diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2018-07-14 20:57:42 +0100 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2018-07-14 20:57:42 +0100 |
commit | 1798c4aeca70ac8d0a243684d6a798fbc65735f8 (patch) | |
tree | e48e19cb6fa03de18e1c63e1a93371b7ebc4eb56 /dev-perl/LWP-Protocol-https/files | |
parent | d87262dd706fec50cd150aab3e93883b6337466d (diff) |
gentoo resync : 14.07.2018
Diffstat (limited to 'dev-perl/LWP-Protocol-https/files')
4 files changed, 0 insertions, 139 deletions
diff --git a/dev-perl/LWP-Protocol-https/files/LWP-Protocol-https-6.60.0-CVE-2014-3230.patch b/dev-perl/LWP-Protocol-https/files/LWP-Protocol-https-6.60.0-CVE-2014-3230.patch deleted file mode 100644 index 1eb26d2e4092..000000000000 --- a/dev-perl/LWP-Protocol-https/files/LWP-Protocol-https-6.60.0-CVE-2014-3230.patch +++ /dev/null @@ -1,22 +0,0 @@ -Source: https://bugzilla.redhat.com/show_bug.cgi?id=1094440 - -This patch combines the following two: -https://bugzilla.redhat.com/attachment.cgi?id=894747 -https://bugzilla.redhat.com/attachment.cgi?id=894748 - -diff -ruN LWP-Protocol-https-6.06.orig/lib/LWP/Protocol/https.pm LWP-Protocol-https-6.06/lib/LWP/Protocol/https.pm ---- LWP-Protocol-https-6.06.orig/lib/LWP/Protocol/https.pm 2014-04-18 18:33:26.000000000 +0200 -+++ LWP-Protocol-https-6.06/lib/LWP/Protocol/https.pm 2014-10-26 23:57:27.714303175 +0100 -@@ -21,7 +21,11 @@ - $ssl_opts{SSL_verifycn_scheme} = 'www'; - } - else { -- $ssl_opts{SSL_verify_mode} = 0; -+ if ( $Net::HTTPS::SSL_SOCKET_CLASS eq 'Net::SSL' ) { -+ $ssl_opts{SSL_verifycn_scheme} = ''; -+ } else { -+ $ssl_opts{SSL_verifycn_scheme} = 'none'; -+ } - } - if ($ssl_opts{SSL_verify_mode}) { - unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) { diff --git a/dev-perl/LWP-Protocol-https/files/LWP-Protocol-https-6.60.0-etcsslcerts.patch b/dev-perl/LWP-Protocol-https/files/LWP-Protocol-https-6.60.0-etcsslcerts.patch deleted file mode 100644 index 55163a097835..000000000000 --- a/dev-perl/LWP-Protocol-https/files/LWP-Protocol-https-6.60.0-etcsslcerts.patch +++ /dev/null @@ -1,33 +0,0 @@ -See https://bugs.gentoo.org/358081 - - -diff -ruN LWP-Protocol-https-6.06.orig/lib/LWP/Protocol/https.pm LWP-Protocol-https-6.06/lib/LWP/Protocol/https.pm ---- LWP-Protocol-https-6.06.orig/lib/LWP/Protocol/https.pm 2014-04-18 18:33:26.000000000 +0200 -+++ LWP-Protocol-https-6.06/lib/LWP/Protocol/https.pm 2014-10-27 00:04:50.604802937 +0100 -@@ -25,25 +25,7 @@ - } - if ($ssl_opts{SSL_verify_mode}) { - unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) { -- eval { -- require Mozilla::CA; -- }; -- if ($@) { -- if ($@ =! /^Can't locate Mozilla\/CA\.pm/) { -- $@ = <<'EOT'; --Can't verify SSL peers without knowing which Certificate Authorities to trust -- --This problem can be fixed by either setting the PERL_LWP_SSL_CA_FILE --environment variable or by installing the Mozilla::CA module. -- --To disable verification of SSL peers set the PERL_LWP_SSL_VERIFY_HOSTNAME --environment variable to 0. If you do this you can't be sure that you --communicate with the expected peer. --EOT -- } -- die $@; -- } -- $ssl_opts{SSL_ca_file} = Mozilla::CA::SSL_ca_file(); -+ $ssl_opts{SSL_ca_path} = '/etc/ssl/certs'; - } - } - $self->{ssl_opts} = \%ssl_opts; diff --git