!115 [sync] PR-113: Fix CVE-2023-47100

From: @openeuler-sync-bot Reviewed-by: @openeuler-basic Signed-off-by: @openeuler-basic
Fix CVE-2023-47100
2023-12-11 14:03:56 +00:00 · 2023-12-11 21:07:37 +08:00 · 2023-12-11 02:33:15 +00:00 · 2023-12-08 17:02:01 +08:00 · 2023-11-27 12:36:51 +00:00 · 2023-11-27 19:47:56 +08:00
17 changed files with 956 additions and 67 deletions
--- a/backport-CVE-2021-36770.patch
+++ b/backport-CVE-2021-36770.patch
@ -0,0 +1,67 @@
+From 527e482dc70b035d0df4f8c77a00d81f8d775c74 Mon Sep 17 00:00:00 2001
+From: Dan Kogai <dankogai+github@gmail.com>
+Date: Mon, 9 Aug 2021 23:19:25 +0900
+Subject: [PATCH] version 3.12 to address CVE-2021-36770
+
+---
+ cpan/Encode/Encode.pm          | 8 ++++----
+ cpan/Encode/Unicode/Unicode.xs | 2 +-
+ cpan/Encode/t/Unicode.t        | 2 +-
+ 3 files changed, 6 insertions(+), 6 deletions(-)
+
+diff --git a/cpan/Encode/Encode.pm b/cpan/Encode/Encode.pm
+index d3eb3c1..769439c 100644
+--- a/cpan/Encode/Encode.pm
+++ b/cpan/Encode/Encode.pm
+@@ -1,5 +1,5 @@
+ #
+-# $Id: Encode.pm,v 3.08 2020/12/02 01:27:44 dankogai Exp $
+# $Id: Encode.pm,v 3.12 2021/08/09 14:17:04 dankogai Exp dankogai $
+ #
+ package Encode;
+ use strict;
+@@ -7,7 +7,7 @@ use warnings;
+ use constant DEBUG => !!$ENV{PERL_ENCODE_DEBUG};
+ our $VERSION;
+ BEGIN {
+-    $VERSION = sprintf "%d.%02d", q$Revision: 3.08 $ =~ /(\d+)/g;
+    $VERSION = sprintf "%d.%02d", q$Revision: 3.12 $ =~ /(\d+)/g;
+     require XSLoader;
+     XSLoader::load( __PACKAGE__, $VERSION );
+ }
+@@ -65,8 +65,8 @@ require Encode::Config;
+ eval {
+     local $SIG{__DIE__};
+     local $SIG{__WARN__};
+-    local @INC = @INC || ();
+-    pop @INC if $INC[-1] eq '.';
+    local @INC = @INC;
+    pop @INC if @INC && $INC[-1] eq '.';    
+     require Encode::ConfigLocal;
+ };
+ 
+diff --git a/cpan/Encode/Unicode/Unicode.xs b/cpan/Encode/Unicode/Unicode.xs
+index 4e111e2..18c783f 100644
+--- a/cpan/Encode/Unicode/Unicode.xs
+++ b/cpan/Encode/Unicode/Unicode.xs
+@@ -1,5 +1,5 @@
+ /*
+- $Id: Unicode.xs,v 2.19 2019/01/21 03:09:59 dankogai Exp $
+ $Id: Unicode.xs,v 2.20 2021/07/23 02:26:54 dankogai Exp $
+  */
+ 
+ #define IN_UNICODE_XS
+diff --git a/cpan/Encode/t/Unicode.t b/cpan/Encode/t/Unicode.t
+index 2cc5d54..9e2bcbe 100644
+--- a/cpan/Encode/t/Unicode.t
+++ b/cpan/Encode/t/Unicode.t
+@@ -1,5 +1,5 @@
+ #
+-# $Id: Unicode.t,v 2.3 2012/08/05 23:08:49 dankogai Exp $
+# $Id: Unicode.t,v 2.4 2021/07/23 02:26:54 dankogai Exp $
+ #
+ # This script is written entirely in ASCII, even though quoted literals
+ # do include non-BMP unicode characters -- Are you happy, jhi?
+-- 
+2.27.0
+
--- a/backport-CVE-2022-48522.patch
+++ b/backport-CVE-2022-48522.patch
@ -0,0 +1,78 @@
+From 43cbd598f60a85afcfc3de71e89e8a48330158f5 Mon Sep 17 00:00:00 2001
+From: Tony Cook <tony@develop-help.com>
+Date: Wed, 22 Sep 2021 11:47:55 +1000
+Subject: [PATCH] Don't try to Sv[PI]V() on an undef index SV in
+ find_uninit_var()
+
+When trying to evaluate:
+
+  $x{$y}
+
+or
+
+  $x[$y]
+
+where both the index and the hash or array entry was undefined,
+when trying to report the entry as uninitialised, find_uninit_var()
+would try to get the string or numeric value of the index,
+recursively trying to produce a warning.
+
+This would end up overflowing the stack, producing a segmentation fault.
+
+Fixes #19147.
+
+(cherry picked from commit 23cca2d1f4544cb47f1124d98c308ce1f31f09a6)
+Conflict:NA
+Reference:https://github.com/Perl/perl5/commit/43cbd598f60a85afcfc3de71e89e8a48330158f5
+---
+ sv.c              |  7 ++++---
+ t/lib/warnings/sv | 13 +++++++++++++
+ 2 files changed, 17 insertions(+), 3 deletions(-)
+
+diff --git a/sv.c b/sv.c
+index 27c425a54e6f..46bf9815cd15 100644
+--- a/sv.c
+++ b/sv.c
+@@ -16782,14 +16782,15 @@ S_find_uninit_var(pTHX_ const OP *const obase, const SV *const uninit_sv,
+                 }
+                 if (index_sv && !SvMAGICAL(index_sv) && !SvROK(index_sv)) {
+                     if (is_hv) {
+-                        HE *he = hv_fetch_ent(MUTABLE_HV(sv), index_sv, 0, 0);
+                        SV *report_index_sv = SvOK(index_sv) ? index_sv : &PL_sv_no;
+                        HE *he = hv_fetch_ent(MUTABLE_HV(sv), report_index_sv, 0, 0);
+                         if (!he) {
+                             return varname(agg_gv, '%', agg_targ,
+-                                           index_sv, 0, FUV_SUBSCRIPT_HASH);
+                                           report_index_sv, 0, FUV_SUBSCRIPT_HASH);
+                         }
+                     }
+                     else {
+-                        SSize_t index = SvIV(index_sv);
+                        SSize_t index = SvOK(index_sv) ? SvIV(index_sv) : 0;
+                         SV * const * const svp =
+                             av_fetch(MUTABLE_AV(sv), index, FALSE);
+                         if (!svp) {
+diff --git a/t/lib/warnings/sv b/t/lib/warnings/sv
+index be04b8457e3a..8524c2c25a1d 100644
+--- a/t/lib/warnings/sv
+++ b/t/lib/warnings/sv
+@@ -211,6 +211,19 @@ Use of uninitialized value $a in join or string at - line 4.
+ Use of uninitialized value $a in concatenation (.) or string at - line 5.
+ Use of uninitialized value $a in concatenation (.) or string at - line 6.
+ ########
+# NAME https://github.com/Perl/perl5/issues/19147
+use warnings 'uninitialized';
+my %x;
+my @z;
+my $y;
+-$x{$y};
+-$z[$y];
+EXPECT
+Use of uninitialized value $y in hash element at - line 5.
+Use of uninitialized value $x{""} in negation (-) at - line 5.
+Use of uninitialized value $y in array element at - line 6.
+Use of uninitialized value $z[0] in negation (-) at - line 6.
+########
+ # sv.c 
+ use warnings 'numeric' ;
+ sub TIESCALAR{bless[]} ; 
--- a/backport-CVE-2023-31484.patch
+++ b/backport-CVE-2023-31484.patch
@ -0,0 +1,25 @@
+From 9c98370287f4e709924aee7c58ef21c85289a7f0 Mon Sep 17 00:00:00 2001
+From: Stig Palmquist <git@stig.io>
+Date: Tue, 28 Feb 2023 11:54:06 +0100
+Subject: [PATCH] Add verify_SSL=>1 to HTTP::Tiny to verify https server
+ identity
+
+---
+ cpan/CPAN/lib/CPAN/HTTP/Client.pm | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/cpan/CPAN/lib/CPAN/HTTP/Client.pm b/cpan/CPAN/lib/CPAN/HTTP/Client.pm
+index 4fc792c..a616fee 100644
+--- a/cpan/CPAN/lib/CPAN/HTTP/Client.pm
+++ b/cpan/CPAN/lib/CPAN/HTTP/Client.pm
+@@ -32,6 +32,7 @@ sub mirror {
+ 
+     my $want_proxy = $self->_want_proxy($uri);
+     my $http = HTTP::Tiny->new(
+        verify_SSL => 1,
+         $want_proxy ? (proxy => $self->{proxy}) : ()
+     );
+ 
+-- 
+2.33.0
+
--- a/backport-CVE-2023-31486.patch
+++ b/backport-CVE-2023-31486.patch
@ -0,0 +1,84 @@
+From 1490431e40e22052f75a0b3449f1f53cbd27ba92 Mon Sep 17 00:00:00 2001
+From: Dominic Hargreaves <dom@earth.li>
+Date: Thu, 21 May 2020 22:53:37 +0100
+Subject: [PATCH] Enable SSL by default in HTTP::Tiny
+
+HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN,
+has an insecure default TLS configuration where users must opt in to verify certificates.
+
+Reference: https://salsa.debian.org/perl-team/interpreter/perl/-/commit/1490431e40e22052f75a0b3449f1f53cbd27ba92.patch
+Conflict:NA
+---
+ cpan/HTTP-Tiny/lib/HTTP/Tiny.pm | 20 +++++++++-----------
+ 1 file changed, 9 insertions(+), 11 deletions(-)
+
+diff --git a/cpan/HTTP-Tiny/lib/HTTP/Tiny.pm b/cpan/HTTP-Tiny/lib/HTTP/Tiny.pm
+index 5803e4599f01..5970b6e225f3 100644
+--- a/cpan/HTTP-Tiny/lib/HTTP/Tiny.pm
+++ b/cpan/HTTP-Tiny/lib/HTTP/Tiny.pm
+@@ -40,7 +40,7 @@ sub _croak { require Carp; Carp::croak(@_) }
+ #pod * C<timeout> — Request timeout in seconds (default is 60) If a socket open,
+ #pod   read or write takes longer than the timeout, an exception is thrown.
+ #pod * C<verify_SSL> — A boolean that indicates whether to validate the SSL
+-#pod   certificate of an C<https> — connection (default is false)
+#pod   certificate of an C<https> — connection (default is true)
+ #pod * C<SSL_options> — A hashref of C<SSL_*> — options to pass through to
+ #pod   L<IO::Socket::SSL>
+ #pod
+@@ -112,7 +112,7 @@ sub new {
+         max_redirect => 5,
+         timeout      => defined $args{timeout} ? $args{timeout} : 60,
+         keep_alive   => 1,
+-        verify_SSL   => $args{verify_SSL} || $args{verify_ssl} || 0, # no verification by default
+        verify_SSL   => $args{verify_SSL} // $args{verify_ssl} // 1, # verification by default
+         no_proxy     => $ENV{no_proxy},
+     };
+ 
+@@ -1038,7 +1038,7 @@ sub new {
+         timeout          => 60,
+         max_line_size    => 16384,
+         max_header_lines => 64,
+-        verify_SSL       => 0,
+        verify_SSL       => 1,
+         SSL_options      => {},
+         %args
+     }, $class;
+@@ -1765,7 +1765,7 @@ C<timeout> — Request timeout in seconds (default is 60) If a socket open, read
+ 
+ =item *
+ 
+-C<verify_SSL> — A boolean that indicates whether to validate the SSL certificate of an C<https> — connection (default is false)
+C<verify_SSL> — A boolean that indicates whether to validate the SSL certificate of an C<https> — connection (default is true)
+ 
+ =item *
+ 
+@@ -2035,7 +2035,7 @@ Verification of server identity
+ 
+ =back
+ 
+-B<By default, HTTP::Tiny does not verify server identity>.
+B<By default, HTTP::Tiny verifies server identity>.
+ 
+ Server identity verification is controversial and potentially tricky because it
+ depends on a (usually paid) third-party Certificate Authority (CA) trust model
+@@ -2043,16 +2043,14 @@ to validate a certificate as legitimate.  This discriminates against servers
+ with self-signed certificates or certificates signed by free, community-driven
+ CA's such as L<CAcert.org|http://cacert.org>.
+ 
+-By default, HTTP::Tiny does not make any assumptions about your trust model,
+-threat level or risk tolerance.  It just aims to give you an encrypted channel
+-when you need one.
+-
+ Setting the C<verify_SSL> attribute to a true value will make HTTP::Tiny verify
+ that an SSL connection has a valid SSL certificate corresponding to the host
+ name of the connection and that the SSL certificate has been verified by a CA.
+ Assuming you trust the CA, this will protect against a L<man-in-the-middle
+-attack|http://en.wikipedia.org/wiki/Man-in-the-middle_attack>.  If you are
+-concerned about security, you should enable this option.
+attack|http://en.wikipedia.org/wiki/Man-in-the-middle_attack>.
+
+If you are not concerned about security, and this default causes
+problems, you should disable this option.
+ 
+ Certificate verification requires a file containing trusted CA certificates.
+ 
--- a/backport-CVE-2023-47039.patch
+++ b/backport-CVE-2023-47039.patch
@ -0,0 +1,196 @@
+From 906e92715f4ee68ea95086867f4f97b1f4f10ac3 Mon Sep 17 00:00:00 2001
+From: Tony Cook <tony@develop-help.com>
+Date: Tue, 3 Oct 2023 09:40:07 +1100
+Subject: [PATCH] win32: default the shell to cmd.exe in the Windows system
+ directory
+
+This prevents picking up cmd.exe from the current directory, or
+even from the PATH.
+
+This protects against a privilege escalation attack where an attacker
+in a separate session creates a cmd.exe in a directory where the
+target account happens to have its current directory.
+---
+ t/win32/system.t | 30 ++++++++++++--------
+ win32/win32.c    | 71 +++++++++++++++++++++++++++++++++++++++++-------
+ 2 files changed, 79 insertions(+), 22 deletions(-)
+
+diff --git a/t/win32/system.t b/t/win32/system.t
+index 939a02db55..c885059012 100644
+--- a/t/win32/system.t
+++ b/t/win32/system.t
+@@ -82,6 +82,7 @@ close $F;
