[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Help with Perl security update

From: Leo Famulari
Subject: Help with Perl security update
Date: Mon, 25 Jul 2016 16:00:09 -0400
User-agent: Mutt/1.6.0 (2016-04-01)

I'm trying to patch our Perl package against CVE-2016-1238 and 


This patch uses a graft to apply new patches which are composed of
commits from the 'maint-5.22' branch of

Unfortunately, some of the changes related to CVE-2016-1238 don't apply
to our Perl source code. There are several '.rej' files that look like

--- dist/PathTools/lib/File/
+++ dist/PathTools/lib/File/
@@ -3,7 +3,7 @@ package File::Spec;
 use strict;
 use vars qw(@ISA $VERSION);
-$VERSION = '3.56_01';
+$VERSION = '3.56_02';
 $VERSION =~ tr/_//;
 my %module = (MacOS   => 'Mac',

Any advice?

By the way, I found that we never removed (replacement #f) from
perl-boot0 after removing the previous Perl graft.

Leo Famulari (1):
  gnu: perl: Fix CVE-2016-{1238,6185}.

 gnu/                                  |    2 + 
 gnu/packages/patches/perl-CVE-2016-1238.patch | 3673 +++++++++++++++++++++++++
 gnu/packages/patches/perl-CVE-2016-6185.patch |  208 ++
 gnu/packages/perl.scm                         |   24 +
 4 files changed, 3907 insertions(+)
 create mode 100644 gnu/packages/patches/perl-CVE-2016-1238.patch
 create mode 100644 gnu/packages/patches/perl-CVE-2016-6185.patch

Attachment: 0001-gnu-perl-Fix-CVE-2016-1238-6185.patch
Description: Text Data

reply via email to

[Prev in Thread] Current Thread [Next in Thread]