Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 11 Aug 2016 13:32:05 +0000 (UTC)
From:      Mathieu Arnold <mat@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   svn commit: r420067 - in head/lang: perl5.18 perl5.18/files perl5.20 perl5.20/files perl5.22 perl5.22/files perl5.24 perl5.24/files
Message-ID:  <201608111332.u7BDW5pH011147@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: mat
Date: Thu Aug 11 13:32:05 2016
New Revision: 420067
URL: https://svnweb.freebsd.org/changeset/ports/420067

Log:
  Update lang/perl5.* to fix CVE-2016-1238.
  
  We're exceptionnaly using the latest release candidates for this, Perl
  5.22.3 and 5.24.1 were about to be released when CVE-2016-1238 hit the
  fan, so we feel confident that EVERYTHING WILL BE FINE.
  
  - lang/perl5.24 goes to 5.24.1-RC2.
  - lang/perl5.22 goes to 5.22.3-RC2.
  - lang/perl5.20 goes to 5.20.3_14.
  - lang/perl5.18 goes to 5.18.3_23
  
  PR:		211561
  Reported by:	Sevan Janiyan
  MFH:		2016Q3
  Security:	CVE-2016-1238
  Sponsored by:	Absolight

Added:
  head/lang/perl5.18/files/patch-CVE-2016-1238   (contents, props changed)
  head/lang/perl5.20/files/patch-CVE-2016-1238   (contents, props changed)
Modified:
  head/lang/perl5.18/Makefile   (contents, props changed)
  head/lang/perl5.20/Makefile   (contents, props changed)
  head/lang/perl5.22/Makefile   (contents, props changed)
  head/lang/perl5.22/distinfo   (contents, props changed)
  head/lang/perl5.22/files/patch-cpan_Pod-Perldoc_lib_Pod_Perldoc.pm   (contents, props changed)
  head/lang/perl5.22/files/patch-t_porting_customized.dat   (contents, props changed)
  head/lang/perl5.22/pkg-plist   (contents, props changed)
  head/lang/perl5.22/version.mk
  head/lang/perl5.24/Makefile   (contents, props changed)
  head/lang/perl5.24/distinfo   (contents, props changed)
  head/lang/perl5.24/files/patch-cpan_Pod-Perldoc_lib_Pod_Perldoc.pm   (contents, props changed)
  head/lang/perl5.24/files/patch-t_porting_customized.dat   (contents, props changed)
  head/lang/perl5.24/pkg-plist   (contents, props changed)
  head/lang/perl5.24/version.mk

Modified: head/lang/perl5.18/Makefile
==============================================================================
--- head/lang/perl5.18/Makefile	Thu Aug 11 13:05:58 2016	(r420066)
+++ head/lang/perl5.18/Makefile	Thu Aug 11 13:32:05 2016	(r420067)
@@ -3,7 +3,7 @@
 
 PORTNAME=	perl
 PORTVERSION=	${PERL_VERSION}
-PORTREVISION=	22
+PORTREVISION=	23
 CATEGORIES=	lang devel perl5
 MASTER_SITES=	CPAN/../../src/5.0
 DIST_SUBDIR=	perl

Added: head/lang/perl5.18/files/patch-CVE-2016-1238
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/lang/perl5.18/files/patch-CVE-2016-1238	Thu Aug 11 13:32:05 2016	(r420067)
@@ -0,0 +1,706 @@
+--- cpan/Archive-Tar/bin/ptar
++++ cpan/Archive-Tar/bin/ptar
+@@ -1,6 +1,7 @@
+ #!/usr/bin/perl
+ use strict;
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
+ use File::Find;
+ use Getopt::Std;
+ use Archive::Tar;
+--- cpan/Archive-Tar/bin/ptardiff
++++ cpan/Archive-Tar/bin/ptardiff
+@@ -1,5 +1,6 @@
+ #!/usr/bin/perl
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
+ use strict;
+ use Archive::Tar;
+ use Getopt::Std;
+--- cpan/Archive-Tar/bin/ptargrep
++++ cpan/Archive-Tar/bin/ptargrep
+@@ -4,6 +4,7 @@
+ # archive.  See 'ptargrep --help' for more documentation.
+ #
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
+ use strict;
+ use warnings;
+ 
+--- cpan/CPAN/scripts/cpan
++++ cpan/CPAN/scripts/cpan
+@@ -1,5 +1,6 @@
+ #!/usr/local/bin/perl
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
+ use strict;
+ use vars qw($VERSION);
+ 
+--- cpan/Digest-SHA/shasum
++++ cpan/Digest-SHA/shasum
+@@ -13,6 +13,7 @@
+ 	## "-0" option for reading bit strings, and
+ 	## "-p" option for portable digests (to be deprecated).
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
+ use strict;
+ use warnings;
+ use Fcntl;
+--- cpan/Encode/bin/enc2xs
++++ cpan/Encode/bin/enc2xs
+@@ -4,6 +4,7 @@ BEGIN {
+     # with $ENV{PERL_CORE} set
+     # In case we need it in future...
