From bd73eca0747c75c915ad5e39d4f38d2bf06b0ba8 Mon Sep 17 00:00:00 2001 From: Jitka Plesnikova Date: Wed, 12 Nov 2014 13:10:51 +0100 Subject: [PATCH] 1.632 bump --- .gitignore | 1 + DBI-1.630-Security-notice-for-Proxy.patch | 55 ----------------------- perl-DBI.spec | 10 ++--- sources | 2 +- 4 files changed, 7 insertions(+), 61 deletions(-) delete mode 100644 DBI-1.630-Security-notice-for-Proxy.patch diff --git a/.gitignore b/.gitignore index 8f8db17..4254756 100644 --- a/.gitignore +++ b/.gitignore @@ -14,3 +14,4 @@ DBI-1.613.tar.gz /DBI-1.628.tar.gz /DBI-1.630.tar.gz /DBI-1.631.tar.gz +/DBI-1.632.tar.gz diff --git a/DBI-1.630-Security-notice-for-Proxy.patch b/DBI-1.630-Security-notice-for-Proxy.patch deleted file mode 100644 index f79b352..0000000 --- a/DBI-1.630-Security-notice-for-Proxy.patch +++ /dev/null @@ -1,55 +0,0 @@ -From cd8fcbbf402e1d70c9f325f8b0fcd99e02cf14be Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= -Date: Mon, 18 Nov 2013 12:52:09 +0100 -Subject: [PATCH] Security notice for Proxy -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -PlRPC is not secure due to Storable. Warn Proxy users about it. - -Signed-off-by: Petr Písař ---- - lib/DBD/Proxy.pm | 7 +++++++ - lib/DBI/ProxyServer.pm | 7 +++++++ - 2 files changed, 14 insertions(+) - -diff --git a/lib/DBD/Proxy.pm b/lib/DBD/Proxy.pm -index 287b2dc..5948255 100644 ---- a/lib/DBD/Proxy.pm -+++ b/lib/DBD/Proxy.pm -@@ -974,6 +974,13 @@ The workaround is storing the modified local copy back to the server: - $dbh->{"csv_tables"} = $tables; - - -+=head1 SECURITY WARNING -+ -+L used underneath is not secure due to serializing and -+deserializing data with L module. Use the proxy driver only in -+trusted environment. -+ -+ - =head1 AUTHOR AND COPYRIGHT - - This module is Copyright (c) 1997, 1998 -diff --git a/lib/DBI/ProxyServer.pm b/lib/DBI/ProxyServer.pm -index 68ad4af..78a0d78 100644 ---- a/lib/DBI/ProxyServer.pm -+++ b/lib/DBI/ProxyServer.pm -@@ -867,6 +867,13 @@ Don't try to put parameters into the sql-query like this: - =back - - -+=head1 SECURITY WARNING -+ -+L used underneath is not secure due to serializing and -+deserializing data with L module. Use the proxy driver only in -+trusted environment. -+ -+ - =head1 AUTHOR - - Copyright (c) 1997 Jochen Wiedmann --- -1.8.3.1 - diff --git a/perl-DBI.spec b/perl-DBI.spec index 29c7ae9..d3ed864 100644 --- a/perl-DBI.spec +++ b/perl-DBI.spec @@ -9,15 +9,13 @@ %endif Name: perl-DBI -Version: 1.631 -Release: 7%{?dist} +Version: 1.632 +Release: 1%{?dist} Summary: A database access API for perl Group: Development/Libraries License: GPL+ or Artistic URL: http://dbi.perl.org/ Source0: http://www.cpan.org/authors/id/T/TI/TIMB/DBI-%{version}.tar.gz -# Add a security warning about use of RPC::PlClient, bug #1030578, CPAN RT#90475 -Patch0: DBI-1.630-Security-notice-for-Proxy.patch BuildRequires: perl BuildRequires: perl(ExtUtils::MakeMaker) BuildRequires: perl(File::Find) @@ -105,7 +103,6 @@ the use of existing DBI frameworks like DBIx::Class. %prep %setup -q -n DBI-%{version} -%patch0 -p1 iconv -f iso8859-1 -t utf-8 lib/DBD/Gofer.pm >lib/DBD/Gofer.pm.new && mv lib/DBD/Gofer.pm{.new,} chmod 644 ex/* @@ -159,6 +156,9 @@ make test %endif %changelog +* Wed Nov 12 2014 Jitka Plesnikova - 1.632-1 +- 1.632 bump + * Sun Sep 07 2014 Jitka Plesnikova - 1.631-7 - Perl 5.20 re-rebuild of bootstrapped packages diff --git a/sources b/sources index ebfbc07..da8211d 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -444d3c305e86597e11092b517794a840 DBI-1.631.tar.gz +285fc34c1ee20125aabbd50bc3e587fb DBI-1.632.tar.gz