Apply local patches - perl-5.38.2

ok gkoehler@
Commit and we'll fix fallout bluhm@
Right away, please deraadt@

Fix merge issues, remove excess files - match perl-5.38.2 dist

ok gkoehler@
Commit and we'll fix fallout bluhm@
Right away, please deraadt@

Apply local patches - perl-5.36.0

OK bluhm@
a good time naddy@

Fix merge issues, remove excess files - match perl-5.36.0 dist

OK bluhm@
a good time naddy@

Apply local patches, remove excess files - perl-5.32.1

OK sthen@

Fix merge issues, remove excess files - match perl-5.32.1 dist

OK sthen@

Apply local patches, remove excess files - perl-5.30.1

Timing is good deraadt@, OK sthen@

Fix merge issues, remove excess files - match perl-5.30.1 dist

Timing is good deraadt@, OK sthen@

Apply local patches, remove excess files - perl-5.28.1

looking good sthen@, Great! bluhm@

Fix merge issues, remove excess files - match perl-5.28.1 dist

looking good sthen@, Great! bluhm@

Apply local patches, remove excess files - perl-5.24.3

OK bluhm@

Fix merge issues, remove excess files - match perl-5.24.3 dist

ok bluhm@

Apply local patches - perl-5.24.2

OK bluhm@, Reads ok sthen@

Fix merge issues, remove excess files - match perl-5.24.2 dist

OK bluhm@, Reads ok sthen@

Apply local patches - perl-5.24.1

Fix merge issues, remove excess files - match perl-5.24.1 dist

Create perl directories 0775 in OBJDIR

Allows user to clean up after a noperm build

requested and makes sense to tb@

Patch perl CVE-2016-1238

The problem relates to Perl 5 ("perl") loading modules from the
includes directory array ("@INC") in which the last element is the
current directory ("."). That means that, when "perl" wants to
load a module (during first compilation or during lazy loading of
a module in run-time), perl will look for the module in the current
directory at the end, since '.' is the last include directory in
its array of include directories to seek. The issue is with requiring
libraries that are in "." but are not otherwise installed.

The major problem with this behavior is that it unexpectedly puts
a user at risk whenever they execute any Perl scripts from a directory
that is writable by other accounts on the system. For instance, if
a user is logged in as root and changes directory into /tmp or an
account's home directory, it is possible to now run any shell
commands that are written in C, Python or Ruby without fear.

The same isn't true for any shell commands that are written in Perl,
since a significant proportion of Perl scripts will execute code
in the current working directory whenever they are run. For example,
if a user on a shared system creates the file /tmp/Pod/Perldoc/Toterm.pm,
and then I log in as root, change directory to /tmp, and run "perldoc
perlrun", it will execute the code they have placed in the file.


ok deraadt@

branches: 1.8.2; 1.8.4;
Apply local patches, remove excess files - perl-5.20.2

Fix merge issues, remove excess files - match perl-5.20.2 dist

Fix race condition in perl's ExtUtils::MakeMaker

Many thanks to Nathanael Rensen <nathanael at polymorpheus dot com>
for tracking it down and supplying the patch.

Has been reported upstream and the fix incorporated into a larger change
https://github.com/Perl-Toolchain-Gang/ExtUtils-MakeMaker/issues/192

Fix merge conflicts, remove extra files, match upstream perl-5.20.1

ok deraadt@ sthen@ espie@ miod@

Merge perl-5.18.2 plus local patches, remove old files

OK espie@ sthen@ deraadt@

merge/resolve conflicts
(some more to do after this one)

