rpms/perl-Net-SSLeay/devel perl-Net-SSLeay-1.2.5-CVE-2005-0106.patch, NONE, 1.1 perl-Net-SSLeay.spec, 1.6, 1.7
Jose Pedro Oliveira (jpo)
fedora-extras-commits at redhat.com
Sat Jan 28 02:07:57 UTC 2006
Author: jpo
Update of /cvs/extras/rpms/perl-Net-SSLeay/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv13993
Modified Files:
perl-Net-SSLeay.spec
Added Files:
perl-Net-SSLeay-1.2.5-CVE-2005-0106.patch
Log Message:
- CVE-2005-0106: patch from Mandriva
http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:023
- Other references:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0106
http://www.ubuntu.com/usn/usn-113-1
perl-Net-SSLeay-1.2.5-CVE-2005-0106.patch:
--- NEW FILE perl-Net-SSLeay-1.2.5-CVE-2005-0106.patch ---
--- Net_SSLeay.pm-1.25/SSLeay.pm.cve-2005-0106 2006-01-25 12:37:11.540102265 -0700
+++ Net_SSLeay.pm-1.25/SSLeay.pm 2006-01-25 12:38:16.994260984 -0700
@@ -1853,8 +1853,8 @@
my ($rn_seed_file, $seed, $egd_path) = @_;
my $rnsf = defined($rn_seed_file) && -r $rn_seed_file;
+ $egd_path = '';
$egd_path = $ENV{'EGD_PATH'} if $ENV{'EGD_PATH'};
- $egd_path = '/tmp/entropy' unless $egd_path;
RAND_seed(rand() + $$); # Stir it with time and pid
@@ -1865,7 +1865,7 @@
RAND_load_file($rn_seed_file, -s _) if $rnsf;
RAND_seed($seed) if $seed;
RAND_seed($ENV{RND_SEED}) if $ENV{RND_SEED};
- RAND_egd($egd_path) if -S $egd_path;
+ RAND_egd($egd_path) if -e $egd_path && -S $egd_path;
RAND_load_file($Net::SSLeay::random_device, $Net::SSLeay::how_random/8)
if -r $Net::SSLeay::random_device;
}
Index: perl-Net-SSLeay.spec
===================================================================
RCS file: /cvs/extras/rpms/perl-Net-SSLeay/devel/perl-Net-SSLeay.spec,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- perl-Net-SSLeay.spec 15 Jan 2006 12:25:16 -0000 1.6
+++ perl-Net-SSLeay.spec 28 Jan 2006 02:07:50 -0000 1.7
@@ -1,6 +1,6 @@
Name: perl-Net-SSLeay
Version: 1.30
-Release: 1%{?dist}
+Release: 2%{?dist}
Summary: Perl extension for using OpenSSL
Group: Development/Libraries
@@ -8,11 +8,12 @@
URL: http://search.cpan.org/dist/Net_SSLeay.pm/
Source0: http://www.cpan.org/authors/id/F/FL/FLORA/Net_SSLeay.pm-%{version}.tar.gz
Patch0: %{name}-test14.patch
+Patch1: perl-Net-SSLeay-1.2.5-CVE-2005-0106.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: perl
BuildRequires: openssl-devel
-Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version))
+Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version))
Provides: perl-Net_SSLeay = %{version}-%{release}
%description
@@ -26,6 +27,7 @@
%prep
%setup -q -n Net_SSLeay.pm-%{version}
%patch0 -p0
+%patch1 -p1
cp -p Net-SSLeay-Handle-*/Changes Changes.Net-SSLeay-Handle
chmod -c 644 examples/*
%{__perl} -pi -e 's|/usr/local/bin/perl|%{__perl}|' examples/*.pl
@@ -65,6 +67,10 @@
%changelog
+* Fri Jan 27 2006 Jose Pedro Oliveira <jpo at di.uminho.pt> - 1.30-2
+- CVE-2005-0106: patch from Mandriva
+ http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:023
+
* Sun Jan 15 2006 Ville Skyttä <ville.skytta at iki.fi> - 1.30-1
- 1.30.
- Optionally run the test suite during build with "--with tests".
More information about the fedora-extras-commits
mailing list