[pkgsrc/trunk]: pkgsrc/devel/p5-Proc-Daemon Fix CVE-2013-7135 (patch is from ...

[wen <wen%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/730a0b04315a
branches:  trunk
changeset: 627916:730a0b04315a
user:      wen <wen%pkgsrc.org@localhost>
date:      Fri Dec 20 15:43:51 2013 +0000

description:
Fix CVE-2013-7135 (patch is from Debian)
Add LICENSE
Add missing BUILD_DEPENDS for test

Approved by:    wiz@

diffstat:

 devel/p5-Proc-Daemon/Makefile                         |   7 ++++-
 devel/p5-Proc-Daemon/distinfo                         |   3 +-
 devel/p5-Proc-Daemon/patches/patch-lib_Proc_Daemon.pm |  20 +++++++++++++++++++
 3 files changed, 27 insertions(+), 3 deletions(-)

diffs (60 lines):

diff -r 17c6b5a1734f -r 730a0b04315a devel/p5-Proc-Daemon/Makefile
--- a/devel/p5-Proc-Daemon/Makefile     Fri Dec 20 15:35:50 2013 +0000
+++ b/devel/p5-Proc-Daemon/Makefile     Fri Dec 20 15:43:51 2013 +0000
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.19 2013/05/31 12:40:40 wiz Exp $
+# $NetBSD: Makefile,v 1.20 2013/12/20 15:43:51 wen Exp $
 #
 
 DISTNAME=      Proc-Daemon-0.14
 PKGNAME=       p5-${DISTNAME}
-PKGREVISION=   3
+PKGREVISION=   4
 SVR4_PKGNAME=  p5prd
 CATEGORIES=    devel perl5
 MASTER_SITES=  ${MASTER_SITE_PERL_CPAN:=Proc/}
@@ -11,6 +11,9 @@
 MAINTAINER=    pkgsrc-users%NetBSD.org@localhost
 HOMEPAGE=      http://www.mhonarc.org/~ehood/earlsperls.html
 COMMENT=       Provide capability for a Perl program to run as a daemon
+LICENSE=       ${PERL5_LICENSE}
+
+BUILD_DEPENDS= p5-Proc-ProcessTable>=0:../../devel/p5-Proc-ProcessTable
 
 PKG_INSTALLATION_TYPES=        overwrite pkgviews
 
diff -r 17c6b5a1734f -r 730a0b04315a devel/p5-Proc-Daemon/distinfo
--- a/devel/p5-Proc-Daemon/distinfo     Fri Dec 20 15:35:50 2013 +0000
+++ b/devel/p5-Proc-Daemon/distinfo     Fri Dec 20 15:43:51 2013 +0000
@@ -1,5 +1,6 @@
-$NetBSD: distinfo,v 1.4 2011/07/29 15:21:11 bouyer Exp $
+$NetBSD: distinfo,v 1.5 2013/12/20 15:43:51 wen Exp $
 
 SHA1 (Proc-Daemon-0.14.tar.gz) = 5cc5be86ede2152c93ec104aec2e430783fd5756
 RMD160 (Proc-Daemon-0.14.tar.gz) = 30d869c0c49c2b1b74fdf802bbc47b930e84c685
 Size (Proc-Daemon-0.14.tar.gz) = 14464 bytes
+SHA1 (patch-lib_Proc_Daemon.pm) = b3cbf695e9ab4359e50d56ecd9e9b809131b5d0b
diff -r 17c6b5a1734f -r 730a0b04315a devel/p5-Proc-Daemon/patches/patch-lib_Proc_Daemon.pm
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/devel/p5-Proc-Daemon/patches/patch-lib_Proc_Daemon.pm     Fri Dec 20 15:43:51 2013 +0000
@@ -0,0 +1,20 @@
+$NetBSD: patch-lib_Proc_Daemon.pm,v 1.1 2013/12/20 15:43:51 wen Exp $
+Fix CVE-2013-7135.
+--- lib/Proc/Daemon.pm.orig    2013-12-20 23:35:20.000000000 +0000
++++ lib/Proc/Daemon.pm
+@@ -152,7 +152,7 @@ sub Init {
+             die "Can't <chdir> to $self->{work_dir}: $!" unless chdir $self->{work_dir};
+ 
+             # Clear the file creation mask.
+-            umask 0;
++            umask 066;
+ 
+             # Detach the child from the terminal (no controlling tty), make it the
+             # session-leader and the process-group-leader of a new process group.
+@@ -633,4 +633,4 @@ sub get_pid_by_proc_table_attr {
+     return $pid;
+ }
+ 
+-1;
+\ No newline at end of file
++1;