pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/www/ap2-perl



Module Name:    pkgsrc
Committed By:   adam
Date:           Tue Jun  4 13:48:40 UTC 2013

Modified Files:
        pkgsrc/www/ap2-perl: Makefile distinfo

Log Message:
Changes 2.0.8:

Perl 5.16.3's fix for a rehash-based DoS makes it more difficult to invoke
the workaround for the old hash collision attack, which breaks mod_perl's
t/perl/hash_attack.t. Patch from rt.cpan.org 83916 improves the fix
previously applied as revision 1455340.

On Perl 5.17.6 and above, hash seeding has changed, and HvREHASH has
disappeared. Patch to update mod_perl accordingly from rt.cpan.org 83921.

Restore build with Perl 5.8.1, 5.8.2 etc: take care to use
$Config{useithreads} rather than $Config{usethreads}, and supply definitions
of Newx and Newxz as necessary.

On Perl 5.17.9, t/apache/read2.t fails because an "uninitialized value"
warning is generated for the buffer being autovivified. This is because
the sv_setpvn() that's meant to vivify the buffer doesn't perform set
magic; the warning is generated by the immediately following SvPV_force().
Patch to fix this from rt.cpan.org 83922.

Fix t/perl/hash_attack.t to work with Perl 5.14.4, 5.16.3 etc, which
contain a fix for CVE-2013-1667 (memory exhaustion with arbitrary hash
keys). This resolves rt.perl.org 116863, from where the patch was taken.

use APR::Finfo instead of Perl's stat() in ModPerl::RegistryCooker to
generate HTTP code 404 even if the requested filename contains newlines

Remove all uses of deprecated core perl symbols.

Add branch release tag to 'make tag' target


To generate a diff of this commit:
cvs rdiff -u -r1.43 -r1.44 pkgsrc/www/ap2-perl/Makefile
cvs rdiff -u -r1.15 -r1.16 pkgsrc/www/ap2-perl/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.




Home | Main Index | Thread Index | Old Index