16242256 linkUpDownNotifications does not work as described in snmpd.conf man page
15819411 SUNBT7201970 There is no "PORTNUMBER" info for "traphandle" in solaris11 snmptra
15754602 SUNBT7111031 snmpd dumping during walk as strs test suite winds down its connect
diff -Naur perl-5.12.4/cpan/Digest/Changes new/cpan/Digest/Changes
--- perl-5.12.4/cpan/Digest/Changes 2011-06-01 00:47:46.000000000 -0700
+++ new/cpan/Digest/Changes 2012-04-09 14:20:51.773966321 -0700
@@ -1,3 +1,24 @@
+2011-10-02 Gisle Aas <[email protected]>
+
+ Release 1.17.
+
+ Gisle Aas (6):
+ Less noisy 'git status' output
+ Merge pull request #1 from schwern/bug/require_eval
+ Don't clobber $@ in Digest->new [RT#50663]
+ More meta info added to Makefile.PL
+ Fix typo in RIPEMD160 [RT#50629]
+ Add schwern's test files
+
+ Michael G. Schwern (5):
+ Turn on strict.
+ Convert tests to use Test::More
+ Untabify
+ Turn Digest::Dummy into a real file which exercises the Digest->new() require logic.
+ Close the eval "require $module" security hole in Digest->new($algorithm)
+
+
+
2009-06-09 Gisle Aas <[email protected]>
Release 1.16.
diff -Naur perl-5.12.4/cpan/Digest/Digest.pm new/cpan/Digest/Digest.pm
--- perl-5.12.4/cpan/Digest/Digest.pm 2011-06-01 00:47:46.000000000 -0700
+++ new/cpan/Digest/Digest.pm 2012-04-09 14:20:51.876396277 -0700
@@ -3,7 +3,7 @@
use strict;
use vars qw($VERSION %MMAP $AUTOLOAD);
-$VERSION = "1.16";
+$VERSION = "1.17";
%MMAP = (
"SHA-1" => [["Digest::SHA", 1], "Digest::SHA1", ["Digest::SHA2", 1]],
@@ -16,7 +16,7 @@
"CRC-16" => [["Digest::CRC", type => "crc16"]],
"CRC-32" => [["Digest::CRC", type => "crc32"]],
"CRC-CCITT" => [["Digest::CRC", type => "crcccitt"]],
- "RIPEMD-160" => "Crypt::PIPEMD160",
+ "RIPEMD-160" => "Crypt::RIPEMD160",
);
sub new
@@ -24,24 +24,27 @@
shift; # class ignored
my $algorithm = shift;
my $impl = $MMAP{$algorithm} || do {
- $algorithm =~ s/\W+//;
- "Digest::$algorithm";
+ $algorithm =~ s/\W+//g;
+ "Digest::$algorithm";
};
$impl = [$impl] unless ref($impl);
+ local $@; # don't clobber it for our caller
my $err;
for (@$impl) {
- my $class = $_;
- my @args;
- ($class, @args) = @$class if ref($class);
- no strict 'refs';
- unless (exists ${"$class\::"}{"VERSION"}) {
- eval "require $class";
- if ($@) {
- $err ||= $@;
- next;
- }
- }
- return $class->new(@args, @_);
+ my $class = $_;
+ my @args;
+ ($class, @args) = @$class if ref($class);
+ no strict 'refs';
+ unless (exists ${"$class\::"}{"VERSION"}) {
+ my $pm_file = $class . ".pm";
+ $pm_file =~ s{::}{/}g;
+ eval { require $pm_file };
+ if ($@) {
+ $err ||= $@;
+ next;
+ }
+ }
+ return $class->new(@args, @_);
}
die $err;
}
diff -Naur perl-5.12.4/cpan/Digest/t/base.t new/cpan/Digest/t/base.t
--- perl-5.12.4/cpan/Digest/t/base.t 2011-06-01 00:47:46.000000000 -0700
+++ new/cpan/Digest/t/base.t 2012-04-09 14:20:51.993284381 -0700
@@ -1,7 +1,6 @@
#!perl -w
-use Test qw(plan ok);
-plan tests => 12;
+use Test::More tests => 12;
{
package LenDigest;
@@ -31,26 +30,26 @@
}
my $ctx = LenDigest->new;
-ok($ctx->digest, "X0000");
+is($ctx->digest, "X0000");
