!10 [sync] PR-9: fix CVE-2023-31484

From: @openeuler-sync-bot 
Reviewed-by: @openeuler-basic 
Signed-off-by: @openeuler-basic

backport-CVE-2023-31484.patch

@@ -0,0 +1,25 @@
+From 9c98370287f4e709924aee7c58ef21c85289a7f0 Mon Sep 17 00:00:00 2001
+From: Stig Palmquist <git@stig.io>
+Date: Tue, 28 Feb 2023 11:54:06 +0100
+Subject: [PATCH] Add verify_SSL=>1 to HTTP::Tiny to verify https server
+ identity
+
+---
+ lib/CPAN/HTTP/Client.pm | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/lib/CPAN/HTTP/Client.pm b/lib/CPAN/HTTP/Client.pm
+index 4fc792c..a616fee 100644
+--- a/lib/CPAN/HTTP/Client.pm
++++ b/lib/CPAN/HTTP/Client.pm
+@@ -32,6 +32,7 @@ sub mirror {
+ 
+     my $want_proxy = $self->_want_proxy($uri);
+     my $http = HTTP::Tiny->new(
++        verify_SSL => 1,
+         $want_proxy ? (proxy => $self->{proxy}) : ()
+     );
+ 
+-- 
+2.33.0
+

perl-CPAN.spec

@@ -1,12 +1,14 @@
 Name:           perl-CPAN
 Version:        2.27
-Release:        3
+Release:        4
 Summary:        Query, download and build perl modules from CPAN sites
 License:        GPL+ or Artistic
 URL:            https://metacpan.org/release/CPAN
 Source0:        https://cpan.metacpan.org/authors/id/A/AN/ANDK/CPAN-%{version}.tar.gz
 BuildArch:      noarch
 
+Patch1:      	backport-CVE-2023-31484.patch
+
 BuildRequires:  coreutils findutils perl(Test::Pod) perl(Test::Pod::Coverage) >= 0.18
 BuildRequires:  perl-interpreter perl-generators perl(ExtUtils::MakeMaker)
 BuildRequires:  perl(Test::More) perl(YAML) perl(Module::Build)
@@ -41,7 +43,7 @@ Bundles simplify handling of sets of related modules.
 %package_help
 
 %prep
-%setup -q -n CPAN-%{version}
+%autosetup -n CPAN-%{version} -p1
 
 %build
 perl Makefile.PL INSTALLDIRS=vendor NO_PERLLOCAL=1 NO_PACKLIST=1
@@ -64,6 +66,9 @@ make test
 %{_mandir}/man3/*
 
 %changelog
+* Tue Jul 4 2023 yanglongkang <yanglongkang@h-partners.com> - 2.27-4
+- fix CVE-2023-31484
+
 * Tue Jan 14 2020 openEuler Buildteam <buildteam@openeuler.org> - 2.27-3
 - revise requires