Hello community,
here is the log from the commit of package perl-HTTP-Tiny for openSUSE:Factory checked in at 2013-12-02 07:26:21
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/perl-HTTP-Tiny (Old)
and /work/SRC/openSUSE:Factory/.perl-HTTP-Tiny.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "perl-HTTP-Tiny"
Changes:
--------
--- /work/SRC/openSUSE:Factory/perl-HTTP-Tiny/perl-HTTP-Tiny.changes 2013-11-26 19:25:34.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.perl-HTTP-Tiny.new/perl-HTTP-Tiny.changes 2013-12-02 07:26:22.000000000 +0100
@@ -1,0 +2,8 @@
+Fri Nov 29 11:08:21 UTC 2013 - coolo@suse.com
+
+- updated to 0.039
+ [FIXED]
+ - Temporary file creating during mirror() is now opened with O_EXCL
+ for added security
+
+-------------------------------------------------------------------
Old:
----
HTTP-Tiny-0.038.tar.gz
New:
----
HTTP-Tiny-0.039.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ perl-HTTP-Tiny.spec ++++++
--- /var/tmp/diff_new_pack.qypD56/_old 2013-12-02 07:26:22.000000000 +0100
+++ /var/tmp/diff_new_pack.qypD56/_new 2013-12-02 07:26:22.000000000 +0100
@@ -17,7 +17,7 @@
Name: perl-HTTP-Tiny
-Version: 0.038
+Version: 0.039
Release: 0
%define cpan_name HTTP-Tiny
Summary: A small, simple, correct HTTP/1.1 client
++++++ HTTP-Tiny-0.038.tar.gz -> HTTP-Tiny-0.039.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/HTTP-Tiny-0.038/Changes new/HTTP-Tiny-0.039/Changes
--- old/HTTP-Tiny-0.038/Changes 2013-11-18 18:56:36.000000000 +0100
+++ new/HTTP-Tiny-0.039/Changes 2013-11-28 01:48:39.000000000 +0100
@@ -1,5 +1,12 @@
Release notes for HTTP-Tiny
+0.039 2013-11-27 19:48:29 America/New_York
+
+ [FIXED]
+
+ - Temporary file creating during mirror() is now opened with O_EXCL
+ for added security
+
0.038 2013-11-18 12:56:26 America/New_York
[FIXED]
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/HTTP-Tiny-0.038/META.json new/HTTP-Tiny-0.039/META.json
--- old/HTTP-Tiny-0.038/META.json 2013-11-18 18:56:36.000000000 +0100
+++ new/HTTP-Tiny-0.039/META.json 2013-11-28 01:48:39.000000000 +0100
@@ -57,6 +57,7 @@
},
"requires" : {
"Carp" : "0",
+ "Fcntl" : "0",
"IO::Socket" : "0",
"MIME::Base64" : "0",
"Time::Local" : "0",
@@ -95,7 +96,7 @@
"provides" : {
"HTTP::Tiny" : {
"file" : "lib/HTTP/Tiny.pm",
- "version" : "0.038"
+ "version" : "0.039"
}
},
"release_status" : "stable",
@@ -110,7 +111,7 @@
"web" : "https://github.com/chansen/p5-http-tiny"
}
},
- "version" : "0.038",
+ "version" : "0.039",
"x_authority" : "cpan:DAGOLDEN",
"x_contributors" : [
"Alan Gardner ",
@@ -126,6 +127,7 @@
"Lukas Eklund ",
"Martin-Louis Bright ",
"Mike Doherty ",
+ "Petr P\u00edsa\u0159 ",
"Serguei Trouchelle ",
"Syohei YOSHIDA ",
"Tony Cook "
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/HTTP-Tiny-0.038/META.yml new/HTTP-Tiny-0.039/META.yml
--- old/HTTP-Tiny-0.038/META.yml 2013-11-18 18:56:36.000000000 +0100
+++ new/HTTP-Tiny-0.039/META.yml 2013-11-28 01:48:39.000000000 +0100
@@ -38,7 +38,7 @@
provides:
HTTP::Tiny:
file: lib/HTTP/Tiny.pm
- version: 0.038
+ version: 0.039
recommends:
HTTP::CookieJar: 0.001
IO::Socket::SSL: 1.42
@@ -46,6 +46,7 @@
Net::SSLeay: 1.49
requires:
Carp: 0
+ Fcntl: 0
IO::Socket: 0
MIME::Base64: 0
Time::Local: 0
@@ -57,7 +58,7 @@
bugtracker: https://github.com/chansen/p5-http-tiny/issues
homepage: https://github.com/chansen/p5-http-tiny
repository: https://github.com/chansen/p5-http-tiny.git
-version: 0.038
+version: 0.039
x_authority: cpan:DAGOLDEN
x_contributors:
- 'Alan Gardner '
@@ -73,6 +74,7 @@
- 'Lukas Eklund '
- 'Martin-Louis Bright '
- 'Mike Doherty '
+ - 'Petr Písař '
- 'Serguei Trouchelle '
- 'Syohei YOSHIDA '
- 'Tony Cook '
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/HTTP-Tiny-0.038/Makefile.PL new/HTTP-Tiny-0.039/Makefile.PL
