[pkgsrc/pkgsrc-2012Q1]: pkgsrc/textproc/p5-YAML-LibYAML Pullup ticket #3807 -...

[tron <tron%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/1c69b77c5c06
branches:  pkgsrc-2012Q1
changeset: 602138:1c69b77c5c06
user:      tron <tron%pkgsrc.org@localhost>
date:      Mon May 28 10:58:03 2012 +0000

description:
Pullup ticket #3807 - requested by spz
textproc/p5-YAML-LibYAML: security update

Revisions pulled up:
- textproc/p5-YAML-LibYAML/Makefile                             1.9-1.10
- textproc/p5-YAML-LibYAML/distinfo                             1.7-1.8
- textproc/p5-YAML-LibYAML/patches/patch-LibYAML_perl__libyaml.c 1.1

---
   Module Name:    pkgsrc
   Committed By:   sno
   Date:           Tue Apr 10 13:50:05 UTC 2012

   Modified Files:
           pkgsrc/textproc/p5-YAML-LibYAML: Makefile distinfo

   Log Message:
   Updating package for CPAN module YAML::LibYAML in textproc/p5-YAML-LibYAML
   from 0.37 to 0.38

   Upstream changes:
   version: 0.38
   date:    Tue Jan  3 22:56:01 PST 2012
   changes:
   - Apply SPROUT++ deparse test patch. Thanks!

---
   Module Name: pkgsrc
   Committed By:        spz
   Date:                Thu May 24 20:21:18 UTC 2012

   Modified Files:
        pkgsrc/textproc/p5-YAML-LibYAML: Makefile distinfo
   Added Files:
        pkgsrc/textproc/p5-YAML-LibYAML/patches: patch-LibYAML_perl__libyaml.c

   Log Message:
   fix for CVS-2012-1152 taken from
   https://rt.cpan.org/Ticket/Attachment/920541/477607/YAML-LibYAML-0.35-format-err
   or.patch

diffstat:

 textproc/p5-YAML-LibYAML/Makefile                              |   5 +-
 textproc/p5-YAML-LibYAML/distinfo                              |   9 +-
 textproc/p5-YAML-LibYAML/patches/patch-LibYAML_perl__libyaml.c |  43 ++++++++++
 3 files changed, 51 insertions(+), 6 deletions(-)

diffs (75 lines):

diff -r ef0a98e67647 -r 1c69b77c5c06 textproc/p5-YAML-LibYAML/Makefile
--- a/textproc/p5-YAML-LibYAML/Makefile Mon May 28 10:50:59 2012 +0000
+++ b/textproc/p5-YAML-LibYAML/Makefile Mon May 28 10:58:03 2012 +0000
@@ -1,7 +1,8 @@
-# $NetBSD: Makefile,v 1.8 2011/11/16 08:38:26 sno Exp $
+# $NetBSD: Makefile,v 1.8.4.1 2012/05/28 10:58:03 tron Exp $
 #
 
-DISTNAME=      YAML-LibYAML-0.37
+DISTNAME=      YAML-LibYAML-0.38
+PKGREVISION=   1
 PKGNAME=       p5-${DISTNAME}
 #PKGNAME=      p5-${DISTNAME:S/LibYAML/XS/}
 CATEGORIES=    textproc perl5
diff -r ef0a98e67647 -r 1c69b77c5c06 textproc/p5-YAML-LibYAML/distinfo
--- a/textproc/p5-YAML-LibYAML/distinfo Mon May 28 10:50:59 2012 +0000
+++ b/textproc/p5-YAML-LibYAML/distinfo Mon May 28 10:58:03 2012 +0000
@@ -1,5 +1,6 @@
-$NetBSD: distinfo,v 1.6 2011/11/16 08:38:26 sno Exp $
+$NetBSD: distinfo,v 1.6.4.1 2012/05/28 10:58:03 tron Exp $
 
-SHA1 (YAML-LibYAML-0.37.tar.gz) = 265a7c00ae79a2229272320114a78f875d8abe1c
-RMD160 (YAML-LibYAML-0.37.tar.gz) = e34f3e088c7dee36d5e89888ac439ac1369f65b6
-Size (YAML-LibYAML-0.37.tar.gz) = 176294 bytes
+SHA1 (YAML-LibYAML-0.38.tar.gz) = d522fac459f07f31d1f239ca7d19ccc2e29cb524
+RMD160 (YAML-LibYAML-0.38.tar.gz) = 3b3ffdc9c7a03f4301a805d61593f3468b505b9f
+Size (YAML-LibYAML-0.38.tar.gz) = 176599 bytes
+SHA1 (patch-LibYAML_perl__libyaml.c) = 6f6ebfb0efd2ac4dbc3950ff808112b7e8d292d0
diff -r ef0a98e67647 -r 1c69b77c5c06 textproc/p5-YAML-LibYAML/patches/patch-LibYAML_perl__libyaml.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/textproc/p5-YAML-LibYAML/patches/patch-LibYAML_perl__libyaml.c    Mon May 28 10:58:03 2012 +0000
@@ -0,0 +1,43 @@
+$NetBSD: patch-LibYAML_perl__libyaml.c,v 1.1.2.2 2012/05/28 10:58:03 tron Exp $
+
+fix for CVS-2012-1152 taken from
+https://rt.cpan.org/Ticket/Attachment/920541/477607/YAML-LibYAML-0.35-format-error.patch
+
+--- LibYAML/perl_libyaml.c.orig        2011-04-03 16:28:08.000000000 +0000
++++ LibYAML/perl_libyaml.c
+@@ -188,7 +188,7 @@ Load(SV *yaml_sv)
+     return;
+ 
+ load_error:
+-    croak(loader_error_msg(&loader, NULL));
++    croak("%s", loader_error_msg(&loader, NULL));
+ }
+ 
+ /*
+@@ -271,7 +271,7 @@ load_node(perl_yaml_loader_t *loader)
+     return return_sv;
+ 
+     load_error:
+-        croak(loader_error_msg(loader, NULL));
++        croak("%s", loader_error_msg(loader, NULL));
+ }
+ 
+ /*
+@@ -314,7 +314,7 @@ load_mapping(perl_yaml_loader_t *loader,
+         else if (strlen(tag) <= strlen(prefix) ||
+             ! strnEQ(tag, prefix, strlen(prefix))
+         ) croak(
+-            loader_error_msg(loader, form("bad tag found for hash: '%s'", tag))
++            "%s", loader_error_msg(loader, form("bad tag found for hash: '%s'", tag))
+         );
+         class = tag + strlen(prefix);
+         sv_bless(hash_ref, gv_stashpv(class, TRUE)); 
+@@ -347,7 +347,7 @@ load_sequence(perl_yaml_loader_t *loader
+         else if (strlen(tag) <= strlen(prefix) ||
+             ! strnEQ(tag, prefix, strlen(prefix))
+         ) croak(
+-            loader_error_msg(loader, form("bad tag found for array: '%s'", tag))
++            "%s", loader_error_msg(loader, form("bad tag found for array: '%s'", tag))
+         );
+         class = tag + strlen(prefix);
+         sv_bless(array_ref, gv_stashpv(class, TRUE));