+ chdir($testdir);
+ END {
+     chdir($cwd) && rmtree("$cwd/$testdir") if -d "$cwd/$testdir";
+    unlink "cmd.exe";
+ }
+ if (open(my $EIN, "$cwd/win32/${exename}_exe.uu")) {
+     note "Unpacking $exename.exe";
+@@ -104,21 +105,20 @@ else {
+      }
+     note "Compiling $exename.c";
+     note "$Config{cc} $Config{ccflags} $exename.c";
+-    if (system("$Config{cc} $Config{ccflags} $minus_o $exename.c >log 2>&1") != 0) {
+    if (system("$Config{cc} $Config{ccflags} $minus_o $exename.c >log 2>&1") != 0 ||
+        !-f "$exename.exe") {
+ 	note "Could not compile $exename.c, status $?";
+-    note "Where is your C compiler?";
+-    skip_all "can't build test executable";
+-    }
+-    unless (-f "$exename.exe") {
+-	if (open(LOG,'<log'))
+-         {
+-          while(<LOG>) {
+-              note $_;
+-          } 
+-         }
+        note "Where is your C compiler?";
+        if (open(LOG,'<log'))
+        {
+            while(<LOG>) {
+                note $_;
+            }
+        }
+         else {
+-	  warn "Cannot open log (in $testdir):$!";
+            warn "Cannot open log (in $testdir):$!";
+         }
+        skip_all "can't build test executable";
+     }
+ }
+ copy("$plxname.bat","$plxname.cmd");
+@@ -128,6 +128,12 @@ unless (-x "$testdir/$exename.exe") {
+     skip_all "can't build test executable";
+ }
+ 
+# test we only look for cmd.exe in the standard place
+delete $ENV{PERLSHELL};
+copy("$testdir/$exename.exe", "$testdir/cmd.exe") or die $!;
+copy("$testdir/$exename.exe", "cmd.exe") or die $!;
+$ENV{PATH} = qq("$testdir";$ENV{PATH});
+
+ open my $T, "$^X -I../lib -w win32/system_tests |"
+     or die "Can't spawn win32/system_tests: $!";
+ my $expect;
+diff --git a/win32/win32.c b/win32/win32.c
+index 94248ca168..5d54cf8d4a 100644
+--- a/win32/win32.c
+++ b/win32/win32.c
+@@ -117,7 +117,7 @@ static char*	win32_get_xlib(const char *pl,
+ 
+ static BOOL	has_shell_metachars(const char *ptr);
+ static long	tokenize(const char *str, char **dest, char ***destv);
+-static void	get_shell(void);
+static int	get_shell(void);
+ static char*	find_next_space(const char *s);
+ static int	do_spawn2(pTHX_ const char *cmd, int exectype);
+ static int	do_spawn2_handles(pTHX_ const char *cmd, int exectype,
+@@ -600,7 +600,13 @@ tokenize(const char *str, char **dest, char ***destv)
+     return items;
+ }
+ 
+-static void
+static const char
+cmd_opts[] = "/x/d/c";
+
+static const char
+shell_cmd[] = "cmd.exe";
+
+static int
+ get_shell(void)
+ {
+     dTHX;
+@@ -612,12 +618,53 @@ get_shell(void)
+          *     interactive use (which is what most programs look in COMSPEC
+          *     for).
+          */
+-        const char* defaultshell = "cmd.exe /x/d/c";
+-        const char *usershell = PerlEnv_getenv("PERL5SHELL");
+-        w32_perlshell_items = tokenize(usershell ? usershell : defaultshell,
+-                                       &w32_perlshell_tokens,
+-                                       &w32_perlshell_vec);
+        const char *shell = PerlEnv_getenv("PERL5SHELL");
+        if (shell) {
+            w32_perlshell_items = tokenize(shell,
+                                           &w32_perlshell_tokens,
+                                           &w32_perlshell_vec);
+        }
+        else {
+            /* tokenize does some Unix-ish like things like
+               \\ escaping that don't work well here
+            */
+            char shellbuf[MAX_PATH];
+            UINT len = GetSystemDirectoryA(shellbuf, sizeof(shellbuf));
+            if (len == 0) {
+                translate_to_errno();
+                return -1;
+            }
+            else if (len >= MAX_PATH) {
+                /* buffer too small */
+                errno = E2BIG;
+                return -1;
+            }
+            if (shellbuf[len-1] != '\\') {
+                my_strlcat(shellbuf, "\\", sizeof(shellbuf));
+                ++len;
+            }
+            if (len + sizeof(shell_cmd) > sizeof(shellbuf)) {
+                errno = E2BIG;
+                return -1;
+            }
+            my_strlcat(shellbuf, shell_cmd, sizeof(shellbuf));
+            len += sizeof(shell_cmd)-1;
+
+            Newx(w32_perlshell_vec, 3, char *);
+            Newx(w32_perlshell_tokens, len + 1 + sizeof(cmd_opts), char);
+
+            my_strlcpy(w32_perlshell_tokens, shellbuf, len+1);
+            my_strlcpy(w32_perlshell_tokens + len +1, cmd_opts,
+                       sizeof(cmd_opts));
+
+            w32_perlshell_vec[0] = w32_perlshell_tokens;
+            w32_perlshell_vec[1] = w32_perlshell_tokens + len + 1;
+            w32_perlshell_vec[2] = NULL;
+
+            w32_perlshell_items = 2;
+        }
+     }
+    return 0;
+ }
+ 
+ int
+@@ -635,7 +682,9 @@ Perl_do_aspawn(pTHX_ SV *really, SV **mark, SV **sp)
+     if (sp <= mark)
+         return -1;
+ 
+-    get_shell();
+    if (get_shell() < 0)
+        return -1;
+
+     Newx(argv, (sp - mark) + w32_perlshell_items + 2, char*);
+ 
+     if (SvNIOKp(*(mark+1)) && !SvPOKp(*(mark+1))) {
+@@ -765,7 +814,8 @@ do_spawn2_handles(pTHX_ const char *cmd, int exectype, const int *handles)
+     if (needToTry) {
+         char **argv;
+         int i = -1;
+-        get_shell();
+        if (get_shell() < 0)
+            return -1;
+         Newx(argv, w32_perlshell_items + 2, char*);
+         while (++i < w32_perlshell_items)
+             argv[i] = w32_perlshell_vec[i];
+@@ -3482,7 +3532,8 @@ win32_pipe(int *pfd, unsigned int size, int mode)
+ DllExport PerlIO*
+ win32_popenlist(const char *mode, IV narg, SV **args)
+ {
+-    get_shell();
+    if (get_shell() < 0)
+        return NULL;
+ 
+     return do_popen(mode, NULL, narg, args);
+ }
+-- 
+2.33.0
+
--- a/backport-CVE-2023-47100-CVE-2023-47038.patch
+++ b/backport-CVE-2023-47100-CVE-2023-47038.patch
@ -0,0 +1,124 @@
+From 12c313ce49b36160a7ca2e9b07ad5bd92ee4a010 Mon Sep 17 00:00:00 2001
+From: Karl Williamson <khw@cpan.org>
+Date: Sat, 9 Sep 2023 11:59:09 -0600
+Subject: [PATCH] Fix read/write past buffer end: perl-security#140
+
+A package name may be specified in a \p{...} regular expression
+construct.  If unspecified, "utf8::" is assumed, which is the package
+all official Unicode properties are in.  By specifying a different
+package, one can create a user-defined property with the same
+unqualified name as a Unicode one.  Such a property is defined by a sub 
+whose name begins with "Is" or "In", and if the sub wishes to refer to
+an official Unicode property, it must explicitly specify the "utf8::".
+S_parse_uniprop_string() is used to parse the interior of both \p{} and 
+the user-defined sub lines.
+
+In S_parse_uniprop_string(), it parses the input "name" parameter,
+creating a modified copy, "lookup_name", malloc'ed with the same size as
+"name".  The modifications are essentially to create a canonicalized
+version of the input, with such things as extraneous white-space
+stripped off.  I found it convenient to strip off the package specifier
+"utf8::".  To to so, the code simply pretends "lookup_name" begins just
+after the "utf8::", and adjusts various other values to compensate.
+However, it missed the adjustment of one required one.
+
+This is only a problem when the property name begins with "perl" and 
+isn't "perlspace" nor "perlword".  All such ones are undocumented
+internal properties.
+
+What happens in this case is that the input is reparsed with slightly
+different rules in effect as to what is legal versus illegal.  The 
+problem is that "lookup_name" no longer is pointing to its initial
+value, but "name" is.  Thus the space allocated for filling "lookup_name"
+is now shorter than "name", and as this shortened "lookup_name" is
+filled by copying suitable portions of "name", the write can be to
+unallocated space.
+
+The solution is to skip the "utf8::" when reparsing "name".  Then both
+"lookup_name" and "name" are effectively shortened by the same amount,
+and there is no going off the end.
+
+This commit also does white-space adjustment so that things align
+vertically for readability.
+
+This can be easily backported to earlier Perl releases.
+
+Reference:https://github.com/Perl/perl5/commit/12c313ce49b36160a7ca2e9b07ad5bd92ee4a010
+Conflict:Context adaptation
+
+---
+ regcomp.c           | 17 +++++++++++------
+ t/re/pat_advanced.t |  8 ++++++++
+ 2 files changed, 19 insertions(+), 6 deletions(-)
+
+diff --git a/regcomp.c b/regcomp.c
+index f5e5f58..0d3e9a9 100644
+--- a/regcomp.c
+++ b/regcomp.c
+@@ -23815,7 +23815,7 @@ S_parse_uniprop_string(pTHX_
+      * compile perl to know about them) */
+     bool is_nv_type = FALSE;
+ 
+-    unsigned int i, j = 0;
+    unsigned int i = 0, i_zero = 0, j = 0;
+     int equals_pos = -1;    /* Where the '=' is found, or negative if none */
+     int slash_pos  = -1;    /* Where the '/' is found, or negative if none */
+     int table_index = 0;    /* The entry number for this property in the table
+@@ -23949,9 +23949,13 @@ S_parse_uniprop_string(pTHX_
+      * all of them are considered to be for that package.  For the purposes of
+      * parsing the rest of the property, strip it off */
+     if (non_pkg_begin == STRLENs("utf8::") && memBEGINPs(name, name_len, "utf8::")) {
+-        lookup_name +=  STRLENs("utf8::");
+-        j -=  STRLENs("utf8::");
+-        equals_pos -=  STRLENs("utf8::");
+        lookup_name += STRLENs("utf8::");
+        j           -= STRLENs("utf8::");
+        equals_pos  -= STRLENs("utf8::");
+        i_zero       = STRLENs("utf8::");   /* When resetting 'i' to reparse
+                                               from the beginning, it has to be
+                                               set past what we're stripping
+                                               off */
+         stripped_utf8_pkg = TRUE;
+     }
+ 
+@@ -24356,7 +24360,8 @@ S_parse_uniprop_string(pTHX_
+ 
+             /* We set the inputs back to 0 and the code below will reparse,
+              * using strict */
+-            i = j = 0;
+            i = i_zero;
+            j = 0;
+         }
+     }
+ 
+@@ -24377,7 +24382,7 @@ S_parse_uniprop_string(pTHX_
+          * separates two digits */
+         if (cur == '_') {
+             if (    stricter
+-                && (     i == 0 || (int) i == equals_pos || i == name_len- 1
+                && (   i == i_zero || (int) i == equals_pos || i == name_len- 1
+                     || ! isDIGIT_A(name[i-1]) || ! isDIGIT_A(name[i+1])))
+             {
+                 lookup_name[j++] = '_';
+diff --git a/t/re/pat_advanced.t b/t/re/pat_advanced.t
+index d679870..3b79eec 100644
+--- a/t/re/pat_advanced.t
+++ b/t/re/pat_advanced.t
+@@ -2565,6 +2565,14 @@ EOF
+                        {}, "GH #17278");
+     }
+ 
+    {   # perl-security#140, read/write past buffer end
+        fresh_perl_like('qr/\p{utf8::perl x}/',
+                        qr/Illegal user-defined property name "utf8::perl x" in regex/,
+                        {}, "perl-security#140");
+        fresh_perl_is('qr/\p{utf8::_perl_surrogate}/', "",
+                        {}, "perl-security#140");
+    }
+
+ 
+     # !!! NOTE that tests that aren't at all likely to crash perl should go
+     # a ways above, above these last ones.  There's a comment there that, like
+-- 
+2.33.0
+
--- a/change-lib-to-lib64.patch
+++ b/change-lib-to-lib64.patch
@ -8,10 +8,10 @@ Subject: [PATCH] change lib to lib64
 1 file changed, 8 insertions(+), 8 deletions(-)