+     require Config; import Config;
++    pop @INC if $INC[-1] eq '.';
+ }
+ use strict;
+ use warnings;
+--- cpan/Encode/bin/piconv
++++ cpan/Encode/bin/piconv
+@@ -1,6 +1,7 @@
+ #!./perl
+ # $Id: piconv,v 2.7 2014/05/31 09:48:48 dankogai Exp $
+ #
++BEGIN { pop @INC if $INC[-1] eq '.' }
+ use 5.8.0;
+ use strict;
+ use Encode ;
+--- cpan/Encode/bin/ucmlint
++++ cpan/Encode/bin/ucmlint
+@@ -3,6 +3,7 @@
+ # $Id: ucmlint,v 2.2 2008/03/12 09:51:11 dankogai Exp $
+ #
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
+ use strict;
+ our  $VERSION = do { my @r = (q$Revision: 2.2 $ =~ /\d+/g); sprintf "%d."."%02d" x $#r, @r };
+ 
+--- cpan/Encode/bin/unidump
++++ cpan/Encode/bin/unidump
+@@ -1,5 +1,6 @@
+ #!./perl
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
+ use strict;
+ use Encode;
+ use Getopt::Std;
+--- cpan/ExtUtils-MakeMaker/bin/instmodsh
++++ cpan/ExtUtils-MakeMaker/bin/instmodsh
+@@ -1,5 +1,6 @@
+ #!/usr/bin/perl -w
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
+ use strict;
+ use IO::File;
+ use ExtUtils::Packlist;
+--- cpan/IO-Compress/bin/zipdetails
++++ cpan/IO-Compress/bin/zipdetails
+@@ -5,6 +5,7 @@
+ # Display info on the contents of a Zip file
+ #
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
+ use strict;
+ use warnings ;
+ 
+--- cpan/JSON-PP/bin/json_pp
++++ cpan/JSON-PP/bin/json_pp
+@@ -1,5 +1,6 @@
+ #!/usr/bin/perl
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
+ use strict;
+ use Getopt::Long;
+ 
+--- cpan/Test-Harness/bin/prove
++++ cpan/Test-Harness/bin/prove
+@@ -1,5 +1,6 @@
+ #!/usr/bin/perl -w
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
+ use strict;
+ use warnings;
+ use App::Prove;
+--- dist/ExtUtils-ParseXS/lib/ExtUtils/xsubpp
++++ dist/ExtUtils-ParseXS/lib/ExtUtils/xsubpp
+@@ -1,5 +1,6 @@
+ #!perl
+ use 5.006;
++BEGIN { pop @INC if $INC[-1] eq '.' }
+ use strict;
+ eval {
+   require ExtUtils::ParseXS;
+--- dist/Module-CoreList/corelist
++++ dist/Module-CoreList/corelist
+@@ -130,6 +130,7 @@ requested perl versions.
+ 
+ =cut
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
+ use Module::CoreList;
+ use Getopt::Long qw(:config no_ignore_case);
+ use Pod::Usage;
+--- ext/Pod-Html/bin/pod2html
++++ ext/Pod-Html/bin/pod2html
+@@ -216,6 +216,7 @@ This program is distributed under the Artistic License.
+ 
+ =cut
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
+ use Pod::Html;
+ 
+ pod2html @ARGV;
+--- utils/c2ph.PL
++++ utils/c2ph.PL
+@@ -280,6 +280,7 @@ Anyway, here it is.  Should run on perl v4 or greater.  Maybe less.
+ 
+ $RCSID = '$Id: c2ph,v 1.7 95/10/28 10:41:47 tchrist Exp Locker: tchrist $';
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
+ use File::Temp;
+ 
+ ######################################################################
+--- utils/h2ph.PL
++++ utils/h2ph.PL
+@@ -36,6 +36,8 @@ $Config{startperl}
+ 
+ print OUT <<'!NO!SUBS!';
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
++
+ use strict;
+ 
+ use Config;
+--- utils/h2xs.PL
++++ utils/h2xs.PL
+@@ -35,6 +35,8 @@ $Config{startperl}
+ 
+ print OUT <<'!NO!SUBS!';
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
++
+ use warnings;
+ 
+ =head1 NAME
+--- utils/libnetcfg.PL
++++ utils/libnetcfg.PL
+@@ -97,6 +97,7 @@ Jarkko Hietaniemi, conversion into libnetcfg for inclusion into Perl 5.8.
+ 
+ # $Id: Configure,v 1.8 1997/03/04 09:22:32 gbarr Exp $
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
+ use strict;
+ use IO::File;
+ use Getopt::Std;
+--- utils/perlbug.PL
++++ utils/perlbug.PL
+@@ -57,6 +57,7 @@ print OUT <<'!NO!SUBS!';
+ my @patches = Config::local_patches();
+ my $patch_tags = join "", map /(\S+)/ ? "+$1 " : (), @patches;
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
+ use warnings;
+ use strict;
+ use Config;
+--- utils/perldoc.PL
++++ utils/perldoc.PL
+@@ -44,7 +44,10 @@ $Config{startperl}
+ # This "$file" file was generated by "$0"
+ 
+ require 5;
+-BEGIN { \$^W = 1 if \$ENV{'PERLDOCDEBUG'} }
++BEGIN {
++    \$^W = 1 if \$ENV{'PERLDOCDEBUG'};
++    pop \@INC if \$INC[-1] eq '.';
++}
+ use Pod::Perldoc;
+ exit( Pod::Perldoc->run() );
+ 
+--- utils/perlivp.PL
++++ utils/perlivp.PL
+@@ -39,6 +39,8 @@ print OUT "\n# perlivp $^V\n";
+ 
+ print OUT <<'!NO!SUBS!';
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
++
+ sub usage {
+     warn "@_\n" if @_;
+     print << "    EOUSAGE";
+--- utils/splain.PL
++++ utils/splain.PL
+@@ -38,6 +38,12 @@ $Config{startperl}
+ 	if \$running_under_some_shell;
+ !GROK!THIS!
