perl-devel October 2015

perl-devel@lists.fedoraproject.org

8 participants
1309 discussions

[Bug 1209917] New: perl-Module-Signature: arbitrary code execution when verifying module signatures
by Red Hat Bugzilla 21 Jan '16

21 Jan '16

https://bugzilla.redhat.com/show_bug.cgi?id=1209917 Bug ID: 1209917 Summary: perl-Module-Signature: arbitrary code execution when verifying module signatures Product: Security Response Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team(a)redhat.com Reporter: vkaigoro(a)redhat.com CC: paul(a)city-fan.org, perl-devel(a)lists.fedoraproject.org, perl-maint-list(a)redhat.com, pertusus(a)free.fr Module::Signature before version 0.75 used two argument open() calls to read the files when generating checksums from the signed manifest. This allowed embedding arbitrary shell commands into the SIGNATURE file that would execute during the signature verification process. Upstream fix: https://github.com/audreyt/module-signature/commit/8a9164596fa5952d4fbcde5a… CVE request: http://seclists.org/oss-sec/2015/q2/59 -- You are receiving this mail because: You are on the CC list for the bug.

1 18

[Bug 1209911] New: perl-Module-Signature: unsigned files interpreted as signed in some circumstances
by Red Hat Bugzilla 21 Jan '16

21 Jan '16

https://bugzilla.redhat.com/show_bug.cgi?id=1209911 Bug ID: 1209911 Summary: perl-Module-Signature: unsigned files interpreted as signed in some circumstances Product: Security Response Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team(a)redhat.com Reporter: vkaigoro(a)redhat.com CC: paul(a)city-fan.org, perl-devel(a)lists.fedoraproject.org, perl-maint-list(a)redhat.com, pertusus(a)free.fr Module::Signature before version 0.75 could be tricked into interpreting the unsigned portion of a SIGNATURE file as the signed portion due to faulty parsing of the PGP signature boundaries. Upstream fix: https://github.com/audreyt/module-signature/commit/8a9164596fa5952d4fbcde5a… CVE request: http://seclists.org/oss-sec/2015/q2/59 -- You are receiving this mail because: You are on the CC list for the bug.

1 16

[Bug 860445] New: RFE - please maintain perl-Curses-UI for EPEL
by Red Hat Bugzilla 11 Jan '16

11 Jan '16

https://bugzilla.redhat.com/show_bug.cgi?id=860445 Bug ID: 860445 QA Contact: extras-qa(a)fedoraproject.org Severity: unspecified Version: rawhide Priority: unspecified CC: david.hannequin(a)gmail.com, perl-devel(a)lists.fedoraproject.org Assignee: david.hannequin(a)gmail.com Summary: RFE - please maintain perl-Curses-UI for EPEL Regression: --- Story Points: --- Classification: Fedora OS: Unspecified Reporter: admiller(a)redhat.com Type: Bug Documentation: --- Hardware: Unspecified Mount Type: --- Status: NEW Component: perl-Curses-UI Product: Fedora I would like to request perl-Curses-UI be maintained within EPEL, if you would prefer not to then I would happily do so. Thank you, -AdamM -- You are receiving this mail because: You are on the CC list for the bug.

1 2

[Bug 1231204] New: perl-Data-Dump-Streamer-2.38-4.fc23: FTBFS with Perl 5.22
by Red Hat Bugzilla 24 Dec '15