a/dev-perl/LWP-Protocol-https/files/LWP-Protocol-https-6.70.0-CVE-2014-3230.patch b/dev-perl/LWP-Protocol-https/files/LWP-Protocol-https-6.70.0-CVE-2014-3230.patch deleted file mode 100644 index 781d72ee03e9..000000000000 --- a/dev-perl/LWP-Protocol-https/files/LWP-Protocol-https-6.70.0-CVE-2014-3230.patch +++ /dev/null @@ -1,36 +0,0 @@ -From 67de137e737e4fa92d0cb746bdc8474d7bb5e000 Mon Sep 17 00:00:00 2001 -From: Kent Fredric <kentnl@gentoo.org> -Date: Tue, 21 Mar 2017 10:11:32 +1300 -Subject: Use SSL_verifycn_scheme instead of disabling SSL_verify_mode - -Re: CVE-2014-3230 - -Redhat Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1094440 - -Combines: https://bugzilla.redhat.com/attachment.cgi?id=894747 - https://bugzilla.redhat.com/attachment.cgi?id=894748 ---- - lib/LWP/Protocol/https.pm | 7 ++++++- - 1 file changed, 6 insertions(+), 1 deletion(-) - -diff --git a/lib/LWP/Protocol/https.pm b/lib/LWP/Protocol/https.pm -index f8ab398..ba69966 100644 ---- a/lib/LWP/Protocol/https.pm -+++ b/lib/LWP/Protocol/https.pm -@@ -21,7 +21,12 @@ sub _extra_sock_opts - $ssl_opts{SSL_verifycn_scheme} = 'www'; - } - else { -- $ssl_opts{SSL_verify_mode} = 0; -+ if ( $Net::HTTPS::SSL_SOCKET_CLASS eq 'Net::SSL' ) { -+ $ssl_opts{SSL_verifycn_scheme} = ''; -+ } -+ else { -+ $ssl_opts{SSL_verifycn_scheme} = 'none'; -+ } - } - if ($ssl_opts{SSL_verify_mode}) { - unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) { --- -2.12.0 - diff --git a/dev-perl/LWP-Protocol-https/files/LWP-Protocol-https-6.70.0-etcsslcerts.patch b/dev-perl/LWP-Protocol-https/files/LWP-Protocol-https-6.70.0-etcsslcerts.patch deleted file mode 100644 index 2553c7949af9..000000000000 --- a/dev-perl/LWP-Protocol-https/files/LWP-Protocol-https-6.70.0-etcsslcerts.patch +++ /dev/null @@ -1,48 +0,0 @@ -From 9baa19987f93284be254415d15db56c599e52e1e Mon Sep 17 00:00:00 2001 -From: Kent Fredric <kentnl@gentoo.org> -Date: Tue, 21 Mar 2017 10:07:35 +1300 -Subject: Ensure using System Certificates instead of Mozilla-CA - -Bug: https://bugs.gentoo.org/358081 ---- - lib/LWP/Protocol/https.pm | 24 +++--------------------- - 1 file changed, 3 insertions(+), 21 deletions(-) - -diff --git a/lib/LWP/Protocol/https.pm b/lib/LWP/Protocol/https.pm -index ed4d832..f8ab398 100644 ---- a/lib/LWP/Protocol/https.pm -+++ b/lib/LWP/Protocol/https.pm -@@ -24,27 +24,9 @@ sub _extra_sock_opts - $ssl_opts{SSL_verify_mode} = 0; - } - if ($ssl_opts{SSL_verify_mode}) { -- unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) { -- eval { -- require Mozilla::CA; -- }; -- if ($@) { -- if ($@ =~ /^Can't locate Mozilla\/CA\.pm/) { -- $@ = <<'EOT'; --Can't verify SSL peers without knowing which Certificate Authorities to trust -- --This problem can be fixed by either setting the PERL_LWP_SSL_CA_FILE --environment variable or by installing the Mozilla::CA module. -- --To disable verification of SSL peers set the PERL_LWP_SSL_VERIFY_HOSTNAME --environment variable to 0. If you do this you can't be sure that you --communicate with the expected peer. --EOT -- } -- die $@; -- } -- $ssl_opts{SSL_ca_file} = Mozilla::CA::SSL_ca_file(); -- } -+ unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) { -+ $ssl_opts{SSL_ca_path} = '/etc/ssl/certs'; -+ } - } - $self->{ssl_opts} = \%ssl_opts; - return (%ssl_opts, $self->SUPER::_extra_sock_opts); --- -2.12.0 - |