+ 
++print <<'!NO!SUBS!';
++
++BEGIN { pop @INC if $INC[-1] eq '.' }
++
++!NO!SUBS!
++
+ while (<IN>) {
+     print OUT unless /^package diagnostics/;
+ }
+--- lib/perl5db.pl
++++ lib/perl5db.pl
+@@ -1938,7 +1938,10 @@ sub _DB__handle_y_command {
+         = $obj->cmd_args =~ /\A(?:(\d*)\s*(.*))?\z/) {
+ 
+         # See if we've got the necessary support.
+-        if (!eval { require PadWalker; PadWalker->VERSION(0.08) }) {
++        if (!eval {
++            local @INC = @INC;
++            pop @INC if $INC[-1] eq '.';
++            require PadWalker; PadWalker->VERSION(0.08) }) {
+             my $Err = $@;
+             _db_warn(
+                 $Err =~ /locate/
+@@ -9420,7 +9423,10 @@ if PadWalker could be loaded.
+ 
+ =cut
+ 
+-        if (not $text =~ /::/ and eval { require PadWalker } ) {
++        if (not $text =~ /::/ and eval {
++            local @INC = @INC;
++            pop @INC if $INC[-1] eq '.';
++            require PadWalker } ) {
+             my $level = 1;
+             while (1) {
+                 my @info = caller($level);
+--- cpan/Test/lib/Test.pm
++++ cpan/Test/lib/Test.pm
+@@ -480,7 +480,12 @@ sub _diff_complain {
+     my($result, $expected, $detail, $prefix) = @_;
+     return _diff_complain_external(@_) if $ENV{PERL_TEST_DIFF};
+     return _diff_complain_algdiff(@_)
+-     if eval { require Algorithm::Diff; Algorithm::Diff->VERSION(1.15); 1; };
++      if eval {
++          local @INC = @INC;
++          pop @INC if $INC[-1] eq '.';
++          require Algorithm::Diff; Algorithm::Diff->VERSION(1.15);
++          1;
++      };
+ 
+     $told_about_diff++ or print $TESTERR <<"EOT";
+ # $prefix   (Install the Algorithm::Diff module to have differences in multiline
+--- dist/I18N-LangTags/lib/I18N/LangTags/Detect.pm
++++ dist/I18N-LangTags/lib/I18N/LangTags/Detect.pm
+@@ -145,6 +145,8 @@ sub _try_use {   # Basically a wrapper around "require Modulename"
+   print " About to use $module ...\n" if DEBUG;
+   {
+     local $SIG{'__DIE__'};
++    local @INC = @INC;
++    pop @INC if $INC[-1] eq '.';
+     eval "require $module"; # used to be "use $module", but no point in that.
+   }
+   if($@) {
+--- dist/IO/IO.pm
++++ dist/IO/IO.pm
+@@ -18,6 +18,8 @@ sub import {
+     
+     my @l = @_ ? @_ : qw(Handle Seekable File Pipe Socket Dir);
+ 
++    local @INC = @INC;
++    pop @INC if $INC[-1] eq '.';
+     eval join("", map { "require IO::" . (/(\w+)/)[0] . ";\n" } @l)
+ 	or croak $@;
+ }
+--- dist/Locale-Maketext/lib/Locale/Maketext.pm
++++ dist/Locale-Maketext/lib/Locale/Maketext.pm
+@@ -449,6 +449,8 @@ sub _try_use {   # Basically a wrapper around "require Modulename"
+ 
+     local $SIG{'__DIE__'};
+     local $@;
++    local @INC = @INC;
++    pop @INC if $INC[-1] eq '.';
+     eval "require $module"; # used to be "use $module", but no point in that.
