usr/bin/perl -w - -+BEGIN { pop @INC if $INC[-1] eq '.' } - use strict; - use IO::File; - use ExtUtils::Packlist; -diff --git a/cpan/IO-Compress/bin/zipdetails b/cpan/IO-Compress/bin/zipdetails -index 0249850..1b9c70a 100644 ---- a/cpan/IO-Compress/bin/zipdetails -+++ b/cpan/IO-Compress/bin/zipdetails -@@ -5,6 +5,7 @@ - # Display info on the contents of a Zip file - # - -+BEGIN { pop @INC if $INC[-1] eq '.' } - use strict; - use warnings ; - -diff --git a/cpan/JSON-PP/bin/json_pp b/cpan/JSON-PP/bin/json_pp -index df9d243..896cd2f 100644 ---- a/cpan/JSON-PP/bin/json_pp -+++ b/cpan/JSON-PP/bin/json_pp -@@ -1,5 +1,6 @@ - #!/usr/bin/perl - -+BEGIN { pop @INC if $INC[-1] eq '.' } - use strict; - use Getopt::Long; - -diff --git a/cpan/Test-Harness/bin/prove b/cpan/Test-Harness/bin/prove -index 6637cc4..d71b238 100644 ---- a/cpan/Test-Harness/bin/prove -+++ b/cpan/Test-Harness/bin/prove -@@ -1,5 +1,6 @@ - #!/usr/bin/perl -w - -+BEGIN { pop @INC if $INC[-1] eq '.' } - use strict; - use warnings; - use App::Prove; -diff --git a/dist/ExtUtils-ParseXS/lib/ExtUtils/xsubpp b/dist/ExtUtils-ParseXS/lib/ExtUtils/xsubpp -index e2ac71a..d596cdf 100644 ---- a/dist/ExtUtils-ParseXS/lib/ExtUtils/xsubpp -+++ b/dist/ExtUtils-ParseXS/lib/ExtUtils/xsubpp -@@ -1,5 +1,6 @@ - #!perl - use 5.006; -+BEGIN { pop @INC if $INC[-1] eq '.' } - use strict; - eval { - require ExtUtils::ParseXS; -diff --git a/dist/Module-CoreList/corelist b/dist/Module-CoreList/corelist -index aa4a945..bbe61cc 100644 ---- a/dist/Module-CoreList/corelist -+++ b/dist/Module-CoreList/corelist -@@ -130,6 +130,7 @@ requested perl versions. - - =cut - -+BEGIN { pop @INC if $INC[-1] eq '.' } - use Module::CoreList; - use Getopt::Long qw(:config no_ignore_case); - use Pod::Usage; -diff --git a/ext/Pod-Html/bin/pod2html b/ext/Pod-Html/bin/pod2html -index b022859..7d1d232 100644 ---- a/ext/Pod-Html/bin/pod2html -+++ b/ext/Pod-Html/bin/pod2html -@@ -216,6 +216,7 @@ This program is distributed under the Artistic License. - - =cut - -+BEGIN { pop @INC if $INC[-1] eq '.' } - use Pod::Html; - - pod2html @ARGV; -diff --git a/utils/c2ph.PL b/utils/c2ph.PL -index 13389ec..cef0b5c 100644 ---- a/utils/c2ph.PL -+++ b/utils/c2ph.PL -@@ -280,6 +280,7 @@ Anyway, here it is. Should run on perl v4 or greater. Maybe less. - - $RCSID = '$Id: c2ph,v 1.7 95/10/28 10:41:47 tchrist Exp Locker: tchrist $'; - -+BEGIN { pop @INC if $INC[-1] eq '.' } - use File::Temp; - - ###################################################################### -diff --git a/utils/h2ph.PL b/utils/h2ph.PL -index 55c1f72..300b756 100644 ---- a/utils/h2ph.PL -+++ b/utils/h2ph.PL -@@ -36,6 +36,8 @@ $Config{startperl} - - print OUT <<'!NO!SUBS!'; - -+BEGIN { pop @INC if $INC[-1] eq '.' } -+ - use strict; - - use Config; -diff --git a/utils/h2xs.PL b/utils/h2xs.PL -index 268f680..f95ee0c 100644 ---- a/utils/h2xs.PL -+++ b/utils/h2xs.PL -@@ -35,6 +35,8 @@ $Config{startperl} - - print OUT <<'!NO!SUBS!'; - -+BEGIN { pop @INC if $INC[-1] eq '.' } -+ - use warnings; - - =head1 NAME -diff --git a/utils/libnetcfg.PL b/utils/libnetcfg.PL -index 59a2de8..26d2f99 100644 ---- a/utils/libnetcfg.PL -+++ b/utils/libnetcfg.PL -@@ -97,6 +97,7 @@ Jarkko Hietaniemi, conversion into libnetcfg for inclusion into Perl 5.8. - - # $Id: Configure,v 1.8 1997/03/04 09:22:32 gbarr Exp $ - -+BEGIN { pop @INC if $INC[-1] eq '.' } - use strict; - use IO::File; - use Getopt::Std; -diff --git a/utils/perlbug.PL b/utils/perlbug.PL -index 885785a..ae8c343 100644 ---- a/utils/perlbug.PL -+++ b/utils/perlbug.PL -@@ -57,6 +57,7 @@ print OUT <<'!NO!SUBS!'; - my @patches = Config::local_patches(); - my $patch_tags = join "", map /(\S+)/ ? "+$1 " : (), @patches; - -+BEGIN { pop @INC if $INC[-1] eq '.' } - use warnings; - use strict; - use Config; -diff --git a/utils/perldoc.PL b/utils/perldoc.PL -index e201de9..cd60bd4 100644 ---- a/utils/perldoc.PL -+++ b/utils/perldoc.PL -@@ -44,7 +44,10 @@ $Config{startperl} - # This "$file" file was generated by "$0" - - require 5; --BEGIN { \$^W = 1 if \$ENV{'PERLDOCDEBUG'} } -+BEGIN { -+ \$^W = 1 if \$ENV{'PERLDOCDEBUG'}; -+ pop \@INC if \$INC[-1] eq '.'; -+} - use Pod::Perldoc; - exit( Pod::Perldoc->run() ); - -diff --git a/utils/perlivp.PL b/utils/perlivp.PL -index cc49f96..696a44e 100644 ---- a/utils/perlivp.PL -+++ b/utils/perlivp.PL -@@ -39,6 +39,8 @@ print OUT "\n# perlivp $^V\n"; - - print OUT <<'!NO!SUBS!'; - -+BEGIN { pop @INC if $INC[-1] eq '.' } -+ - sub usage { - warn "@_\n" if @_; - print << " EOUSAGE"; -diff --git a/utils/splain.PL b/utils/splain.PL -index 9c70b61..cae84a0 100644 ---- a/utils/splain.PL -+++ b/utils/splain.PL -@@ -38,6 +38,12 @@ $Config{startperl} - if \$running_under_some_shell; - !GROK!THIS! - -+print <<'!NO!SUBS!'; -+ -+BEGIN { pop @INC if $INC[-1] eq '.' } -+ -+!NO!SUBS! -+ - while (<IN>) { - print OUT unless /^package diagnostics/; - } --- -2.8.1 - |