diff options
author | Jason M. Bills <jason.m.bills@intel.com> | 2022-01-06 23:59:39 +0300 |
---|---|---|
committer | Jason M. Bills <jason.m.bills@intel.com> | 2022-01-06 23:59:39 +0300 |
commit | 32777eec25d2c527a62e5ffab90a3dfef35855aa (patch) | |
tree | 588a90a6fe9fb0b35c7ce23ea3bd79fa5151ccde /poky/meta/recipes-devtools/perl/files/CVE-2021-36770.patch | |
parent | 61f1ca1b31a9a1108e9e7f71e47fdc19beb0490b (diff) | |
parent | 5cc2f81c5b66da00cad24e18b0d23442af060c3f (diff) | |
download | openbmc-32777eec25d2c527a62e5ffab90a3dfef35855aa.tar.xz |
Merge tag '0.86' of firmware.bmc.openbmc.yocto.openbmc into update
Diffstat (limited to 'poky/meta/recipes-devtools/perl/files/CVE-2021-36770.patch')
-rw-r--r-- | poky/meta/recipes-devtools/perl/files/CVE-2021-36770.patch | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/poky/meta/recipes-devtools/perl/files/CVE-2021-36770.patch b/poky/meta/recipes-devtools/perl/files/CVE-2021-36770.patch new file mode 100644 index 000000000..1ef548b30 --- /dev/null +++ b/poky/meta/recipes-devtools/perl/files/CVE-2021-36770.patch @@ -0,0 +1,40 @@ +Backport patch to fix CVE-2021-36770. And drop the section of code which +updates version. + +Upstream-Status: Backport [https://github.com/Perl/perl5/commit/c1a937f] +CVE: CVE-2021-36770 + +Signed-off-by: Kai Kang <kai.kang@windriver.com> + +From c1a937fef07c061600a0078f4cb53fe9c2136bb9 Mon Sep 17 00:00:00 2001 +From: Ricardo Signes <rjbs@semiotic.systems> +Date: Mon, 9 Aug 2021 08:14:05 -0400 +Subject: [PATCH] Encode.pm: apply a local patch for CVE-2021-36770 + +I expect Encode to see a new release today. + +Without this fix, Encode::ConfigLocal can be loaded from a path relative +to the current directory, because the || operator will evaluate @INC in +scalar context, putting an integer as the only value in @INC. +--- + cpan/Encode/Encode.pm | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/cpan/Encode/Encode.pm b/cpan/Encode/Encode.pm +index a56a99947f..b96a850416 100644 +--- a/cpan/Encode/Encode.pm ++++ b/cpan/Encode/Encode.pm +@@ -65,8 +66,8 @@ require Encode::Config; + eval { + local $SIG{__DIE__}; + local $SIG{__WARN__}; +- local @INC = @INC || (); +- pop @INC if $INC[-1] eq '.'; ++ local @INC = @INC; ++ pop @INC if @INC && $INC[-1] eq '.'; + require Encode::ConfigLocal; + }; + +-- +2.33.0 + |