Thursday 27th March 2014
Fedora Project
Submitted a perl-MooseX-Types-Stringlike package for review; this was subsequently reviewed and approved by Petr Ĺ abata
Imported and built perl-MooseX-Types-Stringlike (0.002) for F-19, F-20, Rawhide and EPEL-7
Updated perl-YAML-LibYAML (0.41) in F-19, F-20, Rawhide and EPEL-7 to address heap-based buffer overflow when parsing YAML tags (CVE-2013-6393) and LibYAML input sanitization errors (CVE-2014-2525)
Updated perl-YAML-LibYAML (0.38) in EPEL-6 to address heap-based buffer overflow when parsing YAML tags (CVE-2013-6393) and LibYAML input sanitization errors (CVE-2014-2525)
Branched and built perl-Module-Install-AutoLicense (0.08) for EPEL-7
Branched and built perl-Module-Install-GithubMeta (0.26) for EPEL-7
Branched and built perl-Module-Install-ReadmeFromPod (0.22) for EPEL-7
Branched and built perl-Path-Tiny (0.052) for EPEL-7
Branched and built perl-Unicode-UTF8 (0.60) for EPEL-7
Local Packages
Updated curl to adapt tests 815 and 816 such that they work with the fix for CVE-2014-0138
Updated perl-File-pushd to 1.006:
Noted that multiple pushd objects in a lexical scope are not destroyed in a predictable order
Modernized Dist::Zilla configuration and repo support files
Updated perl-YAML-LibYAML to fix security issues as per the Fedora version