aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGravatar Peter Korsgaard <peter@korsgaard.com>2019-02-24 22:46:47 +0100
committerGravatar Peter Korsgaard <peter@korsgaard.com>2019-02-25 08:56:20 +0100
commite67fc5c0ca1a07a288851256fd1bcef8fd374f27 (patch)
treea9d13c8a51ef6ad96b4b10d9cec072e3ae20eadc
parent665ae7cace6a13a030ba285d0729d3b5d95937bc (diff)
downloadbuildroot-e67fc5c0ca1a07a288851256fd1bcef8fd374f27.tar.gz
buildroot-e67fc5c0ca1a07a288851256fd1bcef8fd374f27.tar.bz2
package/perl: security bump to version 5.26.3
Fixes the following security issues: - [CVE-2018-12015] Directory traversal in module Archive::Tar - [CVE-2018-18311] Integer overflow leading to buffer overflow and segmentation fault - [CVE-2018-18312] Heap-buffer-overflow write in S_regatom (regcomp.c) - [CVE-2018-18313] Heap-buffer-overflow read in S_grok_bslash_N (regcomp.c) - [CVE-2018-18314] Heap-buffer-overflow write in S_regatom (regcomp.c) For more details, see perldelta: https://metacpan.org/changes/release/SHAY/perl-5.26.3 Bump perlcross to 1.2.2 for perl 5.26.3 support. Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
-rw-r--r--package/perl/perl.hash12
-rw-r--r--package/perl/perl.mk4
2 files changed, 8 insertions, 8 deletions
diff --git a/package/perl/perl.hash b/package/perl/perl.hash
index 6936b22e03..502f0db9df 100644
--- a/package/perl/perl.hash
+++ b/package/perl/perl.hash
@@ -1,7 +1,7 @@
-# Hashes from: http://www.cpan.org/src/5.0/perl-5.26.2.tar.xz.{md5,sha1,sha256}.txt
-md5 1fa1b53eeff76aa37b17bfc9b2771671 perl-5.26.2.tar.xz
-sha1 bfa5c7921ed7bf5e035dbf2f7ff81367b81e372c perl-5.26.2.tar.xz
-sha256 0f8c0fb1b0db4681adb75c3ba0dd77a0472b1b359b9e80efd79fc27b4352132c perl-5.26.2.tar.xz
+# Hashes from: http://www.cpan.org/src/5.0/perl-5.26.3.tar.xz.{md5,sha1,sha256}.txt
+md5 218d73f2334d2f3fdaff5a1f35358247 perl-5.26.3.tar.xz
+sha1 ca73432ac07288fdce2063f5e09c642e28584226 perl-5.26.3.tar.xz
+sha256 e0a17cdaed5304aea1783e507e56bb0001dd72c46f211553ead3a580c3f38135 perl-5.26.3.tar.xz
-# Hashes from: https://github.com/arsv/perl-cross/releases/download/1.2/perl-cross-1.2.hash
-sha256 599077beb86af5e6097da8922a84474a5484f61475d2899eae0f8634e9619109 perl-cross-1.2.tar.gz
+# Hashes from: http://github.com/arsv/perl-cross/releases/download/1.2.2/perl-cross-1.2.2.hash
+sha256 e6987838f27d8cd3368ea68fc56a68cc52371505950927b8b7c5cb76e3a94caa perl-cross-1.2.2.tar.gz
diff --git a/package/perl/perl.mk b/package/perl/perl.mk
index b0eea3eff4..62388d2016 100644
--- a/package/perl/perl.mk
+++ b/package/perl/perl.mk
@@ -6,14 +6,14 @@
# When updating the version here, also update utils/scancpan
PERL_VERSION_MAJOR = 26
-PERL_VERSION = 5.$(PERL_VERSION_MAJOR).2
+PERL_VERSION = 5.$(PERL_VERSION_MAJOR).3
PERL_SITE = http://www.cpan.org/src/5.0
PERL_SOURCE = perl-$(PERL_VERSION).tar.xz
PERL_LICENSE = Artistic or GPL-1.0+
PERL_LICENSE_FILES = Artistic Copying README
PERL_INSTALL_STAGING = YES
-PERL_CROSS_VERSION = 1.2
+PERL_CROSS_VERSION = 1.2.2
# DO NOT refactor with the github helper (the result is not the same)
PERL_CROSS_SITE = https://github.com/arsv/perl-cross/releases/download/$(PERL_CROSS_VERSION)
PERL_CROSS_SOURCE = perl-cross-$(PERL_CROSS_VERSION).tar.gz