 diff --git a/Configure b/Configure
-index 3be9f05..1c53af7 100755
+index cc74bdc..0e7441d 100755
 --- a/Configure
 +++ b/Configure
-@@ -7269,8 +7269,8 @@ esac'
+@@ -7229,8 +7229,8 @@ esac'
 : Reproduce behavior of 5.005 and earlier, maybe drop that in 5.7.
 case "$installstyle" in
 '')	case "$prefix" in
@ -22,7 +22,7 @@ index 3be9f05..1c53af7 100755
 	esac
 	;;
 *)	dflt="$installstyle" ;;
-@@ -7336,8 +7336,8 @@ esac
+@@ -7296,8 +7296,8 @@ esac
 : /opt/perl/lib/perl5... would be redundant.
 : The default "style" setting is made in installstyle.U
 case "$installstyle" in
@ -33,7 +33,7 @@ index 3be9f05..1c53af7 100755
 esac
 eval $prefixit
 $cat <<EOM
-@@ -7584,8 +7584,8 @@ siteprefixexp="$ansexp"
+@@ -7544,8 +7544,8 @@ siteprefixexp="$ansexp"
 prog=`echo $package | $sed 's/-*[0-9.]*$//'`
 case "$sitelib" in
 '') case "$installstyle" in
@ -44,7 +44,7 @@ index 3be9f05..1c53af7 100755
 	esac
 	;;
 *)	dflt="$sitelib"
-@@ -8001,8 +8001,8 @@ case "$vendorprefix" in
+@@ -7963,8 +7963,8 @@ case "$vendorprefix" in
 	'')
 		prog=`echo $package | $sed 's/-*[0-9.]*$//'`
 		case "$installstyle" in
@ -56,5 +56,5 @@ index 3be9f05..1c53af7 100755
 		;;
 	*)	dflt="$vendorlib"
 -- 
-1.8.3.1
+2.27.0