my $EBCDIC = ord('A') == 193;
if ($EBCDIC) {
- ok($ctx->hexdigest, "e7f0f0f0f0");
- ok($ctx->b64digest, "5/Dw8PA");
+ is($ctx->hexdigest, "e7f0f0f0f0");
+ is($ctx->b64digest, "5/Dw8PA");
} else {
- ok($ctx->hexdigest, "5830303030");
- ok($ctx->b64digest, "WDAwMDA");
+ is($ctx->hexdigest, "5830303030");
+ is($ctx->b64digest, "WDAwMDA");
}
$ctx->add("foo");
-ok($ctx->digest, "f0003");
+is($ctx->digest, "f0003");
$ctx->add("foo");
-ok($ctx->hexdigest, $EBCDIC ? "86f0f0f0f3" : "6630303033");
+is($ctx->hexdigest, $EBCDIC ? "86f0f0f0f3" : "6630303033");
$ctx->add("foo");
-ok($ctx->b64digest, $EBCDIC ? "hvDw8PM" : "ZjAwMDM");
+is($ctx->b64digest, $EBCDIC ? "hvDw8PM" : "ZjAwMDM");
open(F, ">xxtest$$") || die;
binmode(F);
@@ -62,23 +61,23 @@
close(F);
unlink("xxtest$$") || warn;
-ok($ctx->digest, "a0301");
+is($ctx->digest, "a0301");
eval {
$ctx->add_bits("1010");
};
-ok($@ =~ /^Number of bits must be multiple of 8/);
+like($@, '/^Number of bits must be multiple of 8/');
$ctx->add_bits($EBCDIC ? "11100100" : "01010101");
-ok($ctx->digest, "U0001");
+is($ctx->digest, "U0001");
eval {
$ctx->add_bits("abc", 12);
};
-ok($@ =~ /^Number of bits must be multiple of 8/);
+like($@, '/^Number of bits must be multiple of 8/');
$ctx->add_bits("abc", 16);
-ok($ctx->digest, "a0002");
+is($ctx->digest, "a0002");
$ctx->add_bits("abc", 32);
-ok($ctx->digest, "a0003");
+is($ctx->digest, "a0003");
diff -Naur perl-5.12.4/cpan/Digest/t/digest.t new/cpan/Digest/t/digest.t
--- perl-5.12.4/cpan/Digest/t/digest.t 2011-06-01 00:47:46.000000000 -0700
+++ new/cpan/Digest/t/digest.t 2012-04-16 14:02:55.704568190 -0700
@@ -1,36 +1,23 @@
-print "1..3\n";
+#!/usr/bin/env perl
-use Digest;
+use strict;
+use Test::More tests => 4;
+
+# To find Digest::Dummy
+use lib 't/lib';
+use lib 'lib';
-{
- package Digest::Dummy;
- use vars qw($VERSION @ISA);
- $VERSION = 1;
-
- require Digest::base;
- @ISA = qw(Digest::base);
-
- sub new {
- my $class = shift;
- my $d = shift || "ooo";
- bless { d => $d }, $class;
- }
- sub add {}
- sub digest { shift->{d} }
-}
+use Digest;
+$@ = "rt#50663";
my $d;
$d = Digest->new("Dummy");
-print "not " unless $d->digest eq "ooo";
-print "ok 1\n";
+is $@, "rt#50663";
+is $d->digest, "ooo";
$d = Digest->Dummy;
-print "not " unless $d->digest eq "ooo";
-print "ok 2\n";
+is $d->digest, "ooo";
$Digest::MMAP{"Dummy-24"} = [["NotThere"], "NotThereEither", ["Digest::Dummy", 24]];
$d = Digest->new("Dummy-24");
-print "not " unless $d->digest eq "24";
-print "ok 3\n";
-
-
+is $d->digest, "24";
diff -Naur perl-5.12.4/cpan/Digest/t/file.t new/cpan/Digest/t/file.t
--- perl-5.12.4/cpan/Digest/t/file.t 2011-06-01 00:47:46.000000000 -0700
+++ new/cpan/Digest/t/file.t 2012-04-09 14:20:52.032053178 -0700
@@ -1,7 +1,6 @@
#!perl -w
-use Test qw(plan ok);
-plan tests => 5;
+use Test::More tests => 5;
{
package Digest::Foo;
@@ -36,17 +35,17 @@
print F "foo\0\n";
close(F) || die "Can't write '$file': $!";
-ok(digest_file($file, "Foo"), "0005");
+is(digest_file($file, "Foo"), "0005");
if (ord('A') == 193) { # EBCDIC.