--- old/HTTP-Tiny-0.038/Makefile.PL 2013-11-18 18:56:36.000000000 +0100
+++ new/HTTP-Tiny-0.039/Makefile.PL 2013-11-28 01:48:39.000000000 +0100
@@ -21,6 +21,7 @@
"NAME" => "HTTP::Tiny",
"PREREQ_PM" => {
"Carp" => 0,
+ "Fcntl" => 0,
"IO::Socket" => 0,
"MIME::Base64" => 0,
"Time::Local" => 0,
@@ -44,7 +45,7 @@
"Test::More" => "0.96",
"open" => 0
},
- "VERSION" => "0.038",
+ "VERSION" => "0.039",
"test" => {
"TESTS" => "t/*.t"
}
@@ -56,6 +57,7 @@
"Data::Dumper" => 0,
"Exporter" => 0,
"ExtUtils::MakeMaker" => 0,
+ "Fcntl" => 0,
"File::Basename" => 0,
"File::Spec" => 0,
"File::Spec::Functions" => 0,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/HTTP-Tiny-0.038/README new/HTTP-Tiny-0.039/README
--- old/HTTP-Tiny-0.038/README 2013-11-18 18:56:36.000000000 +0100
+++ new/HTTP-Tiny-0.039/README 2013-11-28 01:48:39.000000000 +0100
@@ -2,7 +2,7 @@
HTTP::Tiny - A small, simple, correct HTTP/1.1 client
VERSION
- version 0.038
+ version 0.039
SYNOPSIS
use HTTP::Tiny;
@@ -442,6 +442,8 @@
* Mike Doherty
+ * Petr Písař
+
* Serguei Trouchelle
* Syohei YOSHIDA
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/HTTP-Tiny-0.038/cpanfile new/HTTP-Tiny-0.039/cpanfile
--- old/HTTP-Tiny-0.038/cpanfile 2013-11-18 18:56:36.000000000 +0100
+++ new/HTTP-Tiny-0.039/cpanfile 2013-11-28 01:48:39.000000000 +0100
@@ -1,4 +1,5 @@
requires "Carp" => "0";
+requires "Fcntl" => "0";
requires "IO::Socket" => "0";
requires "MIME::Base64" => "0";
requires "Time::Local" => "0";
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/HTTP-Tiny-0.038/lib/HTTP/Tiny.pm new/HTTP-Tiny-0.039/lib/HTTP/Tiny.pm
--- old/HTTP-Tiny-0.038/lib/HTTP/Tiny.pm 2013-11-18 18:56:36.000000000 +0100
+++ new/HTTP-Tiny-0.039/lib/HTTP/Tiny.pm 2013-11-28 01:48:39.000000000 +0100
@@ -3,7 +3,7 @@
use strict;
use warnings;
# ABSTRACT: A small, simple, correct HTTP/1.1 client
-our $VERSION = '0.038'; # VERSION
+our $VERSION = '0.039'; # VERSION
use Carp ();
@@ -113,13 +113,16 @@
$args->{headers}{'if-modified-since'} ||= $self->_http_date($mtime);
}
my $tempfile = $file . int(rand(2**31));
- open my $fh, ">", $tempfile
- or Carp::croak(qq/Error: Could not open temporary file $tempfile for downloading: $!\n/);
+
+ require Fcntl;
+ sysopen my $fh, $tempfile, Fcntl::O_CREAT()|Fcntl::O_EXCL()|Fcntl::O_WRONLY()
+ or Carp::croak(qq/Error: Could not create temporary file $tempfile for downloading: $!\n/);
binmode $fh;
$args->{data_callback} = sub { print {$fh} $_[0] };
my $response = $self->request('GET', $url, $args);
close $fh
- or Carp::croak(qq/Error: Could not close temporary file $tempfile: $!\n/);
+ or Carp::croak(qq/Error: Caught error closing temporary file $tempfile: $!\n/);
+
if ( $response->{success} ) {
rename $tempfile, $file
or Carp::croak(qq/Error replacing $file with $tempfile: $!\n/);
@@ -1010,7 +1013,7 @@
=head1 VERSION
-version 0.038
+version 0.039
=head1 SYNOPSIS
@@ -1609,6 +1612,10 @@
=item *
+Petr Písař
+
+=item *
+
Serguei Trouchelle
=item *
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/HTTP-Tiny-0.038/t/00-report-prereqs.t new/HTTP-Tiny-0.039/t/00-report-prereqs.t
--- old/HTTP-Tiny-0.038/t/00-report-prereqs.t 2013-11-18 18:56:36.000000000 +0100
+++ new/HTTP-Tiny-0.039/t/00-report-prereqs.t 2013-11-28 01:48:39.000000000 +0100
@@ -18,6 +18,7 @@
Data::Dumper
Exporter
ExtUtils::MakeMaker
+ Fcntl
File::Basename
File::Spec
File::Spec::Functions
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/HTTP-Tiny-0.038/xt/author/pod-spell.t new/HTTP-Tiny-0.039/xt/author/pod-spell.t
--- old/HTTP-Tiny-0.038/xt/author/pod-spell.t 2013-11-18 18:56:36.000000000 +0100
+++ new/HTTP-Tiny-0.039/xt/author/pod-spell.t 2013-11-28 01:48:39.000000000 +0100
@@ -55,6 +55,9 @@
Mike
Doherty
doherty
+Petr
+Písař
+ppisar
Serguei
Trouchelle
stro
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org