--- a/disable-rpath-by-default.patch
+++ b/disable-rpath-by-default.patch
@ -8,10 +8,10 @@ Subject: [PATCH] disable rpath by default
 1 file changed, 3 deletions(-)

 diff --git a/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm b/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm
-index fe53be1..fd0f5b5 100644
+index 977b50e..ac5cdb5 100644
 --- a/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm
 +++ b/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm
-@@ -1045,9 +1045,6 @@ sub xs_make_dynamic_lib {
+@@ -1077,9 +1077,6 @@ sub xs_make_dynamic_lib {
     }
 
     my $ld_run_path_shell = "";
@ -22,5 +22,5 @@ index fe53be1..fd0f5b5 100644
     push @m, sprintf <<'MAKE', $ld_run_path_shell, $ldrun, $dlsyms_arg, $ldfrom, $self->xs_obj_opt('$@'), $libs, $exportlist;
 	%s$(LD) %s $(LDDLFLAGS) %s %s $(OTHERLDFLAGS) %s $(MYEXTLIB) \
 -- 
-1.8.3.1
+2.27.0

--- a/perl-5.16.3-create_libperl_soname.patch
+++ b/perl-5.16.3-create_libperl_soname.patch
--- a/backport-perl-5.22.0-Install-libperl.so-to-shrpdir-on-Linux.patch
+++ b/backport-perl-5.22.0-Install-libperl.so-to-shrpdir-on-Linux.patch
@ -6,10 +6,6 @@ MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit

-Reason:Install libperl.so to shrpdir on Linux
-Conflict:NA
-Reference:https://src.fedoraproject.org/rpms/perl/blob/master/f/perl-5.22.0-Install-libperl.so-to-shrpdir-on-Linux.patch
-
 Signed-off-by: Petr Písař <ppisar@redhat.com>
 ---
 Configure   | 7 ++++---
--- a/perl-5.22.1-Provide-ExtUtils-MM-methods-as-standalone-ExtUtils-M.patch
+++ b/perl-5.22.1-Provide-ExtUtils-MM-methods-as-standalone-ExtUtils-M.patch
@ -0,0 +1,110 @@
+From 9575301256f67116eccdbb99b38fc804ba3dcf53 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
+Date: Mon, 18 Apr 2016 16:24:03 +0200
+Subject: [PATCH] Provide ExtUtils::MM methods as standalone
+ ExtUtils::MM::Utils
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+If you cannot afford depending on ExtUtils::MakeMaker, you can
+depend on ExtUtils::MM::Utils instead.
+
+<https://bugzilla.redhat.com/show_bug.cgi?id=1129443>
+
+Signed-off-by: Petr Písař <ppisar@redhat.com>
+---
+ MANIFEST                                         |  1 +
+ cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM/Utils.pm | 68 ++++++++++++++++++++++++
+ 2 files changed, 69 insertions(+)
+ create mode 100644 cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM/Utils.pm
+
+diff --git a/MANIFEST b/MANIFEST
+index 6af238c..d4f0c56 100644
+--- a/MANIFEST
+++ b/MANIFEST
+@@ -784,6 +784,7 @@ cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_OS390.pm
+ cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_OS390.pm
+ cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_QNX.pm			MakeMaker methods for QNX
+ cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm			MakeMaker methods for Unix
+cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM/Utils.pm		Independed MM methods
+ cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_UWIN.pm			MakeMaker methods for U/WIN
+ cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_VMS.pm			MakeMaker methods for VMS
+ cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_VOS.pm			MakeMaker methods for VOS
+diff --git a/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM/Utils.pm b/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM/Utils.pm
+new file mode 100644
+index 0000000..6bbc0d8
+--- /dev/null
+++ b/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM/Utils.pm
+@@ -0,0 +1,68 @@
+package ExtUtils::MM::Utils;
+
+require 5.006;
+
+use strict;
+use vars qw($VERSION);
+$VERSION = '7.11_06';
+$VERSION = eval $VERSION;  ## no critic [BuiltinFunctions::ProhibitStringyEval]
+
+=head1 NAME
+
+ExtUtils::MM::Utils - ExtUtils::MM methods without dependency on ExtUtils::MakeMaker
+
+=head1 SYNOPSIS
+
+    require ExtUtils::MM::Utils;
+    MM->maybe_command($file);
+
+=head1 DESCRIPTION
+
+This is a collection of L<ExtUtils::MM> subroutines that are used by many
+other modules but that do not need full-featured L<ExtUtils::MakeMaker>. The
+issue with L<ExtUtils::MakeMaker> is it pulls in Perl header files and that is
+an overkill for small subroutines.
+
+An example is the L<IPC::Cmd> that caused installing GCC just because of
+three-line I<maybe_command()> from L<ExtUtils::MM_Unix>.
+
+The intentions is to use L<ExtUtils::MM::Utils> instead of
+L<ExtUtils::MakeMaker> for these trivial methods. You can still call them via
+L<MM> class name.
+
+=head1 METHODS
+
+=over 4
+
+=item maybe_command
+
+Returns true, if the argument is likely to be a command.
+
+=cut
+
+if (!exists $INC{'ExtUtils/MM.pm'}) {
+    *MM::maybe_command = *ExtUtils::MM::maybe_command = \&maybe_command;
+}
+
+sub maybe_command {
+    my($self,$file) = @_;
+    return $file if -x $file && ! -d $file;
+    return;
+}
+
+1;
+
+=back
+
+=head1 BUGS
+
+These methods are copied from L<ExtUtils::MM_Unix>. Other operating systems
+are not supported yet. The reason is this
+L<a hack for Linux
+distributions|https://bugzilla.redhat.com/show_bug.cgi?id=1129443>.
+
+=head1 SEE ALSO
+
+L<ExtUtils::MakeMaker>, L<ExtUtils::MM>
+
+=cut
+-- 
+2.5.5
+
--- a/perl-5.34.0-Destroy-GDBM-NDBM-ODBM-SDBM-_File-objects-only-from-.patch
+++ b/perl-5.34.0-Destroy-GDBM-NDBM-ODBM-SDBM-_File-objects-only-from-.patch
@ -1,11 +1,7 @@
-From f793042f2bac2ace9a5c0030b47b41c4db561a5b Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
-Date: Fri, 6 Jun 2014 14:31:59 +0200
+From 8067179e65a28d91f00df7d36778229a07514471 Mon Sep 17 00:00:00 2001
+From: Jitka Plesnikova <jplesnik@redhat.com>
+Date: Thu, 29 Apr 2021 12:21:18 +0200
 Subject: [PATCH] Destroy {GDBM,NDBM,ODBM,SDBM}_File objects only from original
- thread context
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit

