Resolves: RHEL-56507 - Patch the code to use https instead of http

This commit is contained in:
Jitka Plesnikova 2024-09-24 08:06:07 +02:00
parent 2f63d4303b
commit 9bcded9c66
3 changed files with 24 additions and 2 deletions

View File

@ -1,7 +1,11 @@
# Fedora
--- !Policy --- !Policy
id: fedora_policy
product_versions: product_versions:
- fedora-* - fedora-*
decision_context: bodhi_update_push_stable decision_contexts:
- bodhi_update_push_testing
- bodhi_update_push_stable
subject_type: koji_build subject_type: koji_build
rules: rules:
- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional} - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional}

View File

@ -1,6 +1,6 @@
Name: perl-App-cpanminus Name: perl-App-cpanminus
Version: 1.7047 Version: 1.7047
Release: 4%{?dist} Release: 5%{?dist}
Summary: Get, unpack, build and install CPAN modules Summary: Get, unpack, build and install CPAN modules
# Other files: GPL+ or Artistic # Other files: GPL+ or Artistic
## unbundled ## unbundled
@ -133,6 +133,8 @@ with "%{_libexecdir}/%{name}/test".
podselect lib/App/cpanminus.pm > lib/App/cpanminus.pod podselect lib/App/cpanminus.pm > lib/App/cpanminus.pod
for F in bin/cpanm lib/App/cpanminus/fatscript.pm; do for F in bin/cpanm lib/App/cpanminus/fatscript.pm; do
# CVE-2024-45321 - patch to use https instead of http
perl -pi -E 's{http://(cpan\.cpantesters\.org|www\.cpan\.org|backpan\.perl\.org|cpan\.metacpan\.org|fastapi\.metacpan\.org|cpanmetadb\.plackperl\.org)}{https://$1}g' "$F"
%{SOURCE1} --libdir lib --filter '^App/cpanminus' "$F" > "${F}.stripped" %{SOURCE1} --libdir lib --filter '^App/cpanminus' "$F" > "${F}.stripped"
perl -c -Ilib "${F}.stripped" perl -c -Ilib "${F}.stripped"
mv "${F}.stripped" "$F" mv "${F}.stripped" "$F"
@ -177,6 +179,10 @@ make test
%{_libexecdir}/%{name} %{_libexecdir}/%{name}
%changelog %changelog
* Mon Sep 23 2024 Jitka Plesnikova <jplesnik@redhat.com> - 1.7047-5
- Patch the code to use https instead of http (CVE-2024-45321)
- Resolves: RHEL-56507
* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 1.7047-4 * Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 1.7047-4
- Bump release for June 2024 mass rebuild - Bump release for June 2024 mass rebuild

12
plans/internal.fmf Normal file
View File

@ -0,0 +1,12 @@
summary: Private (RHEL) beakerlib tests
enabled: false
adjust:
- when: distro == rhel
enabled: true
because: private tests are accesible only within rhel pipline
discover:
- name: rhel
how: fmf
url: https://pkgs.devel.redhat.com/git/tests/perl-App-cpanminus
execute:
how: tmt