[BACK]Return to distinfo CVS log [TXT][DIR] Up to [cvs.NetBSD.org] / pkgsrc / www / ap2-perl

File: [cvs.NetBSD.org] / pkgsrc / www / ap2-perl / distinfo (download)

Revision 1.16, Tue Jun 4 13:48:40 2013 UTC (6 years, 4 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2013Q3-base, pkgsrc-2013Q3, pkgsrc-2013Q2-base, pkgsrc-2013Q2
Changes since 1.15: +4 -4 lines

Changes 2.0.8:

Perl 5.16.3's fix for a rehash-based DoS makes it more difficult to invoke
the workaround for the old hash collision attack, which breaks mod_perl's
t/perl/hash_attack.t. Patch from rt.cpan.org 83916 improves the fix
previously applied as revision 1455340.

On Perl 5.17.6 and above, hash seeding has changed, and HvREHASH has
disappeared. Patch to update mod_perl accordingly from rt.cpan.org 83921.

Restore build with Perl 5.8.1, 5.8.2 etc: take care to use
$Config{useithreads} rather than $Config{usethreads}, and supply definitions
of Newx and Newxz as necessary.

On Perl 5.17.9, t/apache/read2.t fails because an "uninitialized value"
warning is generated for the buffer being autovivified. This is because
the sv_setpvn() that's meant to vivify the buffer doesn't perform set
magic; the warning is generated by the immediately following SvPV_force().
Patch to fix this from rt.cpan.org 83922.

Fix t/perl/hash_attack.t to work with Perl 5.14.4, 5.16.3 etc, which
contain a fix for CVE-2013-1667 (memory exhaustion with arbitrary hash
keys). This resolves rt.perl.org 116863, from where the patch was taken.

use APR::Finfo instead of Perl's stat() in ModPerl::RegistryCooker to
generate HTTP code 404 even if the requested filename contains newlines

Remove all uses of deprecated core perl symbols.

Add branch release tag to 'make tag' target

$NetBSD: distinfo,v 1.16 2013/06/04 13:48:40 adam Exp $

SHA1 (mod_perl-2.0.8.tar.gz) = 165b1062f9680d1ccc92a88f1699797b6860c499
RMD160 (mod_perl-2.0.8.tar.gz) = 5863f229c1fe982852f05bf5c1af5d28dae28b7f
Size (mod_perl-2.0.8.tar.gz) = 3790026 bytes