 This patch fixes a crash when destroing a hash tied to a *_File
 database after spawning a thread:
@ -20,17 +16,17 @@ This crashed or paniced depending on how perl was configured.

 Closes RT#61912.

-Signed-off-by: Petr Písař <ppisar@redhat.com>
+Updated original ppisar's patch for perl 5.18.2
 ---
- ext/GDBM_File/GDBM_File.xs | 16 ++++++++++------
+ ext/GDBM_File/GDBM_File.xs | 20 ++++++++++++--------
 ext/NDBM_File/NDBM_File.xs | 16 ++++++++++------
 ext/ODBM_File/ODBM_File.xs | 18 +++++++++++-------
 ext/SDBM_File/SDBM_File.xs |  4 +++-
 t/lib/dbmt_common.pl       | 35 +++++++++++++++++++++++++++++++++++
- 5 files changed, 69 insertions(+), 20 deletions(-)
+ 5 files changed, 71 insertions(+), 22 deletions(-)

 diff --git a/ext/GDBM_File/GDBM_File.xs b/ext/GDBM_File/GDBM_File.xs
-index 33e08e2..7160f54 100644
+index cd0bb6f..0c395ac 100644
 --- a/ext/GDBM_File/GDBM_File.xs
 +++ b/ext/GDBM_File/GDBM_File.xs
@@ -13,6 +13,7 @@
@ -41,7 +37,7 @@ index 33e08e2..7160f54 100644
 	GDBM_FILE 	dbp ;
 	SV *    filter[4];
 	int     filtering ;
-@@ -98,6 +99,7 @@ gdbm_TIEHASH(dbtype, name, read_write, m
+@@ -276,6 +277,7 @@ gdbm_TIEHASH(dbtype, name, read_write, mode)
 	}
 	if (dbp) {
 	    RETVAL = (GDBM_File)safecalloc(1, sizeof(GDBM_File_type));
@ -49,29 +45,34 @@ index 33e08e2..7160f54 100644
 	    RETVAL->dbp = dbp;
 	} else {
 	    RETVAL = NULL;
-@@ -118,12 +120,14 @@ gdbm_DESTROY(db)
+@@ -289,15 +291,17 @@ gdbm_DESTROY(db)
 	PREINIT:
 	int i = store_value;
- 	CODE:
-	gdbm_close(db);
+     CODE:
+-        if (gdbm_file_close(db)) {
+-            croak("gdbm_close: %s; %s", gdbm_strerror(gdbm_errno),
+-                  strerror(errno));
+        if (db && db->owner == aTHX) {
+            if (gdbm_file_close(db)) {
+                croak("gdbm_close: %s; %s", gdbm_strerror(gdbm_errno),
+                      strerror(errno));
+	    }
+	    do {
+	        if (db->filter[i])
+		    SvREFCNT_dec(db->filter[i]);
+	    } while (i-- > 0);
+	    safefree(db);
+ 	}
 -	do {
 -	    if (db->filter[i])
 -		SvREFCNT_dec(db->filter[i]);
 -	} while (i-- > 0);
 -	safefree(db);
-+	if (db && db->owner == aTHX) {
-+	    gdbm_close(db);
-+	    do {
-+		if (db->filter[i])
-+		    SvREFCNT_dec(db->filter[i]);
-+	    } while (i-- > 0);
-+	    safefree(db);
-+	}
 
- #define gdbm_FETCH(db,key)			gdbm_fetch(db->dbp,key)
- datum_value
+ void
+ gdbm_UNTIE(db, count)
 diff --git a/ext/NDBM_File/NDBM_File.xs b/ext/NDBM_File/NDBM_File.xs
-index 52e60fc..af223e5 100644
+index eed671a..651fe0f 100644
 --- a/ext/NDBM_File/NDBM_File.xs
 +++ b/ext/NDBM_File/NDBM_File.xs
@@ -33,6 +33,7 @@ END_EXTERN_C
@ -103,7 +104,7 @@ index 52e60fc..af223e5 100644
 +	if (db && db->owner == aTHX) {
 +	    dbm_close(db->dbp);
 +	    do {
-+		if (db->filter[i])
+	        if (db->filter[i])
 +		    SvREFCNT_dec(db->filter[i]);
 +	    } while (i-- > 0);
 +	    safefree(db);
@ -112,7 +113,7 @@ index 52e60fc..af223e5 100644
 #define ndbm_FETCH(db,key)			dbm_fetch(db->dbp,key)
 datum_value
 diff --git a/ext/ODBM_File/ODBM_File.xs b/ext/ODBM_File/ODBM_File.xs
-index d1ece7f..f7e00a0 100644
+index 38e6dbf..4b15a42 100644
 --- a/ext/ODBM_File/ODBM_File.xs
 +++ b/ext/ODBM_File/ODBM_File.xs
@@ -49,6 +49,7 @@ datum	nextkey(datum key);
@ -146,7 +147,7 @@ index d1ece7f..f7e00a0 100644
 +	    dbmrefcnt--;
 +	    dbmclose();
 +	    do {
-+		if (db->filter[i])
+	        if (db->filter[i])
 +		    SvREFCNT_dec(db->filter[i]);
 +	    } while (i-- > 0);
 +	    safefree(db);
@ -155,7 +156,7 @@ index d1ece7f..f7e00a0 100644
 datum_value
 odbm_FETCH(db, key)
 diff --git a/ext/SDBM_File/SDBM_File.xs b/ext/SDBM_File/SDBM_File.xs
-index 291e41b..0bdae9a 100644
+index 0df2855..0e2bd58 100644
 --- a/ext/SDBM_File/SDBM_File.xs
 +++ b/ext/SDBM_File/SDBM_File.xs
@@ -10,6 +10,7 @@
@ -166,7 +167,7 @@ index 291e41b..0bdae9a 100644
 	DBM * 	dbp ;
 	SV *    filter[4];
 	int     filtering ;
-@@ -51,6 +52,7 @@ sdbm_TIEHASH(dbtype, filename, flags, mode)
+@@ -51,6 +52,7 @@ sdbm_TIEHASH(dbtype, filename, flags, mode, pagname=NULL)
 	    }
 	    if (dbp) {
 	        RETVAL = (SDBM_File)safecalloc(1, sizeof(SDBM_File_type));
@ -184,7 +185,7 @@ index 291e41b..0bdae9a 100644
 	    sdbm_close(db->dbp);
 	    do {
 diff --git a/t/lib/dbmt_common.pl b/t/lib/dbmt_common.pl
-index 5d4098c..a0a4d52 100644
+index 60c66ae..a7f81fe 100644
 --- a/t/lib/dbmt_common.pl
 +++ b/t/lib/dbmt_common.pl
@@ -510,5 +510,40 @@ unlink <Op_dbmx*>, $Dfile;
@ -229,5 +230,5 @@ index 5d4098c..a0a4d52 100644
 done_testing();
 1;
 -- 
-1.9.3
+2.26.3