24 Dec '15

https://bugzilla.redhat.com/show_bug.cgi?id=1231204 Bug ID: 1231204 Summary: perl-Data-Dump-Streamer-2.38-4.fc23: FTBFS with Perl 5.22 Product: Fedora Version: rawhide Component: perl-Data-Dump-Streamer Assignee: psabata(a)redhat.com Reporter: jplesnik(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: iarnell(a)gmail.com, perl-devel(a)lists.fedoraproject.org, psabata(a)redhat.com External Bug ID: CPAN 102369 External Bug ID: CPAN 102369 Created attachment 1038027 --> https://bugzilla.redhat.com/attachment.cgi?id=1038027&action=edit Build log The build of perl-Data-Dump-Streamer failed during Perl 5.22 mass rebuild with following errors: Subroutine B::OP::parent redefined at /usr/lib64/perl5/vendor_perl/B/Utils.pm line 186. # Failed test 'data slots (glob/FORMAT)' # at t/test_helper.pl line 114. # Failed test 'data slots (ref/FORMAT)' # at t/test_helper.pl line 114. # Error: # data slots (blessed FORMAT) subtest Expected failed to return the expected result: # Expected Result # 1 = # format F = | # format F = # 2 = # vec($_,@#,@#) = @<< == @######### @>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | # vec($_,@#,@#) = @<< == @######### @>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> # 3 ! # $off, $width, $bits, $val, $res * # use warnings; # 4 + > # ; $off, $width, $bits, $val, $res # 5 = # vec($_,@#,@#) = @<< == @######### @>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | # vec($_,@#,@#) = @<< == @######### @>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> # 6 = # $off, $width, $bits, $val, $res | # $off, $width, $bits, $val, $res Got <<'EXPECT'; $Thank_YSTH1 = bless( do{ local *F; my $F=<<'_EOF_FORMAT_'; $F=~s/^\s+# //mg; eval $F; die $F.$@ if $@; *F{FORMAT}; # format F = # vec($_,@#,@#) = @<< == @######### @>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> # use warnings; # ; $off, $width, $bits, $val, $res # vec($_,@#,@#) = @<< == @######### @>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> # $off, $width, $bits, $val, $res # . _EOF_FORMAT_ }, 'Thank::YSTH' ); EXPECT # Failed test 'data slots (blessed FORMAT)' # at t/test_helper.pl line 561. # Looks like you failed 3 tests of 19. t/globtest.t ........ # Failed test '' # at t/test_helper.pl line 114. # Looks like you failed 1 test of 7. t/madness.t ......... Subroutine B::OP::parent redefined at /usr/lib64/perl5/vendor_perl/B/Utils.pm line 186. # Failed test '' # at t/test_helper.pl line 114. # Looks like you failed 1 test of 7. t/madness_json.t .... -- You are receiving this mail because: You are on the CC list for the bug.

1 6

[Bug 1265702] New: Upgrade perl-Encode-JISX0213 to 0.04
by Red Hat Bugzilla 22 Dec '15

22 Dec '15

https://bugzilla.redhat.com/show_bug.cgi?id=1265702 Bug ID: 1265702 Summary: Upgrade perl-Encode-JISX0213 to 0.04 Product: Fedora Version: rawhide Component: perl-Encode-JISX0213 Keywords: FutureFeature Assignee: ppisar(a)redhat.com Reporter: ppisar(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: jplesnik(a)redhat.com, perl-devel(a)lists.fedoraproject.org, ppisar(a)redhat.com, psabata(a)redhat.com Latest Fedora delivers 0.03 version. Upstream released 0.04. Please upgrade. -- You are receiving this mail because: You are on the CC list for the bug.

1 1

[Bug 1222327] New: bugzilla-4.2.13-1.fc20: invalid utf-8 emails
by Red Hat Bugzilla 22 Dec '15

22 Dec '15

https://bugzilla.redhat.com/show_bug.cgi?id=1222327 Bug ID: 1222327 Summary: bugzilla-4.2.13-1.fc20: invalid utf-8 emails Product: Fedora Version: 20 Component: bugzilla Assignee: itamar(a)ispbrasil.com.br Reporter: dushistov(a)gmail.com QA Contact: extras-qa(a)fedoraproject.org CC: bazanluis20(a)gmail.com, emmanuel(a)seyman.fr, itamar(a)ispbrasil.com.br, perl-devel(a)lists.fedoraproject.org Created attachment 1026475 --> https://bugzilla.redhat.com/attachment.cgi?id=1026475&action=edit patch to fix problem Description of problem: I set preference of bugzilla to send email notifications in utf-8 encoding. But in email that send bugzilla to me, was just: "Content-Type: text/plain" and "Content-Type: text/html" no note about encoding, so email client do not show message at all. Version-Release number of selected component (if applicable): bugzilla-4.2.13-1.fc20.noarch How reproducible: Steps to Reproduce: 1. set utf-8 preference 2. create bug and submit update with not English letters 3. Actual results: email notification is useless in bugzilla Expected results: I can see content of emails that send bugzilla to me. Additional info: I fixed this problem by patch (see attachment), part of it I borrow from trunk/master of bugzilla. -- You are receiving this mail because: You are on the CC list for the bug.

