87994ee345
Includes a fix for CVE 2011-4114. Upstream changes: [Changes for 1.005 - Dec 2, 2011] - run all tests using a nonce PAR_TMPDIR (otherwise CPAN Testers goes crazy as top level /tmp/par-USER directories (or similar) from previous tests may now be considered "unsafe") [Changes for 1.004 - Nov 30, 2011] - back out r1241: it causes errors in PAR::Packer's test suite - change "unsafe directory" error message to match the wording used by PAR::Packer - remove "debian" sub directory: it isn't released to CPAN and Debian will supply its own anyway - remove some cruft from MANIFEST.SKIP [Changes for 1.003 - Nov 28, 2011] - RT #69560/CVE-2011-4114: PAR packed files are extracted to unsafe and predictable temporary directories (Note: this bug was originally reported against PAR::Packer, but it applies to PAR as well) - create parent of cache directory (i.e. /tmp/par-USER) with mode 0700 - if it already exists, make sure that (and bail out if not) - it's not a symlink - it's mode 0700 - it's owned by USER - Fix a problem packing XML::LibXSLT on Windows (see the thread starting with http://www.nntp.perl.org/group/perl.par/2011/02/msg4919.html) - Die (with a hopefully useful message) if any error is encountered during an Archive::Zip extract operation
5 lines
229 B
Text
5 lines
229 B
Text
$NetBSD: distinfo,v 1.7 2011/12/04 20:52:25 gls Exp $
|
|
|
|
SHA1 (PAR-1.005.tar.gz) = 2d9c1ff3a243607374e3f9f1fb61c3d1bb4d8dc1
|
|
RMD160 (PAR-1.005.tar.gz) = 4dd6ae986d65d64ad5740fe75e5e030d1811faca
|
|
Size (PAR-1.005.tar.gz) = 88293 bytes
|