openwrt-packages-dist

46 MiB

Author	SHA1	Message	Date
Philip Prindeville	77c738c54f	perl: update to 5.28.1 Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>	6 years ago
Philip Prindeville	4a94479f96	perl: update to 5.26.1 Required changes: * Add qualifying '.' to scripts or to @INC, as appropriate since we're enabling default_inc_excludes_dot; * Add new platform/library definitions like double-double format and locale library functions/headers; * Delete patch 020 as it's been upstreamed; Optional changes: * Instead of using -@rm and having that fail, emit an error message, and be ignored, just use @rm -f instead which will always succeed. Security [CVE-2017-12837] Heap buffer overflow in regular expression compiler Compiling certain regular expression patterns with the case-insensitive modifier could cause a heap buffer overflow and crash perl. This has now been fixed. [perl #131582] [CVE-2017-12883] Buffer over-read in regular expression parser For certain types of syntax error in a regular expression pattern, the error message could either contain the contents of a random, possibly large, chunk of memory, or could crash perl. This has now been fixed. [perl #131598] [CVE-2017-12814] $ENV{$key} stack buffer overflow on Windows A possible stack buffer overflow in the %ENV code on Windows has been fixed by removing the buffer completely since it was superfluous anyway. [perl #131665] Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>	7 years ago
Michail Frolov	571a810fd4	lang/perl: Upgraded to Perl 5.24.1 Signed-off-by: Michail Frolov <frolovm@pobox.com>	8 years ago
Jo-Philipp Wich	f73e358558	perl: ensure File::Spec::canonpath() preserves taint [CVE-2015-8607] Beginning in PathTools 3.47 and/or perl 5.20.0, the File::Spec::canonpath() routine returned untained strings even if passed tainted input. This defect undermines the guarantee of taint propagation, which is sometimes used to ensure that unvalidated user input does not reach sensitive code. This defect was found and reported by David Golden of MongoDB, and a patch was provided by Tony Cook. References: * https://rt.perl.org/Public/Bug/Display.html?id=126862 * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8607 Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>	9 years ago
Marcel Denia	3aaaede7b2	perl: Reorganize patches The old scheme didn't make any sense...not that there was a scheme really. Signed-off-by: Marcel Denia <naoir@gmx.net>	9 years ago
Marcel Denia	4c57844f0f	lang/perl: Add hack to make perl always use miniperl during build Signed-off-by: Marcel Denia <naoir@gmx.net>	10 years ago

5 Commits (fb7ed3d996b6a6c398aed1eec09efbf9f33b0372)