[perl-Module-Signature] Update to 0.73
Paul Howarth
pghmcfc at fedoraproject.org
Fri Jun 7 18:09:36 UTC 2013
commit 6e82801dba0654c3af0e6f4e0c923f0241cc59a8
Author: Paul Howarth <paul at city-fan.org>
Date: Fri Jun 7 19:08:44 2013 +0100
Update to 0.73
- New upstream release 0.73
- Constrain the user-specified digest name to /^\w+\d+$/
- Only allow loading Digest::* from absolute paths in @INC (CVE-2013-2145)
perl-Module-Signature.spec | 11 ++++++++---
sources | 2 +-
2 files changed, 9 insertions(+), 4 deletions(-)
---
diff --git a/perl-Module-Signature.spec b/perl-Module-Signature.spec
index 1a6df26..5d589af 100644
--- a/perl-Module-Signature.spec
+++ b/perl-Module-Signature.spec
@@ -1,6 +1,6 @@
Name: perl-Module-Signature
-Version: 0.70
-Release: 2%{?dist}
+Version: 0.73
+Release: 1%{?dist}
Summary: CPAN signature management utilities and modules
Group: Development/Libraries
License: CC0
@@ -20,12 +20,12 @@ BuildRequires: perl(Digest::SHA)
BuildRequires: perl(Digest::SHA1)
BuildRequires: perl(Exporter)
BuildRequires: perl(ExtUtils::Manifest)
+BuildRequires: perl(File::Spec)
BuildRequires: perl(IO::Socket::INET)
BuildRequires: perl(Text::Diff)
# Test suite
BuildRequires: perl(Data::Dumper)
BuildRequires: perl(File::Path)
-BuildRequires: perl(File::Spec)
BuildRequires: perl(Getopt::Long)
BuildRequires: perl(IPC::Run)
BuildRequires: perl(lib)
@@ -85,6 +85,11 @@ rm -rf %{buildroot}
%{_mandir}/man3/Module::Signature.3pm*
%changelog
+* Fri Jun 7 2013 Paul Howarth <paul at city-fan.org> - 0.73-1
+- Update to 0.73
+ - Constrain the user-specified digest name to /^\w+\d+$/
+ - Only allow loading Digest::* from absolute paths in @INC (CVE-2013-2145)
+
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.70-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
diff --git a/sources b/sources
index 1eaa3d4..4ff8323 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-c13eabb8c2e6b12fd098710a81185ac6 Module-Signature-0.70.tar.gz
+de27bbca948ba8a13a7f614414cb623d Module-Signature-0.73.tar.gz
More information about the perl-devel
mailing list