+ 
+     if($@) {
+--- dist/Net-Ping/lib/Net/Ping.pm
++++ dist/Net-Ping/lib/Net/Ping.pm
+@@ -410,7 +410,11 @@ sub ping_external {
+       $timeout            # Seconds after which ping times out
+      ) = @_;
+ 
+-  eval { require Net::Ping::External; }
++  eval {
++    local @INC = @INC;
++    pop @INC if $INC[-1] eq '.';
++    require Net::Ping::External;
++  }
+     or croak('Protocol "external" not supported on your system: Net::Ping::External not found');
+   return Net::Ping::External::ping(ip => $ip, timeout => $timeout);
+ }
+--- dist/Storable/Storable.pm
++++ dist/Storable/Storable.pm
+@@ -25,7 +25,13 @@ use vars qw($canonical $forgive_me $VERSION);
+ $VERSION = '2.53_01';
+ 
+ BEGIN {
+-    if (eval { local $SIG{__DIE__}; require Log::Agent; 1 }) {
++    if (eval {
++        local $SIG{__DIE__};
++        local @INC = @INC;
++        pop @INC if $INC[-1] eq '.';
++        require Log::Agent;
++        1;
++    }) {
+         Log::Agent->import;
+     }
+     #
+--- dist/base/lib/base.pm
++++ dist/base/lib/base.pm
+@@ -78,7 +78,11 @@ sub import {
+             my $sigdie;
+             {
+                 local $SIG{__DIE__};
+-                eval "require $base";
++                do {
++                    local @INC = @INC;
++                    pop @INC if $INC[-1] eq '.';
++                    eval "require $base";
++                };
+                 # Only ignore "Can't locate" errors from our eval require.
+                 # Other fatal errors (syntax etc) must be reported.
+                 die if $@ && $@ !~ /^Can't locate .*? at \(eval /;
+--- cpan/CPAN/lib/App/Cpan.pm
++++ cpan/CPAN/lib/App/Cpan.pm
+@@ -530,9 +530,20 @@ sub AUTOLOAD { 1 }
+ sub DESTROY { 1 }
+ }
+ 
++# load a module without searching the default entry for the current
++# directory
++sub _safe_load_module {
++  my $name = shift;
++
++  local @INC = @INC;
++  pop @INC if $INC[-1] eq '.';
++
++  eval "require $name; 1";
++}
++
+ sub _init_logger
+ 	{
+-	my $log4perl_loaded = eval "require Log::Log4perl; 1";
++	my $log4perl_loaded = _safe_load_module("Log::Log4perl");
+ 
+     unless( $log4perl_loaded )
+         {
+@@ -993,7 +1004,7 @@ sub _load_local_lib # -I
+ 	{
+ 	$logger->debug( "Loading local::lib" );
+ 
+-	my $rc = eval { require local::lib; 1; };
++	my $rc = _safe_load_module("local::lib");
+ 	unless( $rc ) {
+ 		$logger->die( "Could not load local::lib" );
+ 		}
+@@ -1121,7 +1132,7 @@ sub _get_file
+ 	{
+ 	my $path = shift;
+ 
+-	my $loaded = eval "require LWP::Simple; 1;";
++	my $loaded = _safe_load_module("LWP::Simple");
+ 	croak "You need LWP::Simple to use features that fetch files from CPAN\n"
+ 		unless $loaded;
+ 
+@@ -1143,7 +1154,7 @@ sub _gitify
+ 	{
+ 	my $args = shift;
+ 
+-	my $loaded = eval "require Archive::Extract; 1;";
++	my $loaded = _safe_load_module("Archive::Extract");
+ 	croak "You need Archive::Extract to use features that gitify distributions\n"
+ 		unless $loaded;
+ 
+@@ -1207,7 +1218,7 @@ sub _show_Changes
+ sub _get_changes_file
+ 	{
+ 	croak "Reading Changes files requires LWP::Simple and URI\n"
+-		unless eval "require LWP::Simple; require URI; 1";
++		unless _safe_load_module("LWP::Simple") && _safe_load_module("URI");
+ 
+     my $url = shift;
+ 
+--- cpan/CPAN/lib/CPAN.pm
++++ cpan/CPAN/lib/CPAN.pm
+@@ -1104,6 +1104,8 @@ sub has_usable {
+                                ]
+               };
+     if ($usable->{$mod}) {
++        local @INC = @INC;
++        pop @INC if $INC[-1] eq '.';
+         for my $c (0..$#{$usable->{$mod}}) {
+             my $code = $usable->{$mod}[$c];
+             my $ret = eval { &$code() };
+@@ -1146,6 +1148,8 @@ sub has_inst {
+       $CPAN::META->{dontload_hash}{$mod}||=1; # unsafe meta access, ok
+       return 0;
+     }
++    local @INC = @INC;