--- a/perl-5.34.0-Link-XS-modules-to-libperl.so-with-EU-MM-on-Linux.patch
+++ b/perl-5.34.0-Link-XS-modules-to-libperl.so-with-EU-MM-on-Linux.patch
@ -0,0 +1,73 @@
+diff -aurpN a/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm b/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm
+--- a/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm	2023-09-08 16:58:12.482566546 +0800
+++ b/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm	2023-09-08 17:02:56.171807359 +0800
+@@ -31,6 +31,7 @@ BEGIN {
+     $Is{IRIX}    = $^O eq 'irix';
+     $Is{NetBSD}  = $^O eq 'netbsd';
+     $Is{Interix} = $^O eq 'interix';
+    $Is{Linux}   = $^O eq 'linux';
+     $Is{SunOS4}  = $^O eq 'sunos';
+     $Is{Solaris} = $^O eq 'solaris';
+     $Is{SunOS}   = $Is{SunOS4} || $Is{Solaris};
+@@ -1060,7 +1061,7 @@ sub xs_make_dynamic_lib {
+     push(@m,"	\$(RM_F) \$\@\n");
+ 
+     my $libs = '$(LDLOADLIBS)';
+-    if (($Is{NetBSD} || $Is{Interix} || $Is{Android}) && $Config{'useshrplib'} eq 'true') {
+    if (($Is{Linux} || $Is{NetBSD} || $Is{Interix} || $Is{Android}) && $Config{'useshrplib'} eq 'true') {
+         # Use nothing on static perl platforms, and to the flags needed
+         # to link against the shared libperl library on shared perl
+         # platforms.  We peek at lddlflags to see if we need -Wl,-R
+@@ -1073,6 +1074,11 @@ sub xs_make_dynamic_lib {
+             # The Android linker will not recognize symbols from
+             # libperl unless the module explicitly depends on it.
+             $libs .= ' "-L$(PERL_INC)" -lperl';
+        } else {
+            if ($ENV{PERL_CORE}) {
+                $libs .= ' "-L$(PERL_INC)"';
+            }
+            $libs .= ' -lperl';
+         }
+     }
+ 
+diff -aurpN a/dist/ExtUtils-CBuilder/lib/ExtUtils/CBuilder/Platform/linux.pm b/dist/ExtUtils-CBuilder/lib/ExtUtils/CBuilder/Platform/linux.pm
+--- a/dist/ExtUtils-CBuilder/lib/ExtUtils/CBuilder/Platform/linux.pm	1970-01-01 08:00:00.000000000 +0800
+++ b/dist/ExtUtils-CBuilder/lib/ExtUtils/CBuilder/Platform/linux.pm	2023-09-08 17:09:16.773017629 +0800
+@@ -0,0 +1,26 @@
+package ExtUtils::CBuilder::Platform::linux;
+
+use strict;
+use ExtUtils::CBuilder::Platform::Unix;
+use File::Spec;
+
+use vars qw($VERSION @ISA);
+$VERSION = '0.280236';
+our @ISA = qw(ExtUtils::CBuilder::Platform::Unix);
+
+sub link {
+  my ($self, %args) = @_;
+  my $cf = $self->{config};
+
+  # Link XS modules to libperl.so explicitly because multiple
+  # dlopen(, RTLD_LOCAL) hides libperl symbols from XS module.
+  local $cf->{lddlflags} = $cf->{lddlflags};
+  if ($ENV{PERL_CORE}) {
+    $cf->{lddlflags} .= ' -L' . $self->perl_inc();
+  }
+  $cf->{lddlflags} .= ' -lperl';
+
+  return $self->SUPER::link(%args);
+}
+
+1;
+diff -aurpN a/MANIFEST b/MANIFEST
+--- a/MANIFEST	2023-09-08 16:59:28.747862538 +0800
+++ b/MANIFEST	2023-09-08 17:00:43.036559444 +0800
+@@ -3535,6 +3535,7 @@ dist/ExtUtils-CBuilder/lib/ExtUtils/CBui
+ dist/ExtUtils-CBuilder/lib/ExtUtils/CBuilder/Platform/cygwin.pm	CBuilder methods for cygwin
+ dist/ExtUtils-CBuilder/lib/ExtUtils/CBuilder/Platform/darwin.pm	CBuilder methods for darwin
+ dist/ExtUtils-CBuilder/lib/ExtUtils/CBuilder/Platform/dec_osf.pm	CBuilder methods for OSF
+dist/ExtUtils-CBuilder/lib/ExtUtils/CBuilder/Platform/linux.pm	CBuilder methods for Linux
+ dist/ExtUtils-CBuilder/lib/ExtUtils/CBuilder/Platform/os2.pm	CBuilder methods for OS/2
+ dist/ExtUtils-CBuilder/lib/ExtUtils/CBuilder/Platform/Unix.pm	CBuilder methods for Unix
+ dist/ExtUtils-CBuilder/lib/ExtUtils/CBuilder/Platform/VMS.pm	CBuilder methods for VMS
--- a/perl-5.34.0.tar.xz
+++ b/perl-5.34.0.tar.xz
--- a/perl-5.35.1-Fix-GDBM_File-to-compile-with-version-1.20-and-earli.patch
+++ b/perl-5.35.1-Fix-GDBM_File-to-compile-with-version-1.20-and-earli.patch
@ -0,0 +1,40 @@
+From aacd2398e766500cb5d83c4d76b642fcf31d997a Mon Sep 17 00:00:00 2001
+From: Sergey Poznyakoff <gray@gnu.org>
+Date: Wed, 23 Jun 2021 10:26:50 +0300
+Subject: [PATCH 1/3] Fix GDBM_File to compile with version 1.20 and earlier
+
+* ext/GDBM_File/GDBM_File.xs (ITEM_NOT_FOUND): Define conditionally,
+depending on the GDBM_VERSION_MAJOR and GDBM_VERSION_MINOR.
+Don't assume GDBM_ITEM_NOT_FOUND is a define (it isn't since
+gdbm commit d3e27957).
+---
+ ext/GDBM_File/GDBM_File.xs | 11 +++++------
+ 1 file changed, 5 insertions(+), 6 deletions(-)
+
+diff --git a/ext/GDBM_File/GDBM_File.xs b/ext/GDBM_File/GDBM_File.xs
+index cd0bb6f26f..494c2889ca 100644
+--- a/ext/GDBM_File/GDBM_File.xs
+++ b/ext/GDBM_File/GDBM_File.xs
+@@ -145,14 +145,13 @@ output_datum(pTHX_ SV *arg, char *str, int size)
+ #define gdbm_setopt(db,optflag,optval,optlen) not_here("gdbm_setopt")
+ #endif
+ 
+-#ifndef GDBM_ITEM_NOT_FOUND
+-# define GDBM_ITEM_NOT_FOUND GDBM_NO_ERROR
+-#endif
+-
+#if GDBM_VERSION_MAJOR == 1 && GDBM_VERSION_MINOR < 13        
+ /* Prior to 1.13, gdbm_fetch family functions set gdbm_errno to GDBM_NO_ERROR
+    if the requested key did not exist */
+-#define ITEM_NOT_FOUND()                                                \
+-    (gdbm_errno == GDBM_ITEM_NOT_FOUND || gdbm_errno == GDBM_NO_ERROR)
+# define ITEM_NOT_FOUND()  (gdbm_errno == GDBM_NO_ERROR)
+#else
+# define ITEM_NOT_FOUND()  (gdbm_errno == GDBM_ITEM_NOT_FOUND)
+#endif
+ 
+ #define CHECKDB(db) do {                        \
+     if (!db->dbp) {                             \
+-- 
+2.31.1
+
--- a/perl-5.35.1-Raise-version-number-in-ext-GDBM_File-GDBM_File.pm.patch
+++ b/perl-5.35.1-Raise-version-number-in-ext-GDBM_File-GDBM_File.pm.patch
@ -0,0 +1,25 @@
+From ea57297a58b8f10ab885c19eec48ea076116cc1f Mon Sep 17 00:00:00 2001
+From: Sergey Poznyakoff <gray@gnu.org>
+Date: Wed, 23 Jun 2021 14:24:47 +0300
+Subject: [PATCH 2/3] Raise version number in ext/GDBM_File/GDBM_File.pm
+
+---
+ ext/GDBM_File/GDBM_File.pm | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/ext/GDBM_File/GDBM_File.pm b/ext/GDBM_File/GDBM_File.pm
+index d837536f80..cb08d091b8 100644
+--- a/ext/GDBM_File/GDBM_File.pm
+++ b/ext/GDBM_File/GDBM_File.pm
+@@ -363,7 +363,7 @@ require XSLoader;
+ );
+ 
+ # This module isn't dual life, so no need for dev version numbers.
+-$VERSION = '1.19';
+$VERSION = '1.20';
+ 
+ XSLoader::load();
+ 
+-- 
+2.31.1
+
--- a/perl.spec
+++ b/perl.spec
@ -14,30 +14,37 @@
 #provides module without verion, no need to provide
 %global __provides_exclude %{?__provides_exclude:%__provides_exclude|}^perl\\((charnames|DynaLoader|DB)\\)$

