Tuesday 2nd November 2010
Fedora Project
Updated perl-IO-Socket-SSL to 1.34 in Rawhide:
Schema http for certificate verification changed to wildcards_in_cn=1
If upgrading socket from inet to ssl fails due to handshake problems, the socket gets downgraded back again but is still open (CPAN RT#61466)
Deprecate kill_socket: just use close()
Updated proftpd for Rawhide, Fedora 13 and 14, and EPEL-6 to 1.3.3c, and also added the unbundled module mod_geoip:
Fixed Telnet IAC stack overflow vulnerability (ZDI-CAN-925)
Fixed directory traversal bug in mod_site_misc (CVE-2010-3867)
Fixed SQLite authentication using "SQLAuthType Backend"
Local Packages
Updated perl-IO-Socket-SSL to 1.34 as per the Fedora version
Updated perl-Moose to 1.19:
There was still one use of Test::Exception rather than Test::Fatal
I've now dropped perl(Test::Exception) as a buildreq as it's no longer needed
Updated perl-NetAddr-IP (4.035) to address CPAN RT#62521, which leads to spamassassin generating these error messages:
netset: cannot include 0:0:0:0:0:0:0:1/128 as it has already been included netset: cannot include 0:0:0:0:0:0:0:1/128 as it has already been included netset: cannot include 0:0:0:0:0:0:0:1/128 as it has already been included netset: cannot include 0:0:0:0:0:0:0:1/128 as it has already been included netset: cannot include 0:0:0:0:0:0:0:1/128 as it has already been included netset: cannot include 0:0:0:0:0:0:0:1/128 as it has already been included
- The patch was simple and adds an additional test case to check for the problem; of course, the rest of the test suite still passes and I sent the patch upstream
diff -up NetAddr-IP-4.035/Lite/Lite.pm.orig NetAddr-IP-4.035/Lite/Lite.pm --- NetAddr-IP-4.035/Lite/Lite.pm.orig 2010-11-02 10:46:29.642163120 +0000 +++ NetAddr-IP-4.035/Lite/Lite.pm 2010-11-02 10:59:54.746161443 +0000 @@ -740,7 +740,7 @@ sub _xnew($$;$$) { if ($mval == 128) { # cidr 128 $mask = Ones; } - elsif ($ip =~ /^\d+\.\d+\.\d+\.\d+$/) { # corner case of ipV4 with new6 + elsif (index($ip,':') < 0) { # corner case of ipV4 with new6 $mask = shiftleft(Ones,32 -$mval); } elsif ($mask < 128) { # small cidr diff -up NetAddr-IP-4.035/Lite/t/bug62521.t.orig NetAddr-IP-4.035/Lite/t/bug62521.t --- NetAddr-IP-4.035/Lite/t/bug62521.t.orig 2010-10-28 22:25:20.000000000 +0100 +++ NetAddr-IP-4.035/Lite/t/bug62521.t 2010-11-02 10:53:04.666124405 +0000 @@ -1,5 +1,5 @@ -BEGIN { $| = 1; print "1..2\n"; } +BEGIN { $| = 1; print "1..3\n"; } END {print "not ok 1\n" unless $loaded;} $loaded = 1; @@ -21,3 +21,7 @@ my $ip = new6 NetAddr::IP::Lite('127.0.0 print "exp $exp\ngot ", $ip, "\nnot " unless $ip eq $exp; &ok; +$ip = new6 NetAddr::IP::Lite('127/8'); +print "exp $exp\ngot ", $ip, "\nnot " + unless $ip eq $exp; +&ok;