Accepting request 494775 from home:coolo:branches:openSUSE:Factory

- Fix building with zlib-1.2.10 (RT#119762): * Compress-Raw-Zlib-2.071-Adapt-tests-to-zlib-1.2.11.patch - Update to perl-5.24.1 -Di switch is now required for PerlIO debugging output Previously PerlIO debugging output would be sent to the file specified by the "PERLIO_DEBUG" environment variable if perl wasn't running setuid and the -T or -t switches hadn't been parsed yet. If perl performed output at a point where it hadn't yet parsed its switches this could result in perl creating or overwriting the file named by "PERLIO_DEBUG" even when the -T switch had been supplied. Perl now requires the -Di switch to produce PerlIO debugging output. By default this is written to "stderr", but can optionally be redirected to a file by setting the "PERLIO_DEBUG" environment variable. If perl is running setuid or the -T switch was supplied "PERLIO_DEBUG" is ignored and the debugging output is sent to "stderr" as for any other -D switch. Core modules and tools no longer search "." for optional modules The tools and many modules supplied in core no longer search the default current directory entry in @INC for optional modules. For example, Storable will remove the final "." from @INC before trying to load Log::Agent. This prevents an attacker injecting an optional module into a process run by another user where the current directory is writable by the attacker, e.g. the /tmp directory. - Refresh patches OBS-URL: https://build.opensuse.org/request/show/494775 OBS-URL: https://build.opensuse.org/package/show/devel:languages:perl/perl?expand=0&rev=148
2017-05-17 10:00:29 +00:00
parent 9ea3534c08
commit 73e2f4545b
14 changed files with 441 additions and 260 deletions
--- a/perl.changes
+++ b/perl.changes
@@ -1,3 +1,43 @@
+-------------------------------------------------------------------
+Wed May 10 13:52:26 UTC 2017 - mpluskal@suse.com
+
+- Fix building with zlib-1.2.10 (RT#119762):
+  * Compress-Raw-Zlib-2.071-Adapt-tests-to-zlib-1.2.11.patch
+
+-------------------------------------------------------------------
+Wed May  3 13:51:56 UTC 2017 - coolo@suse.com
+
+- Update to perl-5.24.1
+
+  -Di switch is now required for PerlIO debugging output
+    Previously PerlIO debugging output would be sent to the file specified
+    by the "PERLIO_DEBUG" environment variable if perl wasn't running setuid
+    and the -T or -t switches hadn't been parsed yet.
+
+    If perl performed output at a point where it hadn't yet parsed its
+    switches this could result in perl creating or overwriting the file
+    named by "PERLIO_DEBUG" even when the -T switch had been supplied.
+
+    Perl now requires the -Di switch to produce PerlIO debugging output. By
+    default this is written to "stderr", but can optionally be redirected to
+    a file by setting the "PERLIO_DEBUG" environment variable.
+
+    If perl is running setuid or the -T switch was supplied "PERLIO_DEBUG"
+    is ignored and the debugging output is sent to "stderr" as for any other
+    -D switch.
+
+  Core modules and tools no longer search "." for optional modules
+    The tools and many modules supplied in core no longer search the default
+    current directory entry in @INC for optional modules. For example,
+    Storable will remove the final "." from @INC before trying to load
+    Log::Agent.
+
+    This prevents an attacker injecting an optional module into a process
+    run by another user where the current directory is writable by the
+    attacker, e.g. the /tmp directory.
+
+- Refresh patches
+
 -------------------------------------------------------------------
 Sun Jun 26 08:45:05 UTC 2016 - schwab@suse.de