diff --git a/perl-5.30.1.tar.xz b/perl-5.30.1.tar.xz deleted file mode 100644 index fa93a44..0000000 --- a/perl-5.30.1.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:7336cd3ed0535eb61b76a71350effcfa7c88b44faf37d64d70952ced5d38cd35 -size 12367844 diff --git a/perl-5.30.3.tar.xz b/perl-5.30.3.tar.xz new file mode 100644 index 0000000..256d602 --- /dev/null +++ b/perl-5.30.3.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:6967595f2e3f3a94544c35152f9a25e0cb8ea24ae45f4bf1882f2e33f4a400f4 +size 12375128 diff --git a/perl-Adapt-Configure-to-GCC-version-10.patch b/perl-Adapt-Configure-to-GCC-version-10.patch deleted file mode 100644 index ba88491..0000000 --- a/perl-Adapt-Configure-to-GCC-version-10.patch +++ /dev/null @@ -1,100 +0,0 @@ -From 6bd6308fcea3541e505651bf8e8127a4a03d22cd Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= -Date: Tue, 12 Nov 2019 09:19:18 +0100 -Subject: [PATCH] Adapt Configure to GCC version 10 - -I got a notice from Jeff Law : - - Your particular package fails its testsuite. This was ultimately - tracked down to a Configure problem. The perl configure script treated - gcc-10 as gcc-1 and turned on -fpcc-struct-return. This is an ABI - changing flag and caused Perl to not be able to interact properly with - the dbm libraries on the system leading to a segfault. - -His proposed patch corrected only this one instance of the version -mismatch. Reading the Configure script revealed more issues. This -patch fixes all of them I found. - ---- - Configure | 14 +++++++------- - cflags.SH | 2 +- - 2 files changed, 8 insertions(+), 8 deletions(-) - -diff --git a/Configure b/Configure -index 684a9c0..7a8dbef 100755 ---- a/Configure -+++ b/Configure -@@ -4696,7 +4696,7 @@ else - fi - $rm -f try try.* - case "$gccversion" in --1*) cpp=`./loc gcc-cpp $cpp $pth` ;; -+1.*) cpp=`./loc gcc-cpp $cpp $pth` ;; - esac - case "$gccversion" in - '') gccosandvers='' ;; -@@ -4736,7 +4736,7 @@ esac - # gcc 3.* complain about adding -Idirectories that they already know about, - # so we will take those off from locincpth. - case "$gccversion" in --3*) -+3.*) - echo "main(){}">try.c - for incdir in $locincpth; do - warn=`$cc $ccflags -I$incdir -c try.c 2>&1 | \ -@@ -5462,13 +5462,13 @@ fi - case "$hint" in - default|recommended) - case "$gccversion" in -- 1*) dflt="$dflt -fpcc-struct-return" ;; -+ 1.*) dflt="$dflt -fpcc-struct-return" ;; - esac - case "$optimize:$DEBUGGING" in - *-g*:old) dflt="$dflt -DDEBUGGING";; - esac - case "$gccversion" in -- 2*) if $test -d /etc/conf/kconfig.d && -+ 2.*) if $test -d /etc/conf/kconfig.d && - $contains _POSIX_VERSION $usrinc/sys/unistd.h >/dev/null 2>&1 - then - # Interactive Systems (ISC) POSIX mode. -@@ -5477,7 +5477,7 @@ default|recommended) - ;; - esac - case "$gccversion" in -- 1*) ;; -+ 1.*) ;; - 2.[0-8]*) ;; - ?*) set strict-aliasing -fno-strict-aliasing - eval $checkccflag -@@ -5595,7 +5595,7 @@ case "$cppflags" in - ;; - esac - case "$gccversion" in --1*) cppflags="$cppflags -D__GNUC__" -+1.*) cppflags="$cppflags -D__GNUC__" - esac - case "$mips_type" in - '');; -@@ -23180,7 +23180,7 @@ fi - - : add -D_FORTIFY_SOURCE if feasible and not already there - case "$gccversion" in --[456789].*) case "$optimize$ccflags" in -+[456789].*|[1-9][0-9]*) case "$optimize$ccflags" in - *-O*) case "$ccflags$cppsymbols" in - *_FORTIFY_SOURCE=*) # Don't add it again. - echo "You seem to have -D_FORTIFY_SOURCE already, not adding it." >&4 -diff --git a/cflags.SH b/cflags.SH -index e60742f..f1bcd6c 100755 ---- a/cflags.SH -+++ b/cflags.SH -@@ -156,7 +156,7 @@ esac - - case "$gccversion" in - '') ;; --[12]*) ;; # gcc versions 1 (gasp!) and 2 are not good for this. -+[12].*) ;; # gcc versions 1 (gasp!) and 2 are not good for this. - Intel*) ;; # # Is that you, Intel C++? - # - # NOTE 1: the -std=c89 without -pedantic is a bit pointless. diff --git a/perl.changes b/perl.changes index 81f52ea..4c577d0 100644 --- a/perl.changes +++ b/perl.changes @@ -1,3 +1,18 @@ +------------------------------------------------------------------- +Fri Sep 11 15:35:00 UTC 2020 - Dirk Mueller + +- update to 5.30.3 (bsc#1171863, bsc#1171864, bsc#1171866): + * https://perldoc.perl.org/5.30.3/perl5302delta.html + * https://perldoc.perl.org/5.30.3/perldelta.html + * fixes [CVE-2020-10543] buffer overflow caused by a crafted + regular expression + * fixes [CVE-2020-10878] integer overflow via malformed bytecode + produced by a crafted regular expression + * fixes [CVE-2020-12723] buffer overflow caused by a crafted + regular expression +- dropped patches: + * perl-Adapt-Configure-to-GCC-version-10.patch + ------------------------------------------------------------------- Wed Aug 5 09:19:11 UTC 2020 - Thorsten Kukuk diff --git a/perl.spec b/perl.spec index 88fdc78..e4a6c48 100644 --- a/perl.spec +++ b/perl.spec @@ -16,10 +16,10 @@ # -%define pversion 5.30.1 -%global versionlist %nil +%define pversion 5.30.3 +%global versionlist 5.30.1 Name: perl -Version: 5.30.1 +Version: 5.30.3 Release: 0 Summary: The Perl interpreter License: Artistic-1.0 OR GPL-2.0-or-later @@ -49,8 +49,6 @@ Patch15: perl-gdbm-test-no-mmap.diff Patch17: perl-fix2020.patch # PATCH-FIX-UPSTREAM unmerged https://www.nntp.perl.org/group/perl.perl5.porters/2018/12/msg253240.html Patch18: perl-reproducible2.patch -# PATCH-FIX-UPSTREAM https://github.com/Perl/perl5/commit/6bd6308fcea3541e505651bf8e8127a4a03d22cd Fix detection of GCC 10 compiler and later -Patch19: perl-Adapt-Configure-to-GCC-version-10.patch BuildRequires: db-devel BuildRequires: gdbm-devel BuildRequires: libbz2-devel @@ -62,6 +60,7 @@ Suggests: perl-doc = %{version} Provides: perl-500 Provides: perl-Filter-Simple = 0.95 Provides: perl(:MODULE_COMPAT_%{pversion}) +Provides: perl(:MODULE_COMPAT_5.30.1) Obsoletes: perl-Filter-Simple <= 0.95 Provides: perl-I18N-LangTags = 0.43 Obsoletes: perl-I18N-LangTags <= 0.43 @@ -185,7 +184,6 @@ cp -p %{SOURCE3} . %patch15 %patch17 %patch18 -%patch19 -p1 %build %define _lto_cflags %{nil}