Tuesday 3rd September 2013
Fedora Project
Petr Šabata kindly reviewed and approved my perl-Unicode-UTF8 package submission
Imported and built perl-Unicode-UTF8 (0.59) for F-18, F-19, F-20, Rawhide and EPEL-6
Jitka Plesnikova kindly reviewed and approved my perl-Hash-StoredIterator package submission
Imported and built perl-Hash-StoredIterator (0.007) for F-19, F-20 and Rawhide
Petr Šabata kindly reviewed and approved my perl-Path-Tiny package submission
Imported and built perl-Path-Tiny (0.031) for F-19, F-20 and Rawhide
Updated perl-Config-Tiny to 2.15 in F-20 and Rawhide:
Clean up the shambolic dates in the Changes file
Add a note under Caveats about setting options more that once - only the first case is respected (CPAN RT#69795)
Add a $encoding parameter to read_file() and write_file(), and add t/04.utf8.t and t/04.utf8.txt (CPAN RT#71029, CPAN RT#85571)
- Fix temporary directory creation in tests for BSD-based systems
Rename t/*.t files
Add MANIFEST.SKIP, Changelog.ini, Build.PL, META.json
- Add a FAQ to the docs
- Clean up the docs
Updated perl-Crypt-DSA in EPEL-5, EPEL-6, F-18, F-19, F-20 and Rawhide to disable the fall back to using Data::Random if /dev/random is unavailable (Bug #743567, CPAN RT#71421, CVE-2011-3599)
It might seem that this would not affect Fedora since /dev/random is always available and so the fall back to Data::Random would never happen. However, if an application is confined using a MAC system such as SELinux then access to /dev/random could be denied by policy and the fall back would be triggered. Data::Random uses rand(), about which the perldoc says "rand() is not cryptographically secure. You should not rely on it in security-sensitive situations." In the case of DSA, this is even worse. Using improperly secure randomness sources can compromise the signing key upon signature of a message - see: http://rdist.root.org/2010/11/19/dsa-requirements-for-random-k-value/
Updated perl-ExtUtils-Depends to 0.305 in F-20 and Rawhide:
Makefile.PL: converted to CPAN::Meta::Spec v2
Updated license in RPM spec file (CPAN RT#88196)
- Updated contact info and added git repo info to POD
Add comments for find_extra_libs method (CPAN RT#43900)
Fixed typo (CPAN RT#86572)
Local Packages
Updated perl-ExtUtils-Depends to 0.305 as per the Fedora version
Updated perl-version to 0.9904
Final upstream changes from bleadperl, resolving CPAN RT#87513 and CPAN RT#87983