++    pop @INC if $INC[-1] eq '.';
+     my $file = $mod;
+     my $obj;
+     $file =~ s|::|/|g;
+--- cpan/Digest/Digest.pm
++++ cpan/Digest/Digest.pm
+@@ -38,7 +38,11 @@ sub new
+         unless (exists ${"$class\::"}{"VERSION"}) {
+             my $pm_file = $class . ".pm";
+             $pm_file =~ s{::}{/}g;
+-            eval { require $pm_file };
++            eval {
++                local @INC = @INC;
++                pop @INC if $INC[-1] eq '.';
++                require $pm_file
++	    };
+             if ($@) {
+                 $err ||= $@;
+                 next;
+--- cpan/Encode/Encode.pm
++++ cpan/Encode/Encode.pm
+@@ -56,6 +56,8 @@ require Encode::Config;
+ eval {
+     local $SIG{__DIE__};
+     local $SIG{__WARN__};
++    local @INC = @INC;
++    pop @INC if $INC[-1] eq '.';
+     require Encode::ConfigLocal;
+ };
+ 
+--- dist/ExtUtils-Command/lib/ExtUtils/Command.pm
++++ dist/ExtUtils-Command/lib/ExtUtils/Command.pm
+@@ -19,7 +19,10 @@ if( $Is_VMS ) {
+     my $vms_efs;
+     my $vms_case;
+ 
+-    if (eval { local $SIG{__DIE__}; require VMS::Feature; }) {
++    if (eval { local $SIG{__DIE__};
++               local @INC = @INC;
++               pop @INC if $INC[-1] eq '.';
++               require VMS::Feature; }) {
+         $vms_unix_rpt = VMS::Feature::current("filename_unix_report");
+         $vms_efs = VMS::Feature::current("efs_charset");
+         $vms_case = VMS::Feature::current("efs_case_preserve");
+--- cpan/File-Fetch/lib/File/Fetch.pm
++++ cpan/File-Fetch/lib/File/Fetch.pm
+@@ -567,6 +567,8 @@ sub _lwp_fetch {
+ 
+     };
+ 
++    local @INC = @INC;
++    pop @INC if $INC[-1] eq '.';
+     unless( can_load( modules => $use_list ) ) {
+         $METHOD_FAIL->{'lwp'} = 1;
+         return;
+@@ -619,6 +621,8 @@ sub _httptiny_fetch {
+ 
+     };
+ 
++    local @INC = @INC;
++    pop @INC if $INC[-1] eq '.';
+     unless( can_load(modules => $use_list) ) {
+         $METHOD_FAIL->{'httptiny'} = 1;
+         return;
+@@ -658,6 +662,8 @@ sub _httplite_fetch {
+ 
+     };
+ 
++    local @INC = @INC;
++    pop @INC if $INC[-1] eq '.';
+     unless( can_load(modules => $use_list) ) {
+         $METHOD_FAIL->{'httplite'} = 1;
+         return;
+@@ -733,6 +739,8 @@ sub _iosock_fetch {
+         'IO::Select'       => '0.0',
+     };
+ 
++    local @INC = @INC;
++    pop @INC if $INC[-1] eq '.';
+     unless( can_load(modules => $use_list) ) {
+         $METHOD_FAIL->{'iosock'} = 1;
+         return;
+@@ -814,6 +822,8 @@ sub _netftp_fetch {
+     check( $tmpl, \%hash ) or return;
+ 
+     ### required modules ###
++    local @INC = @INC;
++    pop @INC if $INC[-1] eq '.';
+     my $use_list = { 'Net::FTP' => 0 };
+ 
+     unless( can_load( modules => $use_list ) ) {
+--- cpan/HTTP-Tiny/lib/HTTP/Tiny.pm
++++ cpan/HTTP-Tiny/lib/HTTP/Tiny.pm
+@@ -1392,6 +1392,8 @@ sub _find_CA_file {
+     return $self->{SSL_options}->{SSL_ca_file}
+         if $self->{SSL_options}->{SSL_ca_file} and -e $self->{SSL_options}->{SSL_ca_file};
+ 
++    local @INC = @INC;
++    pop @INC if $INC[-1] eq '.';
+     return Mozilla::CA::SSL_ca_file()
+         if eval { require Mozilla::CA };
+ 
+--- cpan/IO-Compress/lib/IO/Uncompress/AnyUncompress.pm
++++ cpan/IO-Compress/lib/IO/Uncompress/AnyUncompress.pm
+@@ -27,6 +27,8 @@ Exporter::export_ok_tags('all');
+ 
+ BEGIN
+ {
++   local @INC = @INC;
++   pop @INC if $INC[-1] eq '.';
+    eval ' use IO::Uncompress::Adapter::Inflate 2.060 ;';
+    eval ' use IO::Uncompress::Adapter::Bunzip2 2.060 ;';
+    eval ' use IO::Uncompress::Adapter::LZO 2.060 ;';
+--- cpan/IPC-Cmd/lib/IPC/Cmd.pm
++++ cpan/IPC-Cmd/lib/IPC/Cmd.pm
+@@ -125,6 +125,8 @@ sub can_use_ipc_run     {
+     return if IS_WIN98;
+ 
+     ### if we dont have ipc::run, we obviously can't use it.
