aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/patches
diff options
context:
space:
mode:
authorLeo Famulari <leo@famulari.name>2016-08-16 17:58:09 -0400
committerLeo Famulari <leo@famulari.name>2016-08-17 22:55:15 -0400
commita3d6e1f432ad5f9cde8bee670b28646e05c4cb19 (patch)
treee4416208cdcd0ab0df8167153dd26cc0142fceb0 /gnu/packages/patches
parent9bb1826651cf62cef4448b3bf4d9e55da3a0a8d8 (diff)
downloadguix-a3d6e1f432ad5f9cde8bee670b28646e05c4cb19.tar
guix-a3d6e1f432ad5f9cde8bee670b28646e05c4cb19.tar.gz
gnu: perl: Update to 5.24.0.
* gnu/packages/perl.scm: Update to 5.24.0. [source]: Add and remove patches. * gnu/packages/patches/perl-reproducible-build-date.patch: New file. * gnu/packages/patches/perl-CVE-2015-8607.patch, gnu/packages/patches/perl-CVE-2016-2381.patch, gnu/packages/patches/perl-no-build-time.patch, gnu/packages/patches/perl-source-date-epoch.patch: Delete files. * gnu/local.mk (dist_patch_DATA): Add and remove patches.
Diffstat (limited to 'gnu/packages/patches')
-rw-r--r--gnu/packages/patches/perl-CVE-2015-8607.patch68
-rw-r--r--gnu/packages/patches/perl-CVE-2016-2381.patch116
-rw-r--r--gnu/packages/patches/perl-no-build-time.patch26
-rw-r--r--gnu/packages/patches/perl-reproducible-build-date.patch17
-rw-r--r--gnu/packages/patches/perl-source-date-epoch.patch19
5 files changed, 17 insertions, 229 deletions
diff --git a/gnu/packages/patches/perl-CVE-2015-8607.patch b/gnu/packages/patches/perl-CVE-2015-8607.patch
deleted file mode 100644
index 4c25d41740..0000000000
--- a/gnu/packages/patches/perl-CVE-2015-8607.patch
+++ /dev/null
@@ -1,68 +0,0 @@
-From 3a629609084d147838368262171b923f0770e564 Mon Sep 17 00:00:00 2001
-From: Tony Cook <tony@develop-help.com>
-Date: Tue, 15 Dec 2015 10:56:54 +1100
-Subject: ensure File::Spec::canonpath() preserves taint
-
-Previously the unix specific XS implementation of canonpath() would
-return an untainted path when supplied a tainted path.
-
-For the empty string case, newSVpvs() already sets taint as needed on
-its result.
-
-This issue was assigned CVE-2015-8607.
-
-Bug: https://rt.perl.org/Ticket/Display.html?id=126862
-Bug-Debian: https://bugs.debian.org/810719
-Origin: upstream
-Patch-Name: fixes/CVE-2015-8607_file_spec_taint_fix.diff
----
- dist/PathTools/Cwd.xs | 1 +
- dist/PathTools/t/taint.t | 19 ++++++++++++++++++-
- 2 files changed, 19 insertions(+), 1 deletion(-)
-
-diff --git a/dist/PathTools/Cwd.xs b/dist/PathTools/Cwd.xs
-index 9d4dcf0..3d018dc 100644
---- a/dist/PathTools/Cwd.xs
-+++ b/dist/PathTools/Cwd.xs
-@@ -535,6 +535,7 @@ THX_unix_canonpath(pTHX_ SV *path)
- *o = 0;
- SvPOK_on(retval);
- SvCUR_set(retval, o - SvPVX(retval));
-+ SvTAINT(retval);
- return retval;
- }
-
-diff --git a/dist/PathTools/t/taint.t b/dist/PathTools/t/taint.t
-index 309b3e5..48f8c5b 100644
---- a/dist/PathTools/t/taint.t
-+++ b/dist/PathTools/t/taint.t
-@@ -12,7 +12,7 @@ use Test::More;
- BEGIN {
- plan(
- ${^TAINT}
-- ? (tests => 17)
-+ ? (tests => 21)
- : (skip_all => "A perl without taint support")
- );
- }
-@@ -34,3 +34,20 @@ foreach my $func (@Functions) {
-
- # Previous versions of Cwd tainted $^O
- is !tainted($^O), 1, "\$^O should not be tainted";
-+
-+{
-+ # [perl #126862] canonpath() loses taint
-+ my $tainted = substr($ENV{PATH}, 0, 0);
-+ # yes, getcwd()'s result should be tainted, and is tested above
-+ # but be sure
-+ ok tainted(File::Spec->canonpath($tainted . Cwd::getcwd)),
-+ "canonpath() keeps taint on non-empty string";
-+ ok tainted(File::Spec->canonpath($tainted)),
-+ "canonpath() keeps taint on empty string";
-+
-+ (Cwd::getcwd() =~ /^(.*)/);
-+ my $untainted = $1;
-+ ok !tainted($untainted), "make sure our untainted value is untainted";
-+ ok !tainted(File::Spec->canonpath($untainted)),
-+ "canonpath() doesn't add taint to untainted string";
-+}
diff --git a/gnu/packages/patches/perl-CVE-2016-2381.patch b/gnu/packages/patches/perl-CVE-2016-2381.patch
deleted file mode 100644
index 99d1944a5d..0000000000
--- a/gnu/packages/patches/perl-CVE-2016-2381.patch
+++ /dev/null
@@ -1,116 +0,0 @@
-Fix CVE-2016-2381 (ambiguous handling of duplicated environment variables).
