r65633 - in /branches/squeeze/libio-socket-ssl-perl: SSL.pm debian/README.source debian/changelog debian/control debian/patches/ debian/rules
carnil at users.alioth.debian.org
carnil at users.alioth.debian.org
Thu Dec 9 10:15:39 UTC 2010
Author: carnil
Date: Thu Dec 9 10:15:26 2010
New Revision: 65633
URL: http://svn.debian.org/wsvn/pkg-perl/?sc=1&rev=65633
Log:
patch SSL.pm directly
Removed:
branches/squeeze/libio-socket-ssl-perl/debian/README.source
branches/squeeze/libio-socket-ssl-perl/debian/patches/
Modified:
branches/squeeze/libio-socket-ssl-perl/SSL.pm
branches/squeeze/libio-socket-ssl-perl/debian/changelog
branches/squeeze/libio-socket-ssl-perl/debian/control
branches/squeeze/libio-socket-ssl-perl/debian/rules
Modified: branches/squeeze/libio-socket-ssl-perl/SSL.pm
URL: http://svn.debian.org/wsvn/pkg-perl/branches/squeeze/libio-socket-ssl-perl/SSL.pm?rev=65633&op=diff
==============================================================================
--- branches/squeeze/libio-socket-ssl-perl/SSL.pm (original)
+++ branches/squeeze/libio-socket-ssl-perl/SSL.pm Thu Dec 9 10:15:26 2010
@@ -1370,12 +1370,7 @@
if ( $verify_mode != Net::SSLeay::VERIFY_NONE() and
! Net::SSLeay::CTX_load_verify_locations(
$ctx, $arg_hash->{SSL_ca_file} || '',$arg_hash->{SSL_ca_path} || '') ) {
- if ( ! $arg_hash->{SSL_ca_file} && ! $arg_hash->{SSL_ca_path} ) {
- carp("No certificate verification because neither SSL_ca_file nor SSL_ca_path known");
- $verify_mode = Net::SSLeay::VERIFY_NONE();
- } else {
- return IO::Socket::SSL->error("Invalid certificate authority locations");
- }
+ return IO::Socket::SSL->error("Invalid certificate authority locations");
}
if ($arg_hash->{'SSL_check_crl'}) {
Modified: branches/squeeze/libio-socket-ssl-perl/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-perl/branches/squeeze/libio-socket-ssl-perl/debian/changelog?rev=65633&op=diff
==============================================================================
--- branches/squeeze/libio-socket-ssl-perl/debian/changelog (original)
+++ branches/squeeze/libio-socket-ssl-perl/debian/changelog Thu Dec 9 10:15:26 2010
@@ -1,13 +1,8 @@
libio-socket-ssl-perl (1.33-1+squeeze1) testing-proposed-updates; urgency=low
* Change my email address.
- * Add CVE-2010-4334.patch patch to fix that IO::Socket::SSL verify peer mode
- is ignored if no cert is supplied. This is CVE-2010-4334.
- (Closes: #606058).
- * debian/control: Bump debhelper versioned Build-Depends to (>= 7.0.8) and
- add quilt (>= 0.46-7).
- * debian/rules: Add quilt framework.
- * Add debian/README.source
+ * Patch SSL.pm to fix that IO::Socket::SSL verify peer mode is ignored
+ if no cert is supplied. This is CVE-2010-4334. (Closes: #606058).
-- Salvatore Bonaccorso <carnil at debian.org> Thu, 09 Dec 2010 10:56:23 +0100
@@ -313,4 +308,3 @@
* Initial Release.
-- Davide Puricelli (evo) <apurice at tin.it> Mon, 7 Aug 2000 18:46:27 +0200
-
Modified: branches/squeeze/libio-socket-ssl-perl/debian/control
URL: http://svn.debian.org/wsvn/pkg-perl/branches/squeeze/libio-socket-ssl-perl/debian/control?rev=65633&op=diff
==============================================================================
--- branches/squeeze/libio-socket-ssl-perl/debian/control (original)
+++ branches/squeeze/libio-socket-ssl-perl/debian/control Thu Dec 9 10:15:26 2010
@@ -7,7 +7,7 @@
Antonio Radici <antonio at dyne.org>,
Salvatore Bonaccorso <carnil at debian.org>,
Angel Abad <angelabad at gmail.com>
-Build-Depends: debhelper (>= 7.0.8), quilt (>= 0.46-7)
+Build-Depends: debhelper (>= 7)
Build-Depends-Indep: libio-socket-inet6-perl, libnet-libidn-perl,
libnet-ssleay-perl (>= 1.35), netbase, perl
Standards-Version: 3.8.4
Modified: branches/squeeze/libio-socket-ssl-perl/debian/rules
URL: http://svn.debian.org/wsvn/pkg-perl/branches/squeeze/libio-socket-ssl-perl/debian/rules?rev=65633&op=diff
==============================================================================
--- branches/squeeze/libio-socket-ssl-perl/debian/rules (original)
+++ branches/squeeze/libio-socket-ssl-perl/debian/rules Thu Dec 9 10:15:26 2010
@@ -1,4 +1,4 @@
#!/usr/bin/make -f
%:
- dh $@ --with quilt
+ dh $@
More information about the Pkg-perl-cvs-commits
mailing list