1 5

[Bug 1265601] New: Biber crashes on unicode characters
by Red Hat Bugzilla 21 Dec '15

21 Dec '15

https://bugzilla.redhat.com/show_bug.cgi?id=1265601 Bug ID: 1265601 Summary: Biber crashes on unicode characters Product: Fedora Version: 22 Component: biber Assignee: cbm(a)m.fsf.org Reporter: gregoire(a)fripost.org QA Contact: extras-qa(a)fedoraproject.org CC: cbm(a)m.fsf.org, mefoster(a)gmail.com, novyjindrich(a)gmail.com, perl-devel(a)lists.fedoraproject.org Created attachment 1076155 --> https://bugzilla.redhat.com/attachment.cgi?id=1076155&action=edit Bib file that shows the problem Description of problem: If some unicode characters are present in the .bib file, biber crashes without explanation. Version-Release number of selected component (if applicable): biber 1.8 How reproducible: Easy Steps to Reproduce: 1. Save attached test.bib somewhere 2. run biber --tool bad.bib Actual results: biber stops with exitcode 25 after logging "INFO - Found BibTeX data source 'bad.bib'" and the generated bad_bibertool.bib is empty Expected results: Biber should finish without error and the output file should contain the entry. Using the attached good.bib works, where only the unicode charaters have been removed. Additional info: The same thing happens if biber is not run in --tool mode but in the process of building a document with latex. -- You are receiving this mail because: You are on the CC list for the bug.

1 6

[Bug 1271121] New: Upgrade perl-Starlet to 0.26
by Red Hat Bugzilla 18 Dec '15

18 Dec '15

https://bugzilla.redhat.com/show_bug.cgi?id=1271121 Bug ID: 1271121 Summary: Upgrade perl-Starlet to 0.26 Product: Fedora Version: rawhide Component: perl-Starlet Keywords: FutureFeature Assignee: rc040203(a)freenet.de Reporter: ppisar(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: perl-devel(a)lists.fedoraproject.org, rc040203(a)freenet.de Latest Fedora delivers 0.25 version. Upstream released 0.26. Please upgrade. Also please enable release monitoring service to receive notification about future releases. -- You are receiving this mail because: You are on the CC list for the bug.

1 11

[Bug 1271117] New: Upgrade perl-HTML-Format to 2.12
by Red Hat Bugzilla 18 Dec '15

18 Dec '15

https://bugzilla.redhat.com/show_bug.cgi?id=1271117 Bug ID: 1271117 Summary: Upgrade perl-HTML-Format to 2.12 Product: Fedora Version: rawhide Component: perl-HTML-Format Keywords: FutureFeature Assignee: rc040203(a)freenet.de Reporter: ppisar(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: lxtnow(a)gmail.com, perl-devel(a)lists.fedoraproject.org, rc040203(a)freenet.de Latest Fedora delivers 2.11 version. Upstream release 2.12. Please upgrade. Also please enable release monitoring service to receive notifications about future releases. -- You are receiving this mail because: You are on the CC list for the bug.

1 8

[Bug 1265701] New: Upgrade perl-Encode-JIS2K to 0.03
by Red Hat Bugzilla 15 Dec '15

15 Dec '15

https://bugzilla.redhat.com/show_bug.cgi?id=1265701 Bug ID: 1265701 Summary: Upgrade perl-Encode-JIS2K to 0.03 Product: Fedora Version: rawhide Component: perl-Encode-JIS2K Keywords: FutureFeature Assignee: xavier(a)bachelot.org Reporter: ppisar(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: perl-devel(a)lists.fedoraproject.org, xavier(a)bachelot.org Latest Fedora delivers 0.02 version. Upstream released 0.03. Please upgrade. Also please enable release monitoring service to receive notifications about future releases. -- You are receiving this mail because: You are on the CC list for the bug.

1 1

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

perl-devel October 2015