[perl-PAR/f16] CVE-2011-4114 for PAR renamed to CVE-2011-5060
Petr Pisar
ppisar at fedoraproject.org
Mon Jan 16 09:14:45 UTC 2012
commit 3065bf8e6ac90693bee483c870946aa4e3ddfeb4
Author: Petr Písař <ppisar at redhat.com>
Date: Mon Jan 16 10:13:34 2012 +0100
CVE-2011-4114 for PAR renamed to CVE-2011-5060
...114.patch => perl-PAR-1.002-CVE-2011-5060.patch | 2 +-
perl-PAR.spec | 6 +++---
2 files changed, 4 insertions(+), 4 deletions(-)
---
diff --git a/perl-PAR-1.002-CVE-2011-4114.patch b/perl-PAR-1.002-CVE-2011-5060.patch
similarity index 99%
rename from perl-PAR-1.002-CVE-2011-4114.patch
rename to perl-PAR-1.002-CVE-2011-5060.patch
index 4db8a94..2931223 100644
--- a/perl-PAR-1.002-CVE-2011-4114.patch
+++ b/perl-PAR-1.002-CVE-2011-5060.patch
@@ -1,4 +1,4 @@
-Fix CVE-2011-4114
+Fix CVE-2011-5060
From: r1305 | rschupp | 2011-11-28 17:39:44 +0100 (Po, 28 lis 2011) | 7 lines
RT #69560/CVE-2011-4114: PAR packed files are extracted to unsafe and
diff --git a/perl-PAR.spec b/perl-PAR.spec
index 23a6f2a..4df80ad 100644
--- a/perl-PAR.spec
+++ b/perl-PAR.spec
@@ -6,8 +6,8 @@ License: GPL+ or Artistic
Group: Development/Libraries
URL: http://search.cpan.org/dist/PAR/
Source0: http://www.cpan.org/authors/id/S/SM/SMUELLER/PAR-%{version}.tar.gz
-# Fix CVE-2011-4114, bug #760132, included in upstream 1.004.
-Patch0: perl-PAR-1.002-CVE-2011-4114.patch
+# Fix CVE-2011-5060, bug #760132, included in upstream 1.004.
+Patch0: perl-PAR-1.002-CVE-2011-5060.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildArch: noarch
BuildRequires: perl(Archive::Zip) >= 1
@@ -57,7 +57,7 @@ rm -rf $RPM_BUILD_ROOT
%changelog
* Thu Dec 01 2011 Petr Pisar <ppisar at redhat.com> - 1.002-5
-- Fix CVE-2011-4114 (insecure temporary directory handling) (bug #760132)
+- Fix CVE-2011-5060 (insecure temporary directory handling) (bug #760132)
* Tue Jul 19 2011 Petr Sabata <contyk at redhat.com> - 1.002-4
- Perl mass rebuild
More information about the perl-devel
mailing list