- ok(digest_file_hex($file, "Foo"), "f0f0f0f5");
- ok(digest_file_base64($file, "Foo"), "8PDw9Q");
+ is(digest_file_hex($file, "Foo"), "f0f0f0f5");
+ is(digest_file_base64($file, "Foo"), "8PDw9Q");
} else {
- ok(digest_file_hex($file, "Foo"), "30303035");
- ok(digest_file_base64($file, "Foo"), "MDAwNQ");
+ is(digest_file_hex($file, "Foo"), "30303035");
+ is(digest_file_base64($file, "Foo"), "MDAwNQ");
}
unlink($file) || warn "Can't unlink '$file': $!";
-ok(eval { digest_file("not-there.txt", "Foo") }, undef);
-ok($@);
+ok !eval { digest_file("not-there.txt", "Foo") };
+ok $@;
diff -Naur perl-5.12.4/cpan/Digest/t/lib/Digest/Dummy.pm new/cpan/Digest/t/lib/Digest/Dummy.pm
--- perl-5.12.4/cpan/Digest/t/lib/Digest/Dummy.pm 1969-12-31 16:00:00.000000000 -0800
+++ new/cpan/Digest/t/lib/Digest/Dummy.pm 2012-04-09 14:20:52.091220603 -0700
@@ -0,0 +1,20 @@
+package Digest::Dummy;
+
+use strict;
+use vars qw($VERSION @ISA);
+$VERSION = 1;
+
+require Digest::base;
+@ISA = qw(Digest::base);
+
+sub new {
+ my $class = shift;
+ my $d = shift || "ooo";
+ bless { d => $d }, $class;
+}
+
+sub add {}
+sub digest { shift->{d} }
+
+1;
+
diff -Naur perl-5.12.4/cpan/Digest/t/security.t new/cpan/Digest/t/security.t
--- perl-5.12.4/cpan/Digest/t/security.t 1969-12-31 16:00:00.000000000 -0800
+++ new/cpan/Digest/t/security.t 2012-04-09 14:20:52.126914007 -0700
@@ -0,0 +1,14 @@
+#!/usr/bin/env perl
+
+# Digest->new() had an exploitable eval
+
+use strict;
+use warnings;
+
+use Test::More tests => 1;
+
+use Digest;
+
+$LOL::PWNED = 0;
+eval { Digest->new(q[MD;5;$LOL::PWNED = 42]) };
+is $LOL::PWNED, 0;
diff -Naur perl-5.12.4/MANIFEST new/MANIFEST
--- perl-5.12.4/MANIFEST 2012-06-13 14:23:21.347805553 -0700
+++ new/MANIFEST 2012-06-13 15:08:46.655737770 -0700
@@ -704,6 +704,8 @@
cpan/Digest/t/base.t See if Digest extensions work
cpan/Digest/t/digest.t See if Digest extensions work
cpan/Digest/t/file.t See if Digest extensions work
+cpan/Digest/t/lib/Digest/Dummy.pm
+cpan/Digest/t/security.t
cpan/Encode/AUTHORS List of authors
cpan/Encode/bin/enc2xs Encode module generator
cpan/Encode/bin/piconv iconv by perl