pool/perl-DateTime-Locale
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 972539 from devel:languages:perl:autoupdate

Browse Source 
- updated to 1.35
   see /usr/share/doc/packages/perl-DateTime-Locale/Changes
  1.35     2022-04-23
  - The code passed to DateTime::Locale->load is now validated and untainted
    before using it to load and eval data from the filesystem. I don't think
    there were any security issues without this, as the load method would only
    attempt to load data from disk if the code was already known. This means
    that attempting to pass in any sort of arbitrary path to the load method
    would simply result in an error that the code was invalid, and there would
    be no attempt to read from disk. Based on GH #30. Implemented by James
    Raspass.

OBS-URL: https://build.opensuse.org/request/show/972539
OBS-URL: https://build.opensuse.org/package/show/devel:languages:perl/perl-DateTime-Locale?expand=0&rev=72
This commit is contained in:
Stephan Kulow 2022-04-28 05:09:33 +00:00 committed by Git OBS Bridge
parent d4c6d70957
commit cd38addb4d
4 changed files with 23 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
DateTime-Locale-1.34.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:b3c4db7d0afba9762315379f1e64d798ff21fc99f987e8cfedc07a2f7cf20340
size 1505096

3
DateTime-Locale-1.35.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:6104a15626331b521746a8ab30c1d978420b3347c235ee52c2e6de5ce2113aac
size 1505857

17
perl-DateTime-Locale.changes
View File

@ -1,3 +1,20 @@
-------------------------------------------------------------------
Sun Apr 24 03:06:18 UTC 2022 - Tina Müller <timueller+perl@suse.de>
- updated to 1.35
see /usr/share/doc/packages/perl-DateTime-Locale/Changes
1.35 2022-04-23
- The code passed to DateTime::Locale->load is now validated and untainted
before using it to load and eval data from the filesystem. I don't think
there were any security issues without this, as the load method would only
attempt to load data from disk if the code was already known. This means
that attempting to pass in any sort of arbitrary path to the load method
would simply result in an error that the code was invalid, and there would
be no attempt to read from disk. Based on GH #30. Implemented by James
Raspass.
------------------------------------------------------------------- -------------------------------------------------------------------
Sat Apr 9 03:06:18 UTC 2022 - Tina Müller <timueller+perl@suse.de> Sat Apr 9 03:06:18 UTC 2022 - Tina Müller <timueller+perl@suse.de>

6
perl-DateTime-Locale.spec
View File

@ -18,10 +18,10 @@
%define cpan_name DateTime-Locale %define cpan_name DateTime-Locale
Name: perl-DateTime-Locale Name: perl-DateTime-Locale
Version: 1.340000 Version: 1.350000
Release: 0 Release: 0
%define cpan_version 1.34 %define cpan_version 1.35
Provides: perl(DateTime::Locale) = 1.340000 Provides: perl(DateTime::Locale) = 1.350000
License: Artistic-1.0 OR GPL-1.0-or-later License: Artistic-1.0 OR GPL-1.0-or-later
Summary: Localization support for DateTime.pm Summary: Localization support for DateTime.pm
URL: https://metacpan.org/release/%{cpan_name} URL: https://metacpan.org/release/%{cpan_name}