pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/www/ap2-perl
Module Name: pkgsrc
Committed By: adam
Date: Tue Jun 4 13:48:40 UTC 2013
Modified Files:
pkgsrc/www/ap2-perl: Makefile distinfo
Log Message:
Changes 2.0.8:
Perl 5.16.3's fix for a rehash-based DoS makes it more difficult to invoke
the workaround for the old hash collision attack, which breaks mod_perl's
t/perl/hash_attack.t. Patch from rt.cpan.org 83916 improves the fix
previously applied as revision 1455340.
On Perl 5.17.6 and above, hash seeding has changed, and HvREHASH has
disappeared. Patch to update mod_perl accordingly from rt.cpan.org 83921.
Restore build with Perl 5.8.1, 5.8.2 etc: take care to use
$Config{useithreads} rather than $Config{usethreads}, and supply definitions
of Newx and Newxz as necessary.
On Perl 5.17.9, t/apache/read2.t fails because an "uninitialized value"
warning is generated for the buffer being autovivified. This is because
the sv_setpvn() that's meant to vivify the buffer doesn't perform set
magic; the warning is generated by the immediately following SvPV_force().
Patch to fix this from rt.cpan.org 83922.
Fix t/perl/hash_attack.t to work with Perl 5.14.4, 5.16.3 etc, which
contain a fix for CVE-2013-1667 (memory exhaustion with arbitrary hash
keys). This resolves rt.perl.org 116863, from where the patch was taken.
use APR::Finfo instead of Perl's stat() in ModPerl::RegistryCooker to
generate HTTP code 404 even if the requested filename contains newlines
Remove all uses of deprecated core perl symbols.
Add branch release tag to 'make tag' target
To generate a diff of this commit:
cvs rdiff -u -r1.43 -r1.44 pkgsrc/www/ap2-perl/Makefile
cvs rdiff -u -r1.15 -r1.16 pkgsrc/www/ap2-perl/distinfo
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Home |
Main Index |
Thread Index |
Old Index