-%global perl_version 5.32.0
+%global perl_version 5.34.0

-%global perl_compat perl(:MODULE_COMPAT_5.32.0)
+%global perl_compat perl(:MODULE_COMPAT_5.34.0)

 Name:           perl
 License:        (GPL+ or Artistic) and (GPLv2+ or Artistic) and MIT and UCD and Public Domain and BSD
 Epoch:          4
 Version:        %{perl_version}
-Release:        8
+Release:        13
 Summary:        A highly capable, feature-rich programming language
 Url:            https://www.perl.org/
 Source0:        https://www.cpan.org/src/5.0/%{name}-%{version}.tar.xz

-# PATCH-FEATURE-OPENEULER
-Patch1:         change-lib-to-lib64.patch
-# PATCH-FEATURE-OPENEULER
-Patch2:         disable-rpath-by-default.patch
-# PATCH-FIX-OPENEULER
-Patch3:         create-libperl-soname.patch
-# PATCH-FIX-OPENEULER--rh#1107543, RT#61912
-Patch4:         perl-5.18.2-Destroy-GDBM-NDBM-ODBM-SDBM-_File-objects-only-from-.patch
-Patch5:		backport-perl-5.22.0-Install-libperl.so-to-shrpdir-on-Linux.patch
+Patch1: perl-5.22.1-Provide-ExtUtils-MM-methods-as-standalone-ExtUtils-M.patch
+Patch2: perl-5.16.3-create_libperl_soname.patch
+Patch3: perl-5.22.0-Install-libperl.so-to-shrpdir-on-Linux.patch
+Patch4: perl-5.34.0-Destroy-GDBM-NDBM-ODBM-SDBM-_File-objects-only-from-.patch
+Patch5: perl-5.35.1-Fix-GDBM_File-to-compile-with-version-1.20-and-earli.patch
+Patch6: perl-5.35.1-Raise-version-number-in-ext-GDBM_File-GDBM_File.pm.patch
+Patch7: change-lib-to-lib64.patch
+Patch8: disable-rpath-by-default.patch
+Patch9: perl-5.34.0-Link-XS-modules-to-libperl.so-with-EU-MM-on-Linux.patch

-BuildRequires:  gcc bash findutils coreutils make tar procps bzip2-devel gdbm-devel
+Patch6000: backport-CVE-2021-36770.patch
+Patch6001: backport-CVE-2023-31484.patch
+Patch6002: backport-CVE-2023-31486.patch
+Patch6003: backport-CVE-2022-48522.patch
+Patch6004: backport-CVE-2023-47100-CVE-2023-47038.patch
+Patch6005: backport-CVE-2023-47039.patch
+
+BuildRequires:  gcc bash findutils coreutils make tar procps bzip2-devel gdbm-devel perl-File-Compare perl-File-Find 
 BuildRequires:  zlib-devel systemtap-sdt-devel perl-interpreter perl-generators

 Requires:       perl-libs = %{epoch}:%{version}-%{release}
@ -63,11 +70,11 @@ Requires:       perl-Module-Metadata perl-Sys-Syslog perl-PerlIO-via-QuotedPrint
 Provides:       perl-Attribute-Handlers perl-interpreter perl(bytes_heavy.pl) perl(dumpvar.pl) perl(perl5db.pl)
 Provides:       perl-ExtUtils-Embed perl-ExtUtils-Miniperl perl-IO perl-IO-Zlib perl-Locale-Maketext-Simple perl-Math-Complex
 Provides:       perl-Module-Loaded perl-Net-Ping perl-Pod-Html perl-SelfLoader perl-Test perl-Time-Piece perl-libnetcfg perl-open perl-utils
-Provides:       perl-Errno perl-Memoize
+Provides:       perl-Errno perl-Memoize perl-File-Compare perl-File-Find

 Obsoletes:      perl-Attribute-Handlers perl-interpreter perl-Errno perl-ExtUtils-Embed perl-Net-Ping
 Obsoletes:      perl-ExtUtils-Miniperl perl-IO perl-IO-Zlib perl-Locale-Maketext-Simple perl-Math-Complex perl-Memoize perl-Module-Loaded
-Obsoletes:      perl-Pod-Html perl-SelfLoader perl-Test perl-Time-Piece perl-libnetcfg perl-open perl-utils
+Obsoletes:      perl-Pod-Html perl-SelfLoader perl-Test perl-Time-Piece perl-libnetcfg perl-open perl-utils perl-File-Compare perl-File-Find


 %description
@ -78,9 +85,8 @@ prototyping and large scale development projects.
 %package libs
 Summary:        The libraries for the perl
 License:        (GPL+ or Artistic) and HSRL and MIT and UCD
-Provides:       perl(:MODULE_COMPAT_5.28.0) perl(:VERSION) = 5.28.0
 Provides:       %perl_compat
-Provides:       perl(:VERSION) = %{perl_version} libperl.so.5.28()(64bit)
+Provides:       perl(:VERSION) = %{perl_version}
 Provides:       perl(:WITH_64BIT) perl(:WITH_ITHREADS) perl(:WITH_THREADS)
 Provides:       perl(:WITH_LARGEFILES) perl(:WITH_PERLIO) perl(unicore::Name)
 Provides:       perl(utf8_heavy.pl)
@ -94,7 +100,8 @@ Summary:        Development files for %{name}
 License:        (GPL+ or Artistic) and UCD

 Requires:       perl = %{epoch}:%{version}-%{release} system-rpm-config systemtap-sdt-devel
-Requires:       perl(ExtUtils::ParseXS) perl(:MODULE_COMPAT_5.28.0) perl(Devel::PPPort)
+Requires:       perl(ExtUtils::ParseXS) perl(Devel::PPPort)
+Requires:       %perl_compat

 Provides:       perl-Devel-Peek perl-Devel-SelfStubber perl-tests

@ -405,6 +412,9 @@ make test_harness
 %exclude %{perl_datadir}/{integer.pm,strict.pm,unicore,utf8.pm}
 %exclude %{perl_datadir}/{utf8_heavy.pl,warnings.pm,XSLoader.pm}
 %exclude %dir %{perl_vendor_datadir}
+%dir %{perl_datadir}/File
+%{perl_datadir}/File/Compare.pm
+%{perl_datadir}/File/Find.pm

 %license Artistic Copying
 %doc AUTHORS
@ -483,6 +493,66 @@ make test_harness
 %{_mandir}/man3/*