++    local @INC = @INC;
++    pop @INC if $INC[-1] eq '.';
+     return unless can_load(
+                         modules => { 'IPC::Run' => '0.55' },
+                         verbose => ($WARN && $verbose),
+@@ -169,6 +171,8 @@ sub can_use_ipc_open3   {
+ 
+     ### IPC::Open3 works on every non-VMS platform, but it can't
+     ### capture buffers on win32 :(
++    local @INC = @INC;
++    pop @INC if $INC[-1] eq '.';
+     return unless can_load(
+         modules => { map {$_ => '0.0'} qw|IPC::Open3 IO::Select Symbol| },
+         verbose => ($WARN && $verbose),
+--- cpan/Locale-Maketext-Simple/lib/Locale/Maketext/Simple.pm
++++ cpan/Locale-Maketext-Simple/lib/Locale/Maketext/Simple.pm
+@@ -134,7 +134,12 @@ sub load_loc {
+     my $pkg = join('::', grep { defined and length } $args{Class}, $args{Subclass});
+     return $Loc{$pkg} if exists $Loc{$pkg};
+ 
+-    eval { require Locale::Maketext::Lexicon; 1 }   or return;
++    eval {
++        local @INC = @INC;
++        pop @INC if $INC[-1] eq '.';
++        require Locale::Maketext::Lexicon;
++        1
++    } or return;
+     $Locale::Maketext::Lexicon::VERSION > 0.20	    or return;
+     eval { require File::Spec; 1 }		    or return;
+ 
+--- cpan/Memoize/Memoize.pm
++++ cpan/Memoize/Memoize.pm
+@@ -184,7 +184,11 @@ sub _my_tie {
+   }
+   my $modulefile = $module . '.pm';
+   $modulefile =~ s{::}{/}g;
+-  eval { require $modulefile };
++  eval {
++    local @INC = @INC;
++    pop @INC if $INC[-1] eq '.';
++    require $modulefile
++  };
+   if ($@) {
+     croak "Memoize: Couldn't load hash tie module `$module': $@; aborting";
+   }
+--- cpan/Pod-Perldoc/lib/Pod/Perldoc.pm
++++ cpan/Pod-Perldoc/lib/Pod/Perldoc.pm
+@@ -573,6 +573,9 @@ sub find_good_formatter_class {
+   my @class_list = @{ $self->{'formatter_classes'} || [] };
+   $self->die( "WHAT?  Nothing in the formatter class list!?" ) unless @class_list;
+ 
++  local @INC = @INC;
++  pop @INC if $INC[-1] eq '.';
++
+   my $good_class_found;
+   foreach my $c (@class_list) {
+     DEBUG > 4 and print "Trying to load $c...\n";
+@@ -1004,6 +1007,8 @@ sub new_translator { # $tr = $self->new_translator($lang);
+     my $self = shift;
+     my $lang = shift;
+ 
++    local @INC = @INC;
++    pop @INC if $INC[-1] eq '.';
+     my $pack = 'POD2::' . uc($lang);
+     eval "require $pack";
+     if ( !$@ && $pack->can('new') ) {
+--- cpan/Sys-Syslog/Syslog.pm
++++ cpan/Sys-Syslog/Syslog.pm
+@@ -888,6 +888,8 @@ sub silent_eval (&) {
+ sub can_load {
+     my ($module, $verbose) = @_;
+     local($SIG{__DIE__}, $SIG{__WARN__}, $@);
++    local @INC = @INC;
++    pop @INC if $INC[-1] eq '.';
+     my $loaded = eval "use $module; 1";
+     warn $@ if not $loaded and $verbose;
+     return $loaded
+--- cpan/libnet/Net/Config.pm
++++ cpan/libnet/Net/Config.pm
+@@ -23,7 +23,12 @@ our $VERSION = "3.05";
+ 
+ our($CONFIGURE, $LIBNET_CFG);
+ 
+-eval { local $SIG{__DIE__}; require Net::LocalCfg };
++eval {
++  local @INC = @INC;
++  pop @INC if $INC[-1] eq '.';
++  local $SIG{__DIE__};
++  require Net::LocalCfg;
++};
+ 
+ our %NetConfig = (
+   nntp_hosts      => [],
+--- dist/bignum/lib/bigint.pm.orig	Sat Dec 27 03:49:23 2014
++++ dist/bignum/lib/bigint.pm	Sat Jul 23 21:29:44 2016
+@@ -248,6 +248,8 @@ sub import 
+     # see if we can find Math::BigInt::Lite
+     if (!defined $a && !defined $p)		# rounding won't work to well
+       {
++      local @INC = @INC;
++      pop @INC if $INC[-1] eq '.';
+       eval 'require Math::BigInt::Lite;';
+       if ($@ eq '')
+         {
+--- dist/bignum/lib/bignum.pm.orig	Sat Dec 27 03:49:23 2014
++++ dist/bignum/lib/bignum.pm	Sat Jul 23 21:29:52 2016
+@@ -155,6 +155,8 @@ sub import 
+     # see if we can find Math::BigInt::Lite
+     if (!defined $a && !defined $p)		# rounding won't work to well
+       {
++      local @INC = @INC;
++      pop @INC if $INC[-1] eq '.';
+       eval 'require Math::BigInt::Lite;';
+       if ($@ eq '')
+         {
+--- dist/bignum/lib/bigrat.pm.orig	Sat Dec 27 03:49:23 2014
++++ dist/bignum/lib/bigrat.pm	Sat Jul 23 21:29:59 2016
+@@ -148,6 +148,8 @@ sub import 
+     # see if we can find Math::BigInt::Lite
+     if (!defined $a && !defined $p)             # rounding won't work to well
+       {
++      local @INC = @INC;
++      pop @INC if $INC[-1] eq '.';
+       eval 'require Math::BigInt::Lite;';
+       if ($@ eq '')
+         {
+--- x2p/s2p.PL.orig	Sat Jul 23 07:07:58 2016
