From 3f7e55baa6b65b39c5698bb58320f85876cebe23 Mon Sep 17 00:00:00 2001
From: Robert Yang <liezhi.yang@windriver.com>
Date: Wed, 17 Jun 2015 00:19:42 -0700
Subject: perl: 5.20.0 -> 5.22.0

* Remove:
  - perl-5.14.3-fix-CVE-2010-4777.patch: backport
  - fix-FF_MORE-crash.patch: backport
  - perl-rprovides.inc: it was introduced by 5.8.7, the lines in it are like:
    RPROVIDES_perl-module-b-asmdata = "perl-module-${TARGET_SYS}-b-asmdata"
    If some packages do RPDEND on something like
    perl-module-${TARGET_SYS}-b-asmdatam, we need update the package rather
    than keep use RPROVIDES in perl-rprovides.inc, so remove it.
  - perl-rprovides_5.20.0.inc: it only has one line:
    RPROVIDES_perl-module-module-build, but the perl-module-module-build
    is gone in 5.22.0, so remove it.

* Update:
  - debian patches from http://ftp.de.debian.org/debian/pool/main/p/perl/perl_5.20.0-1.debian.tar.xz
  - Makefile.SH.patch
  - Merge 0001-Makefile.SH-fix-do_install-failed.patch into Makefile.SH.patch
  - native-nopacklist.patch
  - config.sh

* The CGI.pm and Module::Build disappear from core, so no
  perl-module-module-build.rpm any more, more info:
  http://perltricks.com/article/165/2015/4/10/A-preview-of-Perl-5-22

(From OE-Core rev: 06d43a90acbe63baea62d220659149a3ff2f9198)

Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 .../perl-5.14.3-fix-CVE-2010-4777.patch            | 45 ----------------------
 1 file changed, 45 deletions(-)
 delete mode 100644 meta/recipes-devtools/perl/perl-5.20.0/perl-5.14.3-fix-CVE-2010-4777.patch

(limited to 'meta/recipes-devtools/perl/perl-5.20.0/perl-5.14.3-fix-CVE-2010-4777.patch')

diff --git a/meta/recipes-devtools/perl/perl-5.20.0/perl-5.14.3-fix-CVE-2010-4777.patch b/meta/recipes-devtools/perl/perl-5.20.0/perl-5.14.3-fix-CVE-2010-4777.patch
deleted file mode 100644
index e0dcf412bb..0000000000
--- a/meta/recipes-devtools/perl/perl-5.20.0/perl-5.14.3-fix-CVE-2010-4777.patch
+++ /dev/null
@@ -1,45 +0,0 @@
-perl:fix for CVE-2010-4777
-
-Upstream-Status: Backport
-    
-The Perl_reg_numbered_buff_fetch function in Perl 5.10.0, 5.12.0,
-5.14.0, and other versions, when running with debugging enabled,
-allows context-dependent attackers to cause a denial of service
-(assertion failure and application exit) via crafted input that
-is not properly handled when using certain regular expressions,
-as demonstrated by causing SpamAssassin and OCSInventory to
-crash.
-
-http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4777
-
-Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com>
---- a/regcomp.c
-+++ b/regcomp.c
-@@ -11868,8 +11868,25 @@ Perl_save_re_context(pTHX)
- 
- 		if (gvp) {
- 		    GV * const gv = *gvp;
--		    if (SvTYPE(gv) == SVt_PVGV && GvSV(gv))
--			save_scalar(gv);
-+		    if (SvTYPE(gv) == SVt_PVGV && GvSV(gv)) {
-+			/* this is a copy of save_scalar() without the GETMAGIC call, RT#76538 */
-+			SV ** const sptr = &GvSVn(gv);
-+			SV * osv = *sptr;
-+			SV * nsv = newSV(0);
-+			save_pushptrptr(SvREFCNT_inc_simple(gv),
-+			SvREFCNT_inc(osv), SAVEt_SV);
-+			if (SvTYPE(osv) >= SVt_PVMG && SvMAGIC(osv) &&
-+			    SvTYPE(osv) != SVt_PVGV) {
-+			    if (SvGMAGICAL(osv)) {
-+				const bool oldtainted = PL_tainted;
-+				SvFLAGS(osv) |= (SvFLAGS(osv) &
-+				    (SVp_IOK|SVp_NOK|SVp_POK)) >> PRIVSHIFT;
-+				PL_tainted = oldtainted;
-+			    }
-+			    mg_localize(osv, nsv, 1);
-+			}
-+			*sptr = nsv;
-+		    }
- 		}
- 	    }
- 	}
-- 
cgit v1.2.3-54-g00ecf