 %changelog
+* Mon Dec 11 2023 huyubiao <huyubiao@huawei.com> - 4:5.34.0-13
+- Fix CVE-2023-47100
+
+* Fri Dec 8 2023 hongjinghao <hongjinghao@huawei.com> - 4:5.34.0-12
+- Fix CVE-2023-47039
+
+* Mon Nov 27 2023 hongjinghao <hongjinghao@huawei.com> - 4:5.34.0-11
+- Fix CVE-2023-47038
+
+* Fri Sep 8 2023 zhangzikang <zhangzikang@kylinos.cn> - 4:5.34.0-10
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:fix-perl-re.so-undefined-symbol-error
+
+* Fri Aug 25 2023 yangmingtai <yangmingtai@huawei.com> - 4:5.34.0-9
+- fix CVE-2022-48522
+
+* Mon Jun 26 2023 yangmingtai <yangmingtai@huawei.com> - 4:5.34.0-8
+- fix CVE-2023-31486
+
+* Mon May 15 2023 dongyuzhen <dongyuzhen@h-partners.com> 4:5.34.0-7
+- fix CVE-2023-31484
+
+* Fri Jul 01 2022 dongyuzhen <dongyuzhen@h-partners.com> 4:5.34.0-6
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:Add patches that are deleted during the upgrade
+
+* Tue Jun 21 2022 tianwei<tianwei@h-partners.com> 4:5.34.0-5
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:delete maninfo of Compare and Find packages from perl
+
+* Mon Mar 28 2022 tianwei<tianwei@h-partners.com> 4:5.34.0-4
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:delete low version files
+
+* Thu Feb 24 2022 yuanxin<yuanxin24@h-partners.com> 4:5.34.0-3
+- Type:CVE
+- ID:CVE-2021-36770
+- SUG:NA
+- DESC:fix CVE-2021-36770
+
+* Wed Jan 05 2022 tianwei<tianwei12@huawei.com> 4:5.34.0-2
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:fix perl version required for devel
+
+* Wed Dec 29 2021 tianwei<tianwei12@huawei.com> 4:5.34.0-1
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:upgrade version to 5.34.0
+
 * Thu Aug 5 2021 yuanxin<yuanxin24@huawei.com> 4:5.32.0-8
 - Type:bugfix
 - ID:NA
@ -507,14 +577,14 @@ make test_harness
 - SUG:NA
 - DESC:remove perl-DB_File

-* Thu Mar 30 2021 shenyangyang<shenyangyang4@huawei.com> - 4:5.32.0-4
+* Tue Mar 30 2021 shenyangyang<shenyangyang4@huawei.com> - 4:5.32.0-4
 - Type:bugfix
 - ID:NA
 - SUG:NA
 - DESC:Rebuild for openEuler-rpm-config moving /usr/lib/rpm/openEuler/xxxx
       to /usr/lib/xxxx

-* Web Mar 03 2021 wuchaochao<wuchaochao4@huawei.com> - 4:5.32.0-3
+* Wed Mar 03 2021 wuchaochao<wuchaochao4@huawei.com> - 4:5.32.0-3
 - Type:bugfix
 - ID:NA
 - SUG:NA
@ -556,7 +626,7 @@ make test_harness
 - SUG:NA
 - DESC:add macros that used for perl

-* Fri Jan 2 2020 openEuler Buildteam <buildteam@openeuler.org> - 4:5.28.0-430
+* Thu Jan 2 2020 openEuler Buildteam <buildteam@openeuler.org> - 4:5.28.0-430
 - Type:NA
 - ID:NA
 - SUG:NA
Author	SHA1	Message	Date
openeuler-ci-bot	45868fc430	!115 [sync] PR-113: Fix CVE-2023-47100 From: @openeuler-sync-bot Reviewed-by: @openeuler-basic Signed-off-by: @openeuler-basic	2023-12-11 14:03:56 +00:00
h30032433	045ec5d148	Fix CVE-2023-47100 (cherry picked from commit `0c055dc9cd`)	2023-12-11 21:07:37 +08:00
openeuler-ci-bot	c3c3a145b9	!107 [sync] PR-102: Fix CVE-2023-47039 From: @openeuler-sync-bot Reviewed-by: @openeuler-basic Signed-off-by: @openeuler-basic	2023-12-11 02:33:15 +00:00
hongjinghao	30c4ca4a88	Fix CVE-2023-47039 (cherry picked from commit `09d612e356`)	2023-12-08 17:02:01 +08:00
openeuler-ci-bot	5a93e1d593	!100 [sync] PR-99: Fix CVE-2023-47038 From: @openeuler-sync-bot Reviewed-by: @openeuler-basic Signed-off-by: @openeuler-basic	2023-11-27 12:36:51 +00:00
hongjinghao	24d33495b8	Fix CVE-2023-47038 (cherry picked from commit `93b57dc758`)	2023-11-27 19:47:56 +08:00
openeuler-ci-bot	bb3d3ef271	!96 [sync] PR-95: 解决执行“ldd -r re.so”命令有大量的“undefined symbol”报错问题 From: @openeuler-sync-bot Reviewed-by: @dillon_chen Signed-off-by: @dillon_chen	2023-09-12 05:55:37 +00:00
zhangzikang1992	7bc8c72e25	Fix perl-libs re.so undefined symbol error (cherry picked from commit `992e87b23e`)	2023-09-11 17:52:40 +08:00
openeuler-ci-bot	76689db267	!93 [sync] PR-90: fix CVE-2022-48522 From: @openeuler-sync-bot Reviewed-by: @licunlong Signed-off-by: @licunlong	2023-08-26 00:59:31 +00:00
yangmingtai	44d9bf5bca	fix CVE-2022-48522 (cherry picked from commit `6bd423e3f8`)	2023-08-25 17:00:32 +08:00
openeuler-ci-bot	71c7b37917	!84 [sync] PR-78: fix CVE-2023-31486 From: @openeuler-sync-bot Reviewed-by: @openeuler-basic Signed-off-by: @openeuler-basic	2023-06-27 07:45:55 +00:00
yangmingtai	f38118c5ef	fix CVE-2023-31486 (cherry picked from commit `e9025e5ed6`)	2023-06-27 09:30:12 +08:00
openeuler-ci-bot	c76a496118	!75 [sync] PR-72: fix CVE-2023-31484 From: @openeuler-sync-bot Reviewed-by: @openeuler-basic Signed-off-by: @openeuler-basic	2023-05-16 06:08:05 +00:00
dongyuzhen	c8fc1484cf	fix CVE-2023-31484 (cherry picked from commit `95e79a7ba5`)	2023-05-16 10:09:02 +08:00
openeuler-ci-bot	fcd57b3f95	!67 fix the date error in changelog From: @dongyuzhen Reviewed-by: @licunlong Signed-off-by: @licunlong	2022-08-27 06:07:22 +00:00
dongyuzhen	141b5b0cff	fix changelog	2022-08-26 14:46:31 +08:00
openeuler-ci-bot	4bcebe8c1e	!62 添加升级至5.34.0版本误删除的补丁 From: @dongyuzhen Reviewed-by: @overweight Signed-off-by: @overweight	2022-07-04 01:16:47 +00:00
dongyuzhen	da21c6b088	Add patches that are deleted during the upgrade	2022-07-01 17:17:58 +08:00
openeuler-ci-bot	906f16dd4b	!59 delete maninfo of Compare and Find packages from perl From: @weiwei_150212 Reviewed-by: @licunlong Signed-off-by: @licunlong	2022-06-21 08:32:09 +00:00
weiwei_tiantian	57251b26ce	delete maninfo of Compare and Find packages from perl	2022-06-21 15:39:47 +08:00
openeuler-ci-bot	62aa2c02a9	!58 【轻量级 PR】：fix bogus date in %changelog From: @zhangkea Reviewed-by: @licunlong Signed-off-by: @licunlong	2022-06-20 09:02:24 +00:00
zhangkea	10181a858c	fix bogus date in %changelog	2022-06-16 16:59:25 +08:00
openeuler-ci-bot	598e7bc6ac	!53 [sync] PR-52: delete low version files From: @openeuler-sync-bot Reviewed-by: @overweight Signed-off-by: @overweight	2022-03-28 09:21:48 +00:00
weiwei_tiantian	39e34e72d5	delete low version files (cherry picked from commit `7527aa4724`)	2022-03-28 16:24:48 +08:00
openeuler-ci-bot	d52e7ae493	!48 fix CVE-2021-36770 From: @xinyingchao Reviewed-by: @xiezhipeng1 Signed-off-by: @xiezhipeng1	2022-02-24 12:07:42 +00:00
xinyingchao	b0633db262	fix CVE-2021-36770	2022-02-24 16:46:06 +08:00
openeuler-ci-bot	34ad703dbe	!47 fix perl version required for devel Merge pull request !47 from tianwei/openEuler-22.03-LTS-Next	2022-01-05 13:02:41 +00:00
weiwei_tiantian	724835d47a	fix perl version required for devel	2022-01-05 18:15:34 +08:00
openeuler-ci-bot	fc1093bfa5	!46 upgrade version to 5.34.0 Merge pull request !46 from tianwei/openEuler-22.03-LTS-Next	2021-12-31 08:44:55 +00:00
weiwei_tiantian	df33e5a74f	upgrade version to 5.34.0	2021-12-31 16:25:32 +08:00