merge in perl 5.12.2 plus local changes

branches: 1.1.1;
Initial revision

Apply local patches - perl-5.36.0

OK bluhm@
a good time naddy@

Fix merge issues, remove excess files - match perl-5.36.0 dist

OK bluhm@
a good time naddy@

Apply local patches, remove excess files - perl-5.32.1

OK sthen@

Fix merge issues, remove excess files - match perl-5.32.1 dist

OK sthen@

Apply local patches, remove excess files - perl-5.30.1

Timing is good deraadt@, OK sthen@

Fix merge issues, remove excess files - match perl-5.30.1 dist

Timing is good deraadt@, OK sthen@

Apply local patches, remove excess files - perl-5.28.1

looking good sthen@, Great! bluhm@

Fix merge issues, remove excess files - match perl-5.28.1 dist

looking good sthen@, Great! bluhm@

Apply local patches, remove excess files - perl-5.24.3

OK bluhm@

Fix merge issues, remove excess files - match perl-5.24.3 dist

ok bluhm@

Apply local patches - perl-5.24.2

OK bluhm@, Reads ok sthen@

Fix merge issues, remove excess files - match perl-5.24.2 dist

OK bluhm@, Reads ok sthen@

Apply local patches - perl-5.24.1

Fix merge issues, remove excess files - match perl-5.24.1 dist

Create perl directories 0775 in OBJDIR

Allows user to clean up after a noperm build

requested and makes sense to tb@

Patch perl CVE-2016-1238

The problem relates to Perl 5 ("perl") loading modules from the
includes directory array ("@INC") in which the last element is the
current directory ("."). That means that, when "perl" wants to
load a module (during first compilation or during lazy loading of
a module in run-time), perl will look for the module in the current
directory at the end, since '.' is the last include directory in
its array of include directories to seek. The issue is with requiring
libraries that are in "." but are not otherwise installed.

The major problem with this behavior is that it unexpectedly puts
a user at risk whenever they execute any Perl scripts from a directory
that is writable by other accounts on the system. For instance, if
a user is logged in as root and changes directory into /tmp or an
account's home directory, it is possible to now run any shell
commands that are written in C, Python or Ruby without fear.

The same isn't true for any shell commands that are written in Perl,
since a significant proportion of Perl scripts will execute code
in the current working directory whenever they are run. For example,
if a user on a shared system creates the file /tmp/Pod/Perldoc/Toterm.pm,
and then I log in as root, change directory to /tmp, and run "perldoc
perlrun", it will execute the code they have placed in the file.


ok deraadt@

branches: 1.8.2; 1.8.4;
Apply local patches, remove excess files - perl-5.20.2

Fix merge issues, remove excess files - match perl-5.20.2 dist

Fix race condition in perl's ExtUtils::MakeMaker

Many thanks to Nathanael Rensen <nathanael at polymorpheus dot com>
for tracking it down and supplying the patch.

Has been reported upstream and the fix incorporated into a larger change
https://github.com/Perl-Toolchain-Gang/ExtUtils-MakeMaker/issues/192

Fix merge conflicts, remove extra files, match upstream perl-5.20.1

ok deraadt@ sthen@ espie@ miod@

Merge perl-5.18.2 plus local patches, remove old files

OK espie@ sthen@ deraadt@

merge/resolve conflicts
(some more to do after this one)

merge in perl 5.12.2 plus local changes

branches: 1.1.1;
Initial revision

Apply local patches, remove excess files - perl-5.32.1

OK sthen@

Fix merge issues, remove excess files - match perl-5.32.1 dist

OK sthen@

Apply local patches, remove excess files - perl-5.30.1

Timing is good deraadt@, OK sthen@

Fix merge issues, remove excess files - match perl-5.30.1 dist

Timing is good deraadt@, OK sthen@

Apply local patches, remove excess files - perl-5.28.1

looking good sthen@, Great! bluhm@

Fix merge issues, remove excess files - match perl-5.28.1 dist

looking good sthen@, Great! bluhm@

Apply local patches, remove excess files - perl-5.24.3

OK bluhm@

Fix merge issues, remove excess files - match perl-5.24.3 dist

ok bluhm@

Apply local patches - perl-5.24.2

OK bluhm@, Reads ok sthen@

Fix merge issues, remove excess files - match perl-5.24.2 dist

OK bluhm@, Reads ok sthen@

Apply local patches - perl-5.24.1

Fix merge issues, remove excess files - match perl-5.24.1 dist

Create perl directories 0775 in OBJDIR

Allows user to clean up after a noperm build

requested and makes sense to tb@

Patch perl CVE-2016-1238

The problem relates to Perl 5 ("perl") loading modules from the
includes directory array ("@INC") in which the last element is the
current directory ("."). That means that, when "perl" wants to
load a module (during first compilation or during lazy loading of
a module in run-time), perl will look for the module in the current
directory at the end, since '.' is the last include directory in
its array of include directories to seek. The issue is with requiring
libraries that are in "." but are not otherwise installed.

The major problem with this behavior is that it unexpectedly puts
a user at risk whenever they execute any Perl scripts from a directory
that is writable by other accounts on the system. For instance, if
a user is logged in as root and changes directory into /tmp or an
account's home directory, it is possible to now run any shell
commands that are written in C, Python or Ruby without fear.