++++ x2p/s2p.PL	Sat Jul 23 07:10:09 2016
+@@ -1,5 +1,6 @@
+ #!/usr/bin/perl
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
+ use Config;
+ use File::Basename qw(&basename &dirname);
+ use Cwd;
+--- x2p/find2perl.PL.orig	Sat Jul 23 07:08:21 2016
++++ x2p/find2perl.PL	Sat Jul 23 07:10:15 2016
+@@ -1,5 +1,6 @@
+ #!/usr/local/bin/perl
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
+ use Config;
+ use File::Basename qw(&basename &dirname);
+ use Cwd;

Modified: head/lang/perl5.20/Makefile
==============================================================================
--- head/lang/perl5.20/Makefile	Thu Aug 11 13:05:58 2016	(r420066)
+++ head/lang/perl5.20/Makefile	Thu Aug 11 13:32:05 2016	(r420067)
@@ -3,7 +3,7 @@
 
 PORTNAME=	perl
 PORTVERSION=	${PERL_VERSION}
-PORTREVISION=	13
+PORTREVISION=	14
 CATEGORIES=	lang devel perl5
 MASTER_SITES=	CPAN/../../src/5.0
 DIST_SUBDIR=	perl

Added: head/lang/perl5.20/files/patch-CVE-2016-1238
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/lang/perl5.20/files/patch-CVE-2016-1238	Thu Aug 11 13:32:05 2016	(r420067)
@@ -0,0 +1,794 @@
+--- cpan/Archive-Tar/bin/ptar
++++ cpan/Archive-Tar/bin/ptar
+@@ -1,6 +1,7 @@
+ #!/usr/bin/perl
+ use strict;
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
+ use File::Find;
+ use Getopt::Std;
+ use Archive::Tar;
+--- cpan/Archive-Tar/bin/ptardiff
++++ cpan/Archive-Tar/bin/ptardiff
+@@ -1,5 +1,6 @@
+ #!/usr/bin/perl
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
+ use strict;
+ use Archive::Tar;
+ use Getopt::Std;
+--- cpan/Archive-Tar/bin/ptargrep
++++ cpan/Archive-Tar/bin/ptargrep
+@@ -4,6 +4,7 @@
+ # archive.  See 'ptargrep --help' for more documentation.
+ #
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
+ use strict;
+ use warnings;
+ 
+--- cpan/CPAN/scripts/cpan
++++ cpan/CPAN/scripts/cpan
+@@ -1,5 +1,6 @@
+ #!/usr/local/bin/perl
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
+ use strict;
+ use vars qw($VERSION);
+ 
+--- cpan/Digest-SHA/shasum
++++ cpan/Digest-SHA/shasum
+@@ -13,6 +13,7 @@
+ 	## "-0" option for reading bit strings, and
+ 	## "-p" option for portable digests (to be deprecated).
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
+ use strict;
+ use warnings;
+ use Fcntl;
+--- cpan/Encode/bin/enc2xs
++++ cpan/Encode/bin/enc2xs
+@@ -4,6 +4,7 @@ BEGIN {
+     # with $ENV{PERL_CORE} set
+     # In case we need it in future...
+     require Config; import Config;
++    pop @INC if $INC[-1] eq '.';
+ }
+ use strict;
+ use warnings;
+--- cpan/Encode/bin/piconv
++++ cpan/Encode/bin/piconv
+@@ -1,6 +1,7 @@
+ #!./perl
+ # $Id: piconv,v 2.7 2014/05/31 09:48:48 dankogai Exp $
+ #
++BEGIN { pop @INC if $INC[-1] eq '.' }
+ use 5.8.0;
+ use strict;
+ use Encode ;
+--- cpan/Encode/bin/ucmlint
++++ cpan/Encode/bin/ucmlint
+@@ -3,6 +3,7 @@
+ # $Id: ucmlint,v 2.2 2008/03/12 09:51:11 dankogai Exp $
+ #
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
+ use strict;
+ our  $VERSION = do { my @r = (q$Revision: 2.2 $ =~ /\d+/g); sprintf "%d."."%02d" x $#r, @r };
+ 
+--- cpan/Encode/bin/unidump
++++ cpan/Encode/bin/unidump
+@@ -1,5 +1,6 @@
+ #!./perl
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
+ use strict;
+ use Encode;
+ use Getopt::Std;
+--- cpan/ExtUtils-MakeMaker/bin/instmodsh
++++ cpan/ExtUtils-MakeMaker/bin/instmodsh
+@@ -1,5 +1,6 @@
+ #!/usr/bin/perl -w
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
+ use strict;
+ use IO::File;
+ use ExtUtils::Packlist;
+--- cpan/IO-Compress/bin/zipdetails
++++ cpan/IO-Compress/bin/zipdetails
+@@ -5,6 +5,7 @@
+ # Display info on the contents of a Zip file
+ #
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
+ use strict;
+ use warnings ;
+ 
+--- cpan/JSON-PP/bin/json_pp
++++ cpan/JSON-PP/bin/json_pp
+@@ -1,5 +1,6 @@
+ #!/usr/bin/perl
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
+ use strict;
+ use Getopt::Long;
+ 
+--- cpan/Test-Harness/bin/prove
++++ cpan/Test-Harness/bin/prove
+@@ -1,5 +1,6 @@
+ #!/usr/bin/perl -w
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
+ use strict;
+ use warnings;
+ use App::Prove;
+--- dist/ExtUtils-ParseXS/lib/ExtUtils/xsubpp
++++ dist/ExtUtils-ParseXS/lib/ExtUtils/xsubpp
+@@ -1,5 +1,6 @@
+ #!perl
+ use 5.006;
++BEGIN { pop @INC if $INC[-1] eq '.' }
+ use strict;
+ eval {
+   require ExtUtils::ParseXS;
+--- dist/Module-CoreList/corelist
++++ dist/Module-CoreList/corelist
+@@ -130,6 +130,7 @@ requested perl versions.
