[perl-YAML-LibYAML] Update to 0.54
Paul Howarth
pghmcfc at fedoraproject.org
Sun Nov 30 18:11:50 UTC 2014
commit b6c7bcd3567bd2009685b91ae20ab6f081353a5c
Author: Paul Howarth <paul at city-fan.org>
Date: Sun Nov 30 18:09:28 2014 +0000
Update to 0.54
- New upstream release 0.54
- Fix for an edge case in scanner that results in an assert() failing
(https://bitbucket.org/xi/libyaml/issue/10/wrapped-strings-cause-assert-failure)
- Drop upstreamed patches for CVE-2013-6393 and CVE-2014-2525
YAML-LibYAML-0.41-CVE-2013-6393.patch | 177 ---------------------------------
YAML-LibYAML-0.41-CVE-2014-2525.patch | 38 -------
perl-YAML-LibYAML.spec | 24 ++---
sources | 2 +-
4 files changed, 12 insertions(+), 229 deletions(-)
---
diff --git a/perl-YAML-LibYAML.spec b/perl-YAML-LibYAML.spec
index 651dbc8..8ea3994 100644
--- a/perl-YAML-LibYAML.spec
+++ b/perl-YAML-LibYAML.spec
@@ -1,14 +1,12 @@
Name: perl-YAML-LibYAML
-Version: 0.52
-Release: 3%{?dist}
+Version: 0.54
+Release: 1%{?dist}
Summary: Perl YAML Serialization using XS and libyaml
License: GPL+ or Artistic
Group: Development/Libraries
URL: http://search.cpan.org/dist/YAML-LibYAML/
Source0: http://search.cpan.org/CPAN/authors/id/I/IN/INGY/YAML-LibYAML-%{version}.tar.gz
Patch0: YAML-LibYAML-0.51-format-error.patch
-Patch1: YAML-LibYAML-0.41-CVE-2014-2525.patch
-Patch2: YAML-LibYAML-0.41-CVE-2013-6393.patch
# Install
BuildRequires: perl
@@ -57,12 +55,6 @@ bound to Python and was later bound to Ruby.
# Fix format string vulnerabilities (CVE-2012-1152, CPAN RT#46507)
%patch0
-# Fix LibYAML input sanitization errors (CVE-2014-2525)
-%patch1
-
-# Fix heap-based buffer overflow when parsing YAML tags (CVE-2013-6393)
-%patch2
-
%build
perl Makefile.PL INSTALLDIRS=vendor OPTIMIZE="%{optflags}"
make %{?_smp_mflags}
@@ -81,11 +73,17 @@ make test
%doc Changes CONTRIBUTING README
%{perl_vendorarch}/auto/YAML/
%{perl_vendorarch}/YAML/
-%{_mandir}/man3/YAML::LibYAML.3pm*
-%{_mandir}/man3/YAML::XS.3pm*
-%{_mandir}/man3/YAML::XS::LibYAML.3pm*
+%{_mandir}/man3/YAML::LibYAML.3*
+%{_mandir}/man3/YAML::XS.3*
+%{_mandir}/man3/YAML::XS::LibYAML.3*
%changelog
+* Sun Nov 30 2014 Paul Howarth <paul at city-fan.org> - 0.54-1
+- Update to 0.54
+ - Fix for an edge case in scanner that results in an assert() failing
+ (https://bitbucket.org/xi/libyaml/issue/10/wrapped-strings-cause-assert-failure)
+- Drop upstreamed patches for CVE-2013-6393 and CVE-2014-2525
+
* Tue Nov 18 2014 Jitka Plesnikova <jplesnik at redhat.com> - 0.52-3
- Update BRs (bz#1165198)
diff --git a/sources b/sources
index 2343d2b..08a917a 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-3f7fe918153c84e6947e0be5d838e9b1 YAML-LibYAML-0.52.tar.gz
+528f43de6174fecb471b69293c5eb8c3 YAML-LibYAML-0.54.tar.gz
More information about the scm-commits
mailing list