pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: [pkgsrc-2025Q1] pkgsrc/lang/perl5
Module Name: pkgsrc
Committed By: maya
Date: Mon Apr 14 13:06:38 UTC 2025
Modified Files:
pkgsrc/lang/perl5 [pkgsrc-2025Q1]: Makefile.common distinfo
Log Message:
Pullup ticket #6958 - requested by wiz
lang/perl5: Security fix
Revisions pulled up:
- lang/perl5/Makefile.common 1.51
- lang/perl5/distinfo 1.189
---
Module Name: pkgsrc
Committed By: wiz
Date: Mon Apr 14 05:26:48 UTC 2025
Modified Files:
pkgsrc/lang/perl5: Makefile.common distinfo
Log Message:
perl: update to 5.40.2.
[CVE-2024-56406] Heap buffer overflow vulnerability with tr//
A heap buffer overflow vulnerability was discovered in Perl.
When there are non-ASCII bytes in the left-hand-side of the C<tr> operator,
C<S_do_trans_invmap()> can overflow the destination pointer C<d>.
$ perl -e '$_ = "\x{FF}" x 1000000; tr/\xFF/\x{100}/;'
Segmentation fault (core dumped)
It is believed that this vulnerability can enable Denial of Service or
Arbitrary Code Execution attacks on platforms that lack sufficient defenses.
Discovered by: Nathan Mills.
<Module::CoreList> has been upgraded from version 5.20250118_40 to 5.20250413_40.
To generate a diff of this commit:
cvs rdiff -u -r1.50 -r1.50.2.1 pkgsrc/lang/perl5/Makefile.common
cvs rdiff -u -r1.188 -r1.188.2.1 pkgsrc/lang/perl5/distinfo
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/lang/perl5/Makefile.common
diff -u pkgsrc/lang/perl5/Makefile.common:1.50 pkgsrc/lang/perl5/Makefile.common:1.50.2.1
--- pkgsrc/lang/perl5/Makefile.common:1.50 Tue Feb 11 12:30:15 2025
+++ pkgsrc/lang/perl5/Makefile.common Mon Apr 14 13:06:38 2025
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile.common,v 1.50 2025/02/11 12:30:15 ryoon Exp $
+# $NetBSD: Makefile.common,v 1.50.2.1 2025/04/14 13:06:38 maya Exp $
#
# used by lang/perl5/Makefile
# used by databases/p5-gdbm/Makefile
-DISTNAME= perl-5.40.1
+DISTNAME= perl-5.40.2
CATEGORIES= lang devel perl5
MASTER_SITES= ${MASTER_SITE_PERL_CPAN:S,/modules/by-module/$,/src/5.0/,}
DISTFILES+= ${DISTNAME}${EXTRACT_SUFX}
Index: pkgsrc/lang/perl5/distinfo
diff -u pkgsrc/lang/perl5/distinfo:1.188 pkgsrc/lang/perl5/distinfo:1.188.2.1
--- pkgsrc/lang/perl5/distinfo:1.188 Tue Feb 18 11:49:55 2025
+++ pkgsrc/lang/perl5/distinfo Mon Apr 14 13:06:38 2025
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.188 2025/02/18 11:49:55 wiz Exp $
+$NetBSD: distinfo,v 1.188.2.1 2025/04/14 13:06:38 maya Exp $
-BLAKE2s (perl-5.40.1.tar.xz) = 8991d9896844fcdedf79c1c001785605f1e17969dc942f4c248fb1403a0a3556
-SHA512 (perl-5.40.1.tar.xz) = 3ff16b3462ce43ff38dab21b3dfc20f81772b8c9eac19ab96ba2d5e6cbb390e2302fa76c4879f915249357cd11c7ec0d548bcbf3ab2c156df1b9fca95da3f545
-Size (perl-5.40.1.tar.xz) = 13930924 bytes
+BLAKE2s (perl-5.40.2.tar.xz) = 0d924b3c48afb28b02dee7e250ee79f6c1993333e34d4cee5de16476f81fd224
+SHA512 (perl-5.40.2.tar.xz) = 1324b119e4370bbeb47a343d152f46c637addb0373ff07f0e214aa9d5912c03cd2bd23987a6e86d43453166412d3a03a52e780201941f679ef4186df16590e41
+Size (perl-5.40.2.tar.xz) = 13923524 bytes
SHA1 (patch-Configure) = f3bd324a90254405b3ce8e29846b4ddc9ebf7d73
SHA1 (patch-Makefile.SH) = 56203aea57c429a94760f039a978463b8859b0a9
SHA1 (patch-builtin.c) = 7ac5821ab3f4c9ae29d2cbe9db0407560aee2328
Home |
Main Index |
Thread Index |
Old Index