#acl PaulHowarth:read,write,admin,revert,delete All:read === Tuesday 3rd September 2013 === ==== Fedora Project ==== * [[FedoraProject:User:Psabata|Petr Šabata]] kindly reviewed and approved [[RedHatBugzilla:1003650|my perl-Unicode-UTF8 package submission]] * Imported and built `perl-Unicode-UTF8` (0.59) for F-18, F-19, F-20, Rawhide and EPEL-6 * Jitka Plesnikova kindly reviewed and approved [[RedHatBugzilla:998250|my perl-Hash-StoredIterator package submission]] * Imported and built `perl-Hash-StoredIterator` (0.007) for F-19, F-20 and Rawhide * [[FedoraProject:User:Psabata|Petr Šabata]] kindly reviewed and approved [[RedHatBugzilla:1003660|my perl-Path-Tiny package submission]] * Imported and built `perl-Path-Tiny` (0.031) for F-19, F-20 and Rawhide * Updated `perl-Config-Tiny` to 2.15 in F-20 and Rawhide: * Clean up the shambolic dates in the `Changes` file * Add a note under `Caveats` about setting options more that once - only the first case is respected ([[CPAN:69795|CPAN RT#69795]]) * Add a `$encoding` parameter to `read_file()` and `write_file()`, and add `t/04.utf8.t` and `t/04.utf8.txt` ([[CPAN:71029|CPAN RT#71029]], [[CPAN:85571|CPAN RT#85571]]) * Fix temporary directory creation in tests for BSD-based systems * Rename `t/*.t` files * Add `MANIFEST.SKIP`, `Changelog.ini`, `Build.PL`, `META.json` * Add a FAQ to the docs * Clean up the docs * Updated `perl-Crypt-DSA` in EPEL-5, EPEL-6, F-18, F-19, F-20 and Rawhide to disable the fall back to using `Data::Random` if `/dev/random` is unavailable ([[RedHatBugzilla:743567|Bug #743567]], [[CPAN:71421|CPAN RT#71421]], [[CVE:2011-3599|CVE-2011-3599]]) . It might seem that this would not affect Fedora since `/dev/random` is always available and so the fall back to `Data::Random` would never happen. However, if an application is confined using a MAC system such as SELinux then access to `/dev/random` could be denied by policy and the fall back would be triggered. `Data::Random` uses `rand()`, about which the perldoc says "`rand()` is not cryptographically secure. You should not rely on it in security-sensitive situations." In the case of DSA, this is even worse. Using improperly secure randomness sources can compromise the signing key upon signature of a message - see: http://rdist.root.org/2010/11/19/dsa-requirements-for-random-k-value/ * Updated `perl-ExtUtils-Depends` to 0.305 in F-20 and Rawhide: * `Makefile.PL`: converted to `CPAN::Meta::Spec` v2 * Updated license in RPM spec file ([[CPAN:88196|CPAN RT#88196]]) * Updated contact info and added git repo info to POD * Add comments for `find_extra_libs` method ([[CPAN:43900|CPAN RT#43900]]) * Fixed typo ([[CPAN:86572|CPAN RT#86572]]) ==== Local Packages ==== * Updated `perl-ExtUtils-Depends` to 0.305 as per the Fedora version * Updated `perl-version` to 0.9904 * Final upstream changes from bleadperl, resolving [[CPAN:87513|CPAN RT#87513]] and [[CPAN:87983|CPAN RT#87983]] ----