+ 
+ =cut
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
+ use Module::CoreList;
+ use Getopt::Long qw(:config no_ignore_case);
+ use Pod::Usage;
+--- ext/Pod-Html/bin/pod2html
++++ ext/Pod-Html/bin/pod2html
+@@ -216,6 +216,7 @@ This program is distributed under the Artistic License.
+ 
+ =cut
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
+ use Pod::Html;
+ 
+ pod2html @ARGV;
+--- utils/c2ph.PL
++++ utils/c2ph.PL
+@@ -280,6 +280,7 @@ Anyway, here it is.  Should run on perl v4 or greater.  Maybe less.
+ 
+ $RCSID = '$Id: c2ph,v 1.7 95/10/28 10:41:47 tchrist Exp Locker: tchrist $';
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
+ use File::Temp;
+ 
+ ######################################################################
+--- utils/h2ph.PL
++++ utils/h2ph.PL
+@@ -36,6 +36,8 @@ $Config{startperl}
+ 
+ print OUT <<'!NO!SUBS!';
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
++
+ use strict;
+ 
+ use Config;
+--- utils/h2xs.PL
++++ utils/h2xs.PL
+@@ -35,6 +35,8 @@ $Config{startperl}
+ 
+ print OUT <<'!NO!SUBS!';
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
++
+ use warnings;
+ 
+ =head1 NAME
+--- utils/libnetcfg.PL
++++ utils/libnetcfg.PL
+@@ -97,6 +97,7 @@ Jarkko Hietaniemi, conversion into libnetcfg for inclusion into Perl 5.8.
+ 
+ # $Id: Configure,v 1.8 1997/03/04 09:22:32 gbarr Exp $
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
+ use strict;
+ use IO::File;
+ use Getopt::Std;
+--- utils/perlbug.PL
++++ utils/perlbug.PL
+@@ -57,6 +57,7 @@ print OUT <<'!NO!SUBS!';
+ my @patches = Config::local_patches();
+ my $patch_tags = join "", map /(\S+)/ ? "+$1 " : (), @patches;
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
+ use warnings;
+ use strict;
+ use Config;
+--- utils/perldoc.PL
++++ utils/perldoc.PL
+@@ -44,7 +44,10 @@ $Config{startperl}
+ # This "$file" file was generated by "$0"
+ 
+ require 5;
+-BEGIN { \$^W = 1 if \$ENV{'PERLDOCDEBUG'} }
++BEGIN {
++    \$^W = 1 if \$ENV{'PERLDOCDEBUG'};
++    pop \@INC if \$INC[-1] eq '.';
++}
+ use Pod::Perldoc;
+ exit( Pod::Perldoc->run() );
+ 
+--- utils/perlivp.PL
++++ utils/perlivp.PL
+@@ -39,6 +39,8 @@ print OUT "\n# perlivp $^V\n";
+ 
+ print OUT <<'!NO!SUBS!';
+ 
++BEGIN { pop @INC if $INC[-1] eq '.' }
++
+ sub usage {
+     warn "@_\n" if @_;
+     print << "    EOUSAGE";
+--- utils/splain.PL
++++ utils/splain.PL
+@@ -38,6 +38,12 @@ $Config{startperl}
+ 	if \$running_under_some_shell;
+ !GROK!THIS!
+ 
++print <<'!NO!SUBS!';
++
++BEGIN { pop @INC if $INC[-1] eq '.' }
++
++!NO!SUBS!
++
+ while (<IN>) {
+     print OUT unless /^package diagnostics/;
+ }
+--- lib/perl5db.pl
++++ lib/perl5db.pl
+@@ -1938,7 +1938,10 @@ sub _DB__handle_y_command {
+         = $obj->cmd_args =~ /\A(?:(\d*)\s*(.*))?\z/) {
+ 
+         # See if we've got the necessary support.
+-        if (!eval { require PadWalker; PadWalker->VERSION(0.08) }) {
++        if (!eval {
++            local @INC = @INC;
++            pop @INC if $INC[-1] eq '.';
++            require PadWalker; PadWalker->VERSION(0.08) }) {
+             my $Err = $@;
+             _db_warn(
+                 $Err =~ /locate/
+@@ -9420,7 +9423,10 @@ if PadWalker could be loaded.
+ 
+ =cut
+ 
+-        if (not $text =~ /::/ and eval { require PadWalker } ) {
++        if (not $text =~ /::/ and eval {
++            local @INC = @INC;

*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201608111332.u7BDW5pH011147>