[bibtool] 01/01: Implement explicit local load in the perl test module

To: debian-tex-maint@lists.debian.org
Subject: [bibtool] 01/01: Implement explicit local load in the perl test module
From: Jerome Benoit <calculus-guest@moszumanska.debian.org>
Date: Sun, 09 Oct 2016 02:13:59 +0000
Message-id: <[🔎] E1bt3cl-0000pW-6Y@moszumanska.debian.org>
Reply-to: Jerome Benoit <calculus@rezozer.net>
In-reply-to: <[🔎] 20161009021358.3047.18261@moszumanska.debian.org>
References: <[🔎] 20161009021358.3047.18261@moszumanska.debian.org>

This is an automated email from the git hooks/post-receive script.

calculus-guest pushed a commit to branch master
in repository bibtool.

commit 774411694435ddf1ee5d6bfb6a0dba94ebd058a6
Author: Jerome Benoit <calculus@rezozer.net>
Date:   Sun Oct 9 03:11:50 2016 +0100

    Implement explicit local load in the perl test module
---
 debian/changelog                                             |  9 +++++++++
 debian/patches/series                                        |  1 +
 .../patches/upstream-test-security-local_load-explicit.patch | 12 ++++++++++++
 3 files changed, 22 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index 9bd25a4..dc29df6 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,12 @@
+bibtool (2.65+ds-2) unstable; urgency=medium
+
+  * Debianization:
+    - debian/patches/
+      - d/p/upstream-test-security-local_load-explicit.patch, introduce and
+        submitted.
+
+ -- Jerome Benoit <calculus@rezozer.net>  Sun, 09 Oct 2016 02:06:44 +0000
+
 bibtool (2.65+ds-1) unstable; urgency=medium
 
   * New upstream version (Closes: #827102):
diff --git a/debian/patches/series b/debian/patches/series
index 5d1d294..da92af2 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,3 +1,4 @@
+upstream-test-security-local_load-explicit.patch
 upstream-Changes_tex-date_setup.patch
 cleanup-upstream.patch
 rationalization-upstream-doc.patch
diff --git a/debian/patches/upstream-test-security-local_load-explicit.patch b/debian/patches/upstream-test-security-local_load-explicit.patch
new file mode 100644
index 0000000..06273fd
--- /dev/null
+++ b/debian/patches/upstream-test-security-local_load-explicit.patch
@@ -0,0 +1,12 @@
+implement explicit local load in test perl script as '.' has been removed from @INC (CVE-2016-1238)
+--- a/test/lib/BUnit.pm
++++ b/test/lib/BUnit.pm
+@@ -277,7 +277,7 @@
+     $suite   = $_;
+     $suite   =~ s/\.t$//;
+ 
+-    my $ret = do "$_";
++    my $ret = do "./$_";
+     unless($ret) {
+       if ($@) {                   warn "couldn't parse $_: $@\n"
+       } elsif(not defined $ret) { warn "couldn't do $_: $!\n"

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/debian-tex/bibtool.git

Reply to:

References:
- [bibtool] branch master updated (41f13da -> 7744116)
  - From: Jerome Benoit <calculus-guest@moszumanska.debian.org>

Prev by Date: Latest upgrade of texlive-lang-arabic leads to error
Next by Date: [bibtool] branch master updated (41f13da -> 7744116)
Previous by thread: [bibtool] branch master updated (41f13da -> 7744116)
Next by thread: [bibtool] annotated tag debian/2.65+ds-2 created (now 7ad7ff7)
Index(es):
- Date
- Thread