Accepting request 1103914 from devel:languages:perl

OBS-URL: https://build.opensuse.org/request/show/1103914
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/perl-LWP-Protocol-https?expand=0&rev=17

CVE-2014-3230.patch

@@ -1,40 +0,0 @@
-From 1b924708663f457a4f7c25ed35d7dfb3bb5b334d Mon Sep 17 00:00:00 2001
-From: Steffen Ullrich <Steffen_Ullrich@genua.de>
-Date: Sat, 3 May 2014 23:04:36 +0200
-Subject: [PATCH 1/3] Debian #746576 - don't disale verification if only
- hostnames should not be verified
-
----
- lib/LWP/Protocol/https.pm | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-Index: LWP-Protocol-https-6.06/lib/LWP/Protocol/https.pm
-===================================================================
---- LWP-Protocol-https-6.06.orig/lib/LWP/Protocol/https.pm
-+++ LWP-Protocol-https-6.06/lib/LWP/Protocol/https.pm
-@@ -21,7 +21,11 @@ sub _extra_sock_opts
- 	$ssl_opts{SSL_verifycn_scheme} = 'www';
-     }
-     else {
--	$ssl_opts{SSL_verify_mode} = 0;
-+	if ( $Net::HTTPS::SSL_SOCKET_CLASS eq 'Net::SSL' ) {
-+	    $ssl_opts{SSL_verifycn_scheme} = '';
-+	} else {
-+	    $ssl_opts{SSL_verifycn_scheme} = 'none';
-+	}
-     }
-     my $suse_allows_mozilla_ca = 0;
-     if ($suse_allows_mozilla_ca && $ssl_opts{SSL_verify_mode}) {
-Index: LWP-Protocol-https-6.06/t/https_proxy.t
-===================================================================
---- LWP-Protocol-https-6.06.orig/t/https_proxy.t
-+++ LWP-Protocol-https-6.06/t/https_proxy.t
-@@ -66,7 +66,7 @@ my %ua;
- $ua{noproxy} = LWP::UserAgent->new(
-     keep_alive => 10, # size of connection cache
-     # server does not know the expected name and returns generic certificate
--    ssl_opts => { verify_hostname => 0 }
-+    ssl_opts => { verify_hostname => 0, SSL_ca_file => $cafile, }
- );
- 
- $ua{proxy} = LWP::UserAgent->new(

LWP-Protocol-https-6.09-systemca.diff

@@ -1,24 +1,14 @@
-diff -ur LWP-Protocol-https-6.09/lib/LWP/Protocol/https.pm LWP-Protocol-https-6.09_fix/lib/LWP/Protocol/https.pm
---- LWP-Protocol-https-6.09/lib/LWP/Protocol/https.pm	2020-07-16 15:33:07.000000000 +0200
-+++ LWP-Protocol-https-6.09_fix/lib/LWP/Protocol/https.pm	2020-10-15 15:56:49.380284037 +0200
-@@ -22,7 +22,8 @@
-     else {
- 	$ssl_opts{SSL_verify_mode} = 0;
+diff --git a/lib/LWP/Protocol/https.pm b/lib/LWP/Protocol/https.pm
+index 16fce19..b1a18df 100644
+--- a/lib/LWP/Protocol/https.pm
++++ b/lib/LWP/Protocol/https.pm
+@@ -28,7 +28,8 @@ sub _extra_sock_opts
+             $ssl_opts{SSL_verifycn_scheme} = 'none';
+         }
      }
 -    if ($ssl_opts{SSL_verify_mode}) {
 +    my $suse_allows_mozilla_ca = 0;
 +    if ($suse_allows_mozilla_ca && $ssl_opts{SSL_verify_mode}) {
- 	unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) {
- 	    eval {
- 		require Mozilla::CA;
-diff -ur LWP-Protocol-https-6.09/Makefile.PL LWP-Protocol-https-6.09_fix/Makefile.PL
---- LWP-Protocol-https-6.09/Makefile.PL	2020-07-16 15:33:07.000000000 +0200
-+++ LWP-Protocol-https-6.09_fix/Makefile.PL	2020-10-15 15:56:08.235630479 +0200
-@@ -22,7 +22,6 @@
-     "IO::Socket::SSL" => "1.54",
-     "LWP::Protocol::http" => 0,
-     "LWP::UserAgent" => "6.06",
--    "Mozilla::CA" => 20180117,
-     "Net::HTTPS" => 6,
-     "base" => 0,
-     "strict" => 0
+         unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) {
+             if ($Net::HTTPS::SSL_SOCKET_CLASS eq 'IO::Socket::SSL'
+                 && defined &IO::Socket::SSL::default_ca

