r65633 - in /branches/squeeze/libio-socket-ssl-perl: SSL.pm debian/README.source debian/changelog debian/control debian/patches/ debian/rules

carnil at users.alioth.debian.org carnil at users.alioth.debian.org
Thu Dec 9 10:15:39 UTC 2010 

Author: carnil
Date: Thu Dec  9 10:15:26 2010
New Revision: 65633

URL: http://svn.debian.org/wsvn/pkg-perl/?sc=1&rev=65633
Log:
patch SSL.pm directly

Removed:
    branches/squeeze/libio-socket-ssl-perl/debian/README.source
    branches/squeeze/libio-socket-ssl-perl/debian/patches/
Modified:
    branches/squeeze/libio-socket-ssl-perl/SSL.pm
    branches/squeeze/libio-socket-ssl-perl/debian/changelog
    branches/squeeze/libio-socket-ssl-perl/debian/control
    branches/squeeze/libio-socket-ssl-perl/debian/rules

Modified: branches/squeeze/libio-socket-ssl-perl/SSL.pm
URL: http://svn.debian.org/wsvn/pkg-perl/branches/squeeze/libio-socket-ssl-perl/SSL.pm?rev=65633&op=diff
==============================================================================
--- branches/squeeze/libio-socket-ssl-perl/SSL.pm (original)
+++ branches/squeeze/libio-socket-ssl-perl/SSL.pm Thu Dec  9 10:15:26 2010
@@ -1370,12 +1370,7 @@
 	if ( $verify_mode != Net::SSLeay::VERIFY_NONE() and 
 		! Net::SSLeay::CTX_load_verify_locations( 
 			$ctx, $arg_hash->{SSL_ca_file} || '',$arg_hash->{SSL_ca_path} || '') ) {
-		if ( ! $arg_hash->{SSL_ca_file} && ! $arg_hash->{SSL_ca_path} ) {
-			carp("No certificate verification because neither SSL_ca_file nor SSL_ca_path known");
-			$verify_mode = Net::SSLeay::VERIFY_NONE();
-		} else {
-			return IO::Socket::SSL->error("Invalid certificate authority locations");
-		}
+		return IO::Socket::SSL->error("Invalid certificate authority locations");
 	}
 
 	if ($arg_hash->{'SSL_check_crl'}) {

Modified: branches/squeeze/libio-socket-ssl-perl/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-perl/branches/squeeze/libio-socket-ssl-perl/debian/changelog?rev=65633&op=diff
==============================================================================
--- branches/squeeze/libio-socket-ssl-perl/debian/changelog (original)
+++ branches/squeeze/libio-socket-ssl-perl/debian/changelog Thu Dec  9 10:15:26 2010
@@ -1,13 +1,8 @@
 libio-socket-ssl-perl (1.33-1+squeeze1) testing-proposed-updates; urgency=low
 
   * Change my email address.
-  * Add CVE-2010-4334.patch patch to fix that IO::Socket::SSL verify peer mode
-    is ignored if no cert is supplied. This is CVE-2010-4334.
-    (Closes: #606058).
-  * debian/control: Bump debhelper versioned Build-Depends to (>= 7.0.8) and
-    add quilt (>= 0.46-7).
-  * debian/rules: Add quilt framework.
-  * Add debian/README.source 
+  * Patch SSL.pm to fix that IO::Socket::SSL verify peer mode is ignored
+    if no cert is supplied. This is CVE-2010-4334. (Closes: #606058).
 
  -- Salvatore Bonaccorso <carnil at debian.org>  Thu, 09 Dec 2010 10:56:23 +0100
 
@@ -313,4 +308,3 @@
   * Initial Release.
 
  -- Davide Puricelli (evo) <apurice at tin.it>  Mon,  7 Aug 2000 18:46:27 +0200
-

Modified: branches/squeeze/libio-socket-ssl-perl/debian/control
URL: http://svn.debian.org/wsvn/pkg-perl/branches/squeeze/libio-socket-ssl-perl/debian/control?rev=65633&op=diff
==============================================================================
--- branches/squeeze/libio-socket-ssl-perl/debian/control (original)
+++ branches/squeeze/libio-socket-ssl-perl/debian/control Thu Dec  9 10:15:26 2010
@@ -7,7 +7,7 @@
  Antonio Radici <antonio at dyne.org>,
  Salvatore Bonaccorso <carnil at debian.org>,
  Angel Abad <angelabad at gmail.com>
-Build-Depends: debhelper (>= 7.0.8), quilt (>= 0.46-7)
+Build-Depends: debhelper (>= 7)
 Build-Depends-Indep: libio-socket-inet6-perl, libnet-libidn-perl,
  libnet-ssleay-perl (>= 1.35), netbase, perl
 Standards-Version: 3.8.4

Modified: branches/squeeze/libio-socket-ssl-perl/debian/rules
URL: http://svn.debian.org/wsvn/pkg-perl/branches/squeeze/libio-socket-ssl-perl/debian/rules?rev=65633&op=diff
==============================================================================
--- branches/squeeze/libio-socket-ssl-perl/debian/rules (original)
+++ branches/squeeze/libio-socket-ssl-perl/debian/rules Thu Dec  9 10:15:26 2010
@@ -1,4 +1,4 @@
 #!/usr/bin/make -f
 
 %:
-	dh $@ --with quilt
+	dh $@

More information about the Pkg-perl-cvs-commits mailing list