-
-Copied from upstream:
-http://perl5.git.perl.org/perl.git/commit/ae37b791a73a9e78dedb89fb2429d2628cf58076
-
-References:
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2381
-http://www.nntp.perl.org/group/perl.perl5.porters/2016/03/msg234747.html
-https://security-tracker.debian.org/tracker/CVE-2016-2381
-
----
-
-From 1237ea93fb2475a5ae576d5ee1358a5bb4ebe426 Mon Sep 17 00:00:00 2001
-From: Tony Cook <tony@develop-help.com>
-Date: Wed, 27 Jan 2016 11:52:15 +1100
-Subject: remove duplicate environment variables from environ
-
-If we see duplicate environment variables while iterating over
-environ[]:
-
-a) make sure we use the same value in %ENV that getenv() returns.
-
-Previously on a duplicate, %ENV would have the last entry for the name
-from environ[], but a typical getenv() would return the first entry.
-
-Rather than assuming all getenv() implementations return the first entry
-explicitly call getenv() to ensure they agree.
-
-b) remove duplicate entries from environ
-
-Previously if there was a duplicate definition for a name in environ[]
-setting that name in %ENV could result in an unsafe value being passed
-to a child process, so ensure environ[] has no duplicates.
-
-Patch-Name: fixes/CVE-2016-2381_duplicate_env.diff
----
- perl.c | 51 +++++++++++++++++++++++++++++++++++++++++++++++++--
- 1 file changed, 49 insertions(+), 2 deletions(-)
-
-diff --git a/perl.c b/perl.c
-index 67d32ce..26aeb91 100644
---- a/perl.c
-+++ b/perl.c
-@@ -4277,23 +4277,70 @@ S_init_postdump_symbols(pTHX_ int argc, char **argv, char **env)
- }
- if (env) {
- char *s, *old_var;
-+ STRLEN nlen;
- SV *sv;
-+ HV *dups = newHV();
-+
- for (; *env; env++) {
- old_var = *env;
-
- if (!(s = strchr(old_var,'=')) || s == old_var)
- continue;
-+ nlen = s - old_var;
-
- #if defined(MSDOS) && !defined(DJGPP)
- *s = '\0';
- (void)strupr(old_var);
- *s = '=';
- #endif
-- sv = newSVpv(s+1, 0);
-- (void)hv_store(hv, old_var, s - old_var, sv, 0);
-+ if (hv_exists(hv, old_var, nlen)) {
-+ const char *name = savepvn(old_var, nlen);
-+
-+ /* make sure we use the same value as getenv(), otherwise code that
-+ uses getenv() (like setlocale()) might see a different value to %ENV
-+ */
-+ sv = newSVpv(PerlEnv_getenv(name), 0);
-+
-+ /* keep a count of the dups of this name so we can de-dup environ later */
-+ if (hv_exists(dups, name, nlen))
-+ ++SvIVX(*hv_fetch(dups, name, nlen, 0));
-+ else
-+ (void)hv_store(dups, name, nlen, newSViv(1), 0);
-+
-+ Safefree(name);
-+ }
-+ else {
-+ sv = newSVpv(s+1, 0);
-+ }
-+ (void)hv_store(hv, old_var, nlen, sv, 0);
- if (env_is_not_environ)
- mg_set(sv);
- }
-+ if (HvKEYS(dups)) {
-+ /* environ has some duplicate definitions, remove them */
-+ HE *entry;
-+ hv_iterinit(dups);
-+ while ((entry = hv_iternext_flags(dups, 0))) {
-+ STRLEN nlen;
-+ const char *name = HePV(entry, nlen);
-+ IV count = SvIV(HeVAL(entry));
-+ IV i;
-+ SV **valp = hv_fetch(hv, name, nlen, 0);
-+
-+ assert(valp);
-+
-+ /* try to remove any duplicate names, depending on the
-+ * implementation used in my_setenv() the iteration might
-+ * not be necessary, but let's be safe.
