main/perl: security upgrade to 5.12.5 (CVE-2012-5195)

fixes #1558

main/perl: security upgrade to 5.12.5 (CVE-2012-5195)
35e0f300 · Natanael Copa · 8c814a95 · 35e0f300 · 8c814a95
Commit 35e0f300 authored 12 years ago by Natanael Copa
--- a/main/perl/APKBUILD
+++ b/main/perl/APKBUILD
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 # Contributor: Leonardo Arena <rnalrd@gmail.com>
 pkgname=perl
-pkgver=5.12.4
+pkgver=5.12.5
 pkgrel=0
 pkgdesc="Larry Wall's Practical Extraction and Report Language"
 url=http://www.perl.org
 license="Artistic GPL-2"
 source="http://www.perl.com/CPAN/src/perl-${pkgver}.tar.gz
-	CVE-2011-2939.patch
 	CVE-2011-3597.patch
 	"

@@ -71,6 +70,5 @@ miniperl() {
 	cp "$srcdir/perl-$pkgver"/miniperl "$subpkgdir/usr/bin"
 }

-md5sums="fd22aba88e4e27ab879f142eec6452a0  perl-5.12.4.tar.gz
-c0674ead60e89c20e2c8d9bbc2d7683a  CVE-2011-2939.patch
+md5sums="3a647533aaa060a79aa0b9fa17198576  perl-5.12.5.tar.gz
 0212067da7d533fe3939c0984cad4243  CVE-2011-3597.patch"
--- a/main/perl/CVE-2011-2939.patch
+++ b/main/perl/CVE-2011-2939.patch
-diff --git a/cpan/Encode/Unicode/Unicode.xs b/cpan/Encode/Unicode/Unicode.xs
-index 16f4cd1..039f155 100644
--- a/cpan/Encode/Unicode/Unicode.xs
-+++ b/cpan/Encode/Unicode/Unicode.xs
-@@ -256,7 +256,10 @@ CODE:
- 	       This prevents allocating too much in the rogue case of a large
- 	       input consisting initially of long sequence uft8-byte unicode
- 	       chars followed by single utf8-byte chars. */
-	    STRLEN remaining = (e - s)/usize;
-+            /* +1 
-+               fixes  Unicode.xs!decode_xs n-byte heap-overflow
-+              */
-+	    STRLEN remaining = (e - s)/usize + 1; /* +1 to avoid the leak */
- 	    STRLEN max_alloc = remaining + (8*1024*1024);
- 	    STRLEN est_alloc = remaining * UTF8_MAXLEN;
- 	    STRLEN newlen = SvLEN(result) + /* min(max_alloc, est_alloc) */