diff options
author | Chris 'BinGOs' Williams <chris@bingosnet.co.uk> | 2020-11-14 10:00:51 +0000 |
---|---|---|
committer | Chris 'BinGOs' Williams <chris@bingosnet.co.uk> | 2020-11-14 10:00:51 +0000 |
commit | 4c032c4685c1990604f7a27376b28db5d7d204dd (patch) | |
tree | db9099ffb94ae45ca280272e57562f6ee495f0c8 /cpan | |
parent | 7fc0439ba3e5226f493dfd0ae10bd35298e83fff (diff) | |
download | perl-4c032c4685c1990604f7a27376b28db5d7d204dd.tar.gz |
Update File-Fetch to CPAN version 1.00
[DELTA]
1.00 Wed Nov 11 12:49:58 2020
* Fixed the mitigations for CVE-2016-1238
* Mentioned https support in CHANGES file
Diffstat (limited to 'cpan')
-rw-r--r-- | cpan/File-Fetch/lib/File/Fetch.pm | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/cpan/File-Fetch/lib/File/Fetch.pm b/cpan/File-Fetch/lib/File/Fetch.pm index 90c62e96be..76c641d2e7 100644 --- a/cpan/File-Fetch/lib/File/Fetch.pm +++ b/cpan/File-Fetch/lib/File/Fetch.pm @@ -22,7 +22,7 @@ use vars qw[ $VERBOSE $PREFER_BIN $FROM_EMAIL $USER_AGENT $FTP_PASSIVE $TIMEOUT $DEBUG $WARN $FORCEIPV4 ]; -$VERSION = '0.56'; +$VERSION = '1.00'; $VERSION = eval $VERSION; # avoid warnings with development releases $PREFER_BIN = 0; # XXX TODO implement $FROM_EMAIL = 'File-Fetch@example.com'; @@ -52,9 +52,6 @@ local $Params::Check::VERBOSE = 1; local $Module::Load::Conditional::VERBOSE = 0; local $Module::Load::Conditional::VERBOSE = 0; -### Fix CVE-2016-1238 ### -local $Module::Load::Conditional::FORCE_SAFE_INC = 1; - ### see what OS we are on, important for file:// uris ### use constant ON_WIN => ($^O eq 'MSWin32'); use constant ON_VMS => ($^O eq 'VMS'); @@ -576,6 +573,8 @@ sub _lwp_fetch { $use_list->{'LWP::Protocol::https'} = '0'; } + ### Fix CVE-2016-1238 ### + local $Module::Load::Conditional::FORCE_SAFE_INC = 1; unless( can_load( modules => $use_list ) ) { $METHOD_FAIL->{'lwp'} = 1; return; @@ -633,6 +632,8 @@ sub _httptiny_fetch { }; + ### Fix CVE-2016-1238 ### + local $Module::Load::Conditional::FORCE_SAFE_INC = 1; unless( can_load(modules => $use_list) ) { $METHOD_FAIL->{'httptiny'} = 1; return; @@ -672,6 +673,8 @@ sub _httplite_fetch { 'MIME::Base64' => '0', }; + ### Fix CVE-2016-1238 ### + local $Module::Load::Conditional::FORCE_SAFE_INC = 1; unless( can_load(modules => $use_list) ) { $METHOD_FAIL->{'httplite'} = 1; return; @@ -752,6 +755,8 @@ sub _iosock_fetch { 'IO::Select' => '0.0', }; + ### Fix CVE-2016-1238 ### + local $Module::Load::Conditional::FORCE_SAFE_INC = 1; unless( can_load(modules => $use_list) ) { $METHOD_FAIL->{'iosock'} = 1; return; @@ -835,6 +840,8 @@ sub _netftp_fetch { ### required modules ### my $use_list = { 'Net::FTP' => 0 }; + ### Fix CVE-2016-1238 ### + local $Module::Load::Conditional::FORCE_SAFE_INC = 1; unless( can_load( modules => $use_list ) ) { $METHOD_FAIL->{'netftp'} = 1; return; |