update to perl-5.12.3-RC1, fix CGI injection bugs

OBS-URL: https://build.opensuse.org/package/show/devel:languages:perl/perl?expand=0&rev=53

perl-5.12.2.tar.bz2

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:a999e0a0312fe20410a62d52fe5a290bb92e1c9bebf35f0d29c3293ded9628da
-size 12349312

perl-5.12.3-RC1.tar.bz2

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:5a82268951b0957a823f9104e3077e64aae5b856b0bba76ea7becfdbc2d9fe20
+size 12045720

perl-cgi-injection.diff

@@ -0,0 +1,39 @@
+--- ./cpan/CGI/lib/CGI.pm.orig	2010-05-07 13:34:10.000000000 +0000
++++ ./cpan/CGI/lib/CGI.pm	2011-01-12 11:35:33.000000000 +0000
+@@ -1457,7 +1457,13 @@ END_OF_FUNC
+ sub multipart_init {
+     my($self,@p) = self_or_default(@_);
+     my($boundary,@other) = rearrange_header([BOUNDARY],@p);
+-    $boundary = $boundary || '------- =_aaaaaaaaaa0';
++    if (!$boundary) {
++       $boundary = '------- =_';
++       my @chrs = ('0'..'9', 'A'..'Z', 'a'..'z');
++       for (1..17) {
++	   $boundary .= $chrs[rand(scalar @chrs)];
++       }
++    }
+     $self->{'separator'} = "$CRLF--$boundary$CRLF";
+     $self->{'final_separator'} = "$CRLF--$boundary--$CRLF";
+     $type = SERVER_PUSH($boundary);
+@@ -1545,10 +1551,17 @@ sub header {
+     # CR escaping for values, per RFC 822
+     for my $header ($type,$status,$cookie,$target,$expires,$nph,$charset,$attachment,$p3p,@other) {
+         if (defined $header) {
+-            $header =~ s/
+-                (?<=\n)    # For any character proceeded by a newline
+-                (?=\S)     # ... that is not whitespace
+-            / /xg;         # ... inject a leading space in the new line
++            # From RFC 822:
++            # Unfolding  is  accomplished  by regarding   CRLF   immediately
++            # followed  by  a  LWSP-char  as equivalent to the LWSP-char.
++            $header =~ s/$CRLF(\s)/$1/g;
++
++            # All other uses of newlines are invalid input. 
++            if ($header =~ m/$CRLF|\015|\012/) {
++                # shorten very long values in the diagnostic
++                $header = substr($header,0,72).'...' if (length $header > 72);
++                die "Invalid header value contains a newline not followed by whitespace: $header";
++            }
+         }
+     }
+ 

perl.changes

@@ -1,3 +1,12 @@
+-------------------------------------------------------------------
+Fri Jan 14 18:04:16 CET 2011 - mls@suse.de
+
+- update to perl-5.12.3-RC1
+  * bug fix only release
+  * lvalue sub return values are now COW
+- fix CGI injection bugs, CVE-2010-2761, CVE-2010-4410,
+  CVE-2010-4411 [bnc#657343]
+
 -------------------------------------------------------------------
 Tue Nov 30 10:23:06 UTC 2010 - coolo@novell.com
 

perl.spec

@@ -20,14 +20,14 @@
 
 Name:           perl
 Summary:        The Perl interpreter
-Version:        5.12.2
+Version:        5.12.3
 Release:        4
-%define pversion 5.12.2
+%define pversion 5.12.3
 License:        Artistic License .. ; GPLv2+
 Group:          Development/Languages/Perl
 AutoReqProv:    on
 Url:            http://www.perl.org/
-Source:         perl-5.12.2.tar.bz2
+Source:         perl-5.12.3-RC1.tar.bz2
 Source1:        %name-rpmlintrc
 Source2:        macros.perl
 Source3:        README.macros
@@ -42,6 +42,7 @@ Patch7:         perl-Fatal.diff
 Patch8:         perl-constprint.diff
 Patch9:         perl-h2ph.diff
 Patch10:        perl-HiRes.t-timeout.diff
+Patch11:        perl-cgi-injection.diff
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 PreReq:         perl-base = %version
 #PreReq:         %fillup_prereq
@@ -126,7 +127,7 @@ BuildArch:      noarch
 Perl man pages and pod files.
 
 %prep
-%setup -q -n perl-5.12.2
+%setup -q -n perl-5.12.3-RC1
 cp -p %{S:3} .
 %patch0
 %patch1
@@ -140,6 +141,7 @@ cp -p %{S:3} .
 %patch8
 %patch9
 %patch10 -p1
+%patch11
 
 %build
 cp -a lib savelib