diff options
author | Jason M. Bills <jason.m.bills@intel.com> | 2022-01-06 23:59:39 +0300 |
---|---|---|
committer | Jason M. Bills <jason.m.bills@intel.com> | 2022-01-06 23:59:39 +0300 |
commit | 32777eec25d2c527a62e5ffab90a3dfef35855aa (patch) | |
tree | 588a90a6fe9fb0b35c7ce23ea3bd79fa5151ccde /poky/meta/recipes-devtools/perl | |
parent | 61f1ca1b31a9a1108e9e7f71e47fdc19beb0490b (diff) | |
parent | 5cc2f81c5b66da00cad24e18b0d23442af060c3f (diff) | |
download | openbmc-32777eec25d2c527a62e5ffab90a3dfef35855aa.tar.xz |
Merge tag '0.86' of firmware.bmc.openbmc.yocto.openbmc into update
Diffstat (limited to 'poky/meta/recipes-devtools/perl')
-rw-r--r-- | poky/meta/recipes-devtools/perl/files/CVE-2021-36770.patch | 40 | ||||
-rw-r--r-- | poky/meta/recipes-devtools/perl/perl_5.34.0.bb | 8 |
2 files changed, 48 insertions, 0 deletions
diff --git a/poky/meta/recipes-devtools/perl/files/CVE-2021-36770.patch b/poky/meta/recipes-devtools/perl/files/CVE-2021-36770.patch new file mode 100644 index 000000000..1ef548b30 --- /dev/null +++ b/poky/meta/recipes-devtools/perl/files/CVE-2021-36770.patch @@ -0,0 +1,40 @@ +Backport patch to fix CVE-2021-36770. And drop the section of code which +updates version. + +Upstream-Status: Backport [https://github.com/Perl/perl5/commit/c1a937f] +CVE: CVE-2021-36770 + +Signed-off-by: Kai Kang <kai.kang@windriver.com> + +From c1a937fef07c061600a0078f4cb53fe9c2136bb9 Mon Sep 17 00:00:00 2001 +From: Ricardo Signes <rjbs@semiotic.systems> +Date: Mon, 9 Aug 2021 08:14:05 -0400 +Subject: [PATCH] Encode.pm: apply a local patch for CVE-2021-36770 + +I expect Encode to see a new release today. + +Without this fix, Encode::ConfigLocal can be loaded from a path relative +to the current directory, because the || operator will evaluate @INC in +scalar context, putting an integer as the only value in @INC. +--- + cpan/Encode/Encode.pm | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/cpan/Encode/Encode.pm b/cpan/Encode/Encode.pm +index a56a99947f..b96a850416 100644 +--- a/cpan/Encode/Encode.pm ++++ b/cpan/Encode/Encode.pm +@@ -65,8 +66,8 @@ require Encode::Config; + eval { + local $SIG{__DIE__}; + local $SIG{__WARN__}; +- local @INC = @INC || (); +- pop @INC if $INC[-1] eq '.'; ++ local @INC = @INC; ++ pop @INC if @INC && $INC[-1] eq '.'; + require Encode::ConfigLocal; + }; + +-- +2.33.0 + diff --git a/poky/meta/recipes-devtools/perl/perl_5.34.0.bb b/poky/meta/recipes-devtools/perl/perl_5.34.0.bb index ab19a8d0b..175db4ee3 100644 --- a/poky/meta/recipes-devtools/perl/perl_5.34.0.bb +++ b/poky/meta/recipes-devtools/perl/perl_5.34.0.bb @@ -17,6 +17,7 @@ SRC_URI = "https://www.cpan.org/src/5.0/perl-${PV}.tar.gz;name=perl \ file://perl-dynloader.patch \ file://0002-Constant-Fix-up-shebang.patch \ file://determinism.patch \ + file://CVE-2021-36770.patch \ " SRC_URI:append:class-native = " \ file://perl-configpm-switch.patch \ @@ -384,3 +385,10 @@ EOF chmod 0755 ${SYSROOT_DESTDIR}${bindir}/nativeperl cat ${SYSROOT_DESTDIR}${bindir}/nativeperl } + +SSTATE_HASHEQUIV_FILEMAP = " \ + populate_sysroot:*/lib*/perl5/*/*/Config_heavy.pl:${TMPDIR} \ + populate_sysroot:*/lib*/perl5/*/*/Config_heavy.pl:${COREBASE} \ + populate_sysroot:*/lib*/perl5/config.sh:${TMPDIR} \ + populate_sysroot:*/lib*/perl5/config.sh:${COREBASE} \ + " |