LWP-Protocol-https-6.11.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:0132ddbf03661565ca85050f2a5094fb9263cbbc3ccb1a4d9c41ac9bb083b917
+size 32599

cpanspec.yml

@@ -8,7 +8,6 @@ patches:
  # patch for using system certificates
  "%{cpan_name}-6.09-systemca.diff": -p1
  # see https://github.com/libwww-perl/lwp-protocol-https/pull/14
- CVE-2014-3230.patch: -p1
 #preamble: |-
 # BuildRequires:  gcc-c++
 #post_prep: |-

perl-LWP-Protocol-https.changes

@@ -1,3 +1,30 @@
+-------------------------------------------------------------------
+Fri Aug 11 16:36:32 UTC 2023 - Tina Müller <tina.mueller@suse.com>
+
+- Remove CVE-2014-3230.patch, upstream was fixed. CVE-2014-3230, Debian #746576
+
+-------------------------------------------------------------------
+Fri Aug 11 16:30:24 UTC 2023 - Tina Müller <tina.mueller@suse.com>
+
+- Update LWP-Protocol-https-6.09-systemca.diff
+
+-------------------------------------------------------------------
+Mon Jul 10 03:06:48 UTC 2023 - Tina Müller <timueller+perl@suse.de>
+
+- updated to 6.11
+   see /usr/share/doc/packages/perl-LWP-Protocol-https/Changes
+
+  6.11      2023-07-09 15:10:30Z
+      - Remove Authority section from dist.ini (GH#64) (Olaf Alders)
+      - Add very basic diagnostic information via test (GH#73) (Olaf Alders)
+      - CVE-2014-3230 - don't disable verification if only hostnames should not
+        (GH#14) (Steffen Ullrich)
+      - Make explicit requirement of Mozilla::CA obsolete (GH#72) (Steffen
+        Ullrich and Olaf Alders)
+      - Remove _in_san and _cn_match. Empty out the _check_sock hook (GH#71)
+        (Chase Whitener)
+      - Use warnings (GH#69) (Pete Houston)
+
 -------------------------------------------------------------------
 Fri Dec 18 03:07:41 UTC 2020 - Tina Müller <timueller+perl@suse.de>
 

perl-LWP-Protocol-https.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package perl-LWP-Protocol-https
 #
-# Copyright (c) 2020 SUSE LLC
+# Copyright (c) 2023 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -16,35 +16,35 @@
 #
 
 
-Name:           perl-LWP-Protocol-https
-Version:        6.10
-Release:        0
 %define cpan_name LWP-Protocol-https
-Summary:        Provide https support for LWP::UserAgent
+Name:           perl-LWP-Protocol-https
+Version:        6.110.0
+Release:        0
+%define cpan_version 6.11
 License:        Artistic-1.0 OR GPL-1.0-or-later
-Group:          Development/Libraries/Perl
+Summary:        Provide https support for LWP::UserAgent
 URL:            https://metacpan.org/release/%{cpan_name}
-Source0:        https://cpan.metacpan.org/authors/id/O/OA/OALDERS/%{cpan_name}-%{version}.tar.gz
+Source0:        https://cpan.metacpan.org/authors/id/O/OA/OALDERS/%{cpan_name}-%{cpan_version}.tar.gz
 Source1:        cpanspec.yml
 Patch0:         %{cpan_name}-6.09-systemca.diff
-Patch1:         CVE-2014-3230.patch
 BuildArch:      noarch
-BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  perl
 BuildRequires:  perl-macros
-BuildRequires:  perl(IO::Socket::SSL) >= 1.54
+BuildRequires:  perl(IO::Socket::SSL) >= 1.970
 BuildRequires:  perl(IO::Socket::SSL::Utils)
 BuildRequires:  perl(LWP::Protocol::http)
 BuildRequires:  perl(LWP::UserAgent) >= 6.06
-#BuildRequires:  perl(Mozilla::CA) >= 20180117
 BuildRequires:  perl(Net::HTTPS) >= 6
 BuildRequires:  perl(Test::More) >= 0.96
+BuildRequires:  perl(Test::Needs) >= 0.002010
 BuildRequires:  perl(Test::RequiresInternet)
-Requires:       perl(IO::Socket::SSL) >= 1.54
+Requires:       perl(IO::Socket::SSL) >= 1.970
 Requires:       perl(LWP::Protocol::http)
 Requires:       perl(LWP::UserAgent) >= 6.06
-#Requires:       perl(Mozilla::CA) >= 20180117
 Requires:       perl(Net::HTTPS) >= 6
+Provides:       perl(LWP::Protocol::https) = 6.110.0
+Provides:       perl(LWP::Protocol::https::Socket) = 6.110.0
+%define         __perllib_provides /bin/true
 %{perl_requires}
 
 %description
@@ -66,13 +66,11 @@ their dependency on LWP::Protocol::https and will no longer need to know
 what underlying modules to install.
 
 %prep
-%setup -q -n %{cpan_name}-%{version}
-%patch0 -p1
-%patch1 -p1
+%autosetup  -n %{cpan_name}-%{cpan_version} -p1
 
 %build
 perl Makefile.PL INSTALLDIRS=vendor
-make %{?_smp_mflags}
+%make_build
 
 %check
 make test
@@ -83,7 +81,6 @@ make test
 %perl_gen_filelist
 
 %files -f %{name}.files
-%defattr(-,root,root,755)
 %doc Changes CONTRIBUTING.md
 %license LICENSE