diff options
author | Lee Chee Yang <chee.yang.lee@intel.com> | 2023-12-14 20:32:51 +0800 |
---|---|---|
committer | Steve Sakoman <steve@sakoman.com> | 2023-12-21 05:17:55 -1000 |
commit | 8efd61ccb1964360444ed6eba9b88e20e2ee5953 (patch) | |
tree | b9ab47736fed46d0c79938044330d25405035514 /meta/recipes-devtools/perl/files/CVE-2023-31484.patch | |
parent | 43fa25ea6fd7c783aabdfe4cbc71b2eb3666b195 (diff) | |
download | poky-8efd61ccb1964360444ed6eba9b88e20e2ee5953.tar.gz |
perl: fix CVE-2023-31484/47038/47100
import patch from ubuntu
http://archive.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.30.0-9ubuntu0.5.debian.tar.xz
fix:
CVE-2023-31484
CVE-2023-47038
CVE-2023-47100
as per https://ubuntu.com/security/CVE-2023-47100 ,
CVE-2023-47100 is duplicate of CVE-2023-47038.
perl import entire CPAN in single commit,
hence backport fix from their upstream cpan instead.
(From OE-Core rev: 74861848ba0d3ba920ef54f016240807ba42682a)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Diffstat (limited to 'meta/recipes-devtools/perl/files/CVE-2023-31484.patch')
-rw-r--r-- | meta/recipes-devtools/perl/files/CVE-2023-31484.patch | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/meta/recipes-devtools/perl/files/CVE-2023-31484.patch b/meta/recipes-devtools/perl/files/CVE-2023-31484.patch new file mode 100644 index 0000000000..0fea7bf8a8 --- /dev/null +++ b/meta/recipes-devtools/perl/files/CVE-2023-31484.patch | |||
@@ -0,0 +1,27 @@ | |||
1 | CVE: CVE-2023-31484 | ||
2 | Upstream-Status: Backport [ import from Ubuntu perl_5.30.0-9ubuntu0.5 | ||
3 | upstream https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0 ] | ||
4 | Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> | ||
5 | |||
6 | From 9c98370287f4e709924aee7c58ef21c85289a7f0 Mon Sep 17 00:00:00 2001 | ||
7 | From: Stig Palmquist <git@stig.io> | ||
8 | Date: Tue, 28 Feb 2023 11:54:06 +0100 | ||
9 | Subject: [PATCH] Add verify_SSL=>1 to HTTP::Tiny to verify https server | ||
10 | identity | ||
11 | |||
12 | --- | ||
13 | lib/CPAN/HTTP/Client.pm | 1 + | ||
14 | 1 file changed, 1 insertion(+) | ||
15 | |||
16 | diff --git a/cpan/CPAN/lib/CPAN/HTTP/Client.pm b/cpan/CPAN/lib/CPAN/HTTP/Client.pm | ||
17 | index 4fc792c26..a616fee20 100644 | ||
18 | --- a/cpan/CPAN/lib/CPAN/HTTP/Client.pm | ||
19 | +++ b/cpan/CPAN/lib/CPAN/HTTP/Client.pm | ||
20 | @@ -32,6 +32,7 @@ sub mirror { | ||
21 | |||
22 | my $want_proxy = $self->_want_proxy($uri); | ||
23 | my $http = HTTP::Tiny->new( | ||
24 | + verify_SSL => 1, | ||
25 | $want_proxy ? (proxy => $self->{proxy}) : () | ||
26 | ); | ||
27 | |||