Resolves: RHEL-56507 - Patch the code to use https instead of http

gating.yaml

@@ -1,7 +1,11 @@
+# Fedora
 --- !Policy
+id: fedora_policy
 product_versions:
   - fedora-*
-decision_context: bodhi_update_push_stable
+decision_contexts:
+  - bodhi_update_push_testing
+  - bodhi_update_push_stable
 subject_type: koji_build
 rules:
   - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional}

perl-App-cpanminus.spec

@@ -1,6 +1,6 @@
 Name:           perl-App-cpanminus
 Version:        1.7047
-Release:        4%{?dist}
+Release:        5%{?dist}
 Summary:        Get, unpack, build and install CPAN modules
 # Other files:  GPL+ or Artistic
 ## unbundled
@@ -133,6 +133,8 @@ with "%{_libexecdir}/%{name}/test".
 podselect lib/App/cpanminus.pm > lib/App/cpanminus.pod
 
 for F in bin/cpanm lib/App/cpanminus/fatscript.pm; do
+    # CVE-2024-45321 - patch to use https instead of http
+    perl -pi -E 's{http://(cpan\.cpantesters\.org|www\.cpan\.org|backpan\.perl\.org|cpan\.metacpan\.org|fastapi\.metacpan\.org|cpanmetadb\.plackperl\.org)}{https://$1}g' "$F"
     %{SOURCE1} --libdir lib --filter '^App/cpanminus' "$F" > "${F}.stripped"
     perl -c -Ilib "${F}.stripped"
     mv "${F}.stripped" "$F"
@@ -177,6 +179,10 @@ make test
 %{_libexecdir}/%{name}
 
 %changelog
+* Mon Sep 23 2024 Jitka Plesnikova <jplesnik@redhat.com> - 1.7047-5
+- Patch the code to use https instead of http (CVE-2024-45321)
+- Resolves: RHEL-56507
+
 * Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 1.7047-4
 - Bump release for June 2024 mass rebuild
 

plans/internal.fmf

@@ -0,0 +1,12 @@
+summary: Private (RHEL) beakerlib tests
+enabled: false
+adjust:
+  - when: distro == rhel
+    enabled: true
+    because: private tests are accesible only within rhel pipline
+discover:
+  - name: rhel
+    how: fmf
+    url: https://pkgs.devel.redhat.com/git/tests/perl-App-cpanminus
+execute:
+    how: tmt