packages/perl-Encode
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!9 [sync] PR-8: fix CVE-2021-36770

Browse Source 
From: @openeuler-sync-bot 
Reviewed-by: @myeuler 
Signed-off-by: @myeuler
This commit is contained in:
openeuler-ci-bot 2022-02-28 09:48:02 +00:00 committed by Gitee
commit fbf053d4d3
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 46 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
backport-CVE-2021-36770.patch Normal file
View File

@ -0,0 +1,36 @@
From 527e482dc70b035d0df4f8c77a00d81f8d775c74 Mon Sep 17 00:00:00 2001
From: Dan Kogai <dankogai+github@github.com>
Date: Mon, 9 Aug 2021 23:19:25 +0900
Subject: [PATCH] version 3.12 to address CVE-2021-36770
---
Encode.pm | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/Encode.pm b/Encode.pm
index de06ba1..0bb44dd 100644
--- a/Encode.pm
+++ b/Encode.pm
@@ -7,7 +7,7 @@ use warnings;
use constant DEBUG => !!$ENV{PERL_ENCODE_DEBUG};
our $VERSION;
BEGIN {
- $VERSION = sprintf "%d.%02d", q$Revision: 3.06 $ =~ /(\d+)/g;
+ $VERSION = sprintf "%d.%02d", q$Revision: 3.12 $ =~ /(\d+)/g;
require XSLoader;
XSLoader::load( __PACKAGE__, $VERSION );
}
@@ -65,8 +65,8 @@ require Encode::Config;
eval {
local $SIG{__DIE__};
local $SIG{__WARN__};
- local @INC = @INC || ();
- pop @INC if $INC[-1] eq '.';
+ local @INC = @INC;
+ pop @INC if @INC && $INC[-1] eq '.';
require Encode::ConfigLocal;
};
--
2.27.0

11
perl-Encode.spec
View File

@ -2,11 +2,14 @@
Name: perl-Encode
Epoch: 4
Version: %{cpan_version}
Release: 1
Release: 2
Summary: Character encodings in Perl
License: (GPL+ or Artistic) and Artistic 2.0 and UCD
URL: https://metacpan.org/release/Encode
Source0: https://cpan.metacpan.org/authors/id/D/DA/DANKOGAI/Encode-%{cpan_version}.tar.gz
Patch6000: backport-CVE-2021-36770.patch
BuildRequires: findutils gcc make perl-devel perl-generators perl-interpreter perl(Config) perl(ExtUtils::MakeMaker) perl(File::Spec) perl(File::Spec::Functions) perl(strict) perl(warnings)
BuildRequires: perl(bytes) perl(Carp) perl(constant) perl(Exporter) perl(File::Basename) perl(File::Find) perl(Filter::Util::Call) perl(Getopt::Long) perl(Getopt::Std)
BuildRequires: perl(MIME::Base64) perl(overload) perl(parent) perl(re) perl(Storable) perl(utf8) perl(vars) perl(XSLoader)
@ -93,6 +96,12 @@ make test
%{_mandir}/man3/Encode::*
%changelog
* Fri Feb 25 2022 wangjiang<wangjiang37@h-partners.com> - 3.06-2
- Type:CVE
- ID:CVE-2021-36770
- SUG:NA
- DESC:fix CVE-2021-36770
* Mon Aug 24 2020 SimpleUpdate Robot <tc@openeuler.org> - 3.06-1
- Upgrade to version 3.06