-+ */
-+ for (i = 0; i < count; ++i)
-+ my_setenv(name, 0);
-+
-+ /* and set it back to the value we set $ENV{name} to */
-+ my_setenv(name, SvPV_nolen(*valp));
-+ }
-+ }
-+ SvREFCNT_dec_NN(dups);
- }
- #endif /* USE_ENVIRON_ARRAY */
- #endif /* !PERL_MICRO */
diff --git a/gnu/packages/patches/perl-no-build-time.patch b/gnu/packages/patches/perl-no-build-time.patch
deleted file mode 100644
index 5d78e8f462..0000000000
--- a/gnu/packages/patches/perl-no-build-time.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-Do not record the configuration and build time so that builds can be
-reproduced bit-for-bit.
-
---- perl-5.22.0/Configure 1970-01-01 01:00:00.000000000 +0100
-+++ perl-5.22.0/Configure 2015-12-13 00:14:43.148165080 +0100
-@@ -3834,6 +3817,7 @@ esac
-
- : who configured the system
- cf_time=`LC_ALL=C; LANGUAGE=C; export LC_ALL; export LANGUAGE; $date 2>&1`
-+cf_time='Thu Jan 1 00:00:01 UTC 1970'
- case "$cf_by" in
- "")
- cf_by=`(logname) 2>/dev/null`
-
---- perl-5.22.0/perl.c 2015-12-13 00:25:30.269156627 +0100
-+++ perl-5.22.0/perl.c 2015-12-13 00:25:38.265218175 +0100
-@@ -1795,7 +1795,7 @@ S_Internals_V(pTHX_ CV *cv)
- PUSHs(Perl_newSVpvn_flags(aTHX_ non_bincompat_options,
- sizeof(non_bincompat_options) - 1, SVs_TEMP));
-
--#ifdef __DATE__
-+#if 0
- # ifdef __TIME__
- PUSHs(Perl_newSVpvn_flags(aTHX_
- STR_WITH_LEN("Compiled at " __DATE__ " " __TIME__),
-
diff --git a/gnu/packages/patches/perl-reproducible-build-date.patch b/gnu/packages/patches/perl-reproducible-build-date.patch
new file mode 100644
index 0000000000..d5bd25dbfb
--- /dev/null
+++ b/gnu/packages/patches/perl-reproducible-build-date.patch
@@ -0,0 +1,17 @@
+Don't encode the current timestamp.
+
+This affects the output of `perl -V`, specifically the message "Compiled
+at [...]".
+
+diff --git a/perl.c b/perl.c
+index 228a0d8..ed38313 100644
+--- a/perl.c
++++ b/perl.c
+@@ -1825,6 +1825,7 @@ S_Internals_V(pTHX_ CV *cv)
+ PUSHs(Perl_newSVpvn_flags(aTHX_ non_bincompat_options,
+ sizeof(non_bincompat_options) - 1, SVs_TEMP));
+
++#define PERL_BUILD_DATE "Jan 1 1970 00:00:00"
+ #ifndef PERL_BUILD_DATE
+ # ifdef __DATE__
+ # ifdef __TIME__
diff --git a/gnu/packages/patches/perl-source-date-epoch.patch b/gnu/packages/patches/perl-source-date-epoch.patch
deleted file mode 100644
index 37330c9537..0000000000
--- a/gnu/packages/patches/perl-source-date-epoch.patch
+++ /dev/null
@@ -1,19 +0,0 @@
-Adapted from <https://bugs.debian.org/801621>.
-Make Pod::Man honor the SOURCE_DATE_EPOCH environment variable.
-
---- perl-5.22.0/cpan/podlators/lib/Pod/Man.pm 2015-12-12 22:33:03.321787590 +0100
-+++ perl-5.22.0/cpan/podlators/lib/Pod/Man.pm 2015-12-12 22:36:33.367361338 +0100
-@@ -884,7 +884,12 @@ sub devise_date {
- my ($self) = @_;
- my $input = $self->source_filename;
- my $time;
-- if ($input) {
-+
-+ if (defined($ENV{SOURCE_DATE_EPOCH}) &&
-+ $ENV{SOURCE_DATE_EPOCH} !~ /\D/) {
-+ $time = $ENV{SOURCE_DATE_EPOCH};
-+ }
-+ elsif ($input) {
- $time = (stat $input)[9] || time;
- } else {
- $time = time;