The same isn't true for any shell commands that are written in Perl,
since a significant proportion of Perl scripts will execute code
in the current working directory whenever they are run. For example,
if a user on a shared system creates the file /tmp/Pod/Perldoc/Toterm.pm,
and then I log in as root, change directory to /tmp, and run "perldoc
perlrun", it will execute the code they have placed in the file.


ok deraadt@

branches: 1.8.2; 1.8.4;
Apply local patches, remove excess files - perl-5.20.2

Fix merge issues, remove excess files - match perl-5.20.2 dist

Fix race condition in perl's ExtUtils::MakeMaker

Many thanks to Nathanael Rensen <nathanael at polymorpheus dot com>
for tracking it down and supplying the patch.

Has been reported upstream and the fix incorporated into a larger change
https://github.com/Perl-Toolchain-Gang/ExtUtils-MakeMaker/issues/192

Fix merge conflicts, remove extra files, match upstream perl-5.20.1

ok deraadt@ sthen@ espie@ miod@

Merge perl-5.18.2 plus local patches, remove old files

OK espie@ sthen@ deraadt@

merge/resolve conflicts
(some more to do after this one)

merge in perl 5.12.2 plus local changes

branches: 1.1.1;
Initial revision

Apply local patches, remove excess files - perl-5.30.1

Timing is good deraadt@, OK sthen@

Fix merge issues, remove excess files - match perl-5.30.1 dist

Timing is good deraadt@, OK sthen@

Apply local patches, remove excess files - perl-5.28.1

looking good sthen@, Great! bluhm@

Fix merge issues, remove excess files - match perl-5.28.1 dist

looking good sthen@, Great! bluhm@

Apply local patches, remove excess files - perl-5.24.3

OK bluhm@

Fix merge issues, remove excess files - match perl-5.24.3 dist

ok bluhm@

Apply local patches - perl-5.24.2

OK bluhm@, Reads ok sthen@

Fix merge issues, remove excess files - match perl-5.24.2 dist

OK bluhm@, Reads ok sthen@

Apply local patches - perl-5.24.1

Fix merge issues, remove excess files - match perl-5.24.1 dist

Create perl directories 0775 in OBJDIR

Allows user to clean up after a noperm build

requested and makes sense to tb@

Patch perl CVE-2016-1238

The problem relates to Perl 5 ("perl") loading modules from the
includes directory array ("@INC") in which the last element is the
current directory ("."). That means that, when "perl" wants to
load a module (during first compilation or during lazy loading of
a module in run-time), perl will look for the module in the current
directory at the end, since '.' is the last include directory in
its array of include directories to seek. The issue is with requiring
libraries that are in "." but are not otherwise installed.

The major problem with this behavior is that it unexpectedly puts
a user at risk whenever they execute any Perl scripts from a directory
that is writable by other accounts on the system. For instance, if
a user is logged in as root and changes directory into /tmp or an
account's home directory, it is possible to now run any shell
commands that are written in C, Python or Ruby without fear.

The same isn't true for any shell commands that are written in Perl,
since a significant proportion of Perl scripts will execute code
in the current working directory whenever they are run. For example,
if a user on a shared system creates the file /tmp/Pod/Perldoc/Toterm.pm,
and then I log in as root, change directory to /tmp, and run "perldoc
perlrun", it will execute the code they have placed in the file.


ok deraadt@

branches: 1.8.2; 1.8.4;
Apply local patches, remove excess files - perl-5.20.2

Fix merge issues, remove excess files - match perl-5.20.2 dist

Fix race condition in perl's ExtUtils::MakeMaker

Many thanks to Nathanael Rensen <nathanael at polymorpheus dot com>
for tracking it down and supplying the patch.

Has been reported upstream and the fix incorporated into a larger change
https://github.com/Perl-Toolchain-Gang/ExtUtils-MakeMaker/issues/192

Fix merge conflicts, remove extra files, match upstream perl-5.20.1

ok deraadt@ sthen@ espie@ miod@

Merge perl-5.18.2 plus local patches, remove old files

OK espie@ sthen@ deraadt@

merge/resolve conflicts
(some more to do after this one)

merge in perl 5.12.2 plus local changes

branches: 1.1.1;
Initial revision

Apply local patches, remove excess files - perl-5.28.1

looking good sthen@, Great! bluhm@

Fix merge issues, remove excess files - match perl-5.28.1 dist

looking good sthen@, Great! bluhm@

Apply local patches, remove excess files - perl-5.24.3

OK bluhm@

Fix merge issues, remove excess files - match perl-5.24.3 dist

ok bluhm@

Apply local patches - perl-5.24.2

OK bluhm@, Reads ok sthen@

Fix merge issues, remove excess files - match perl-5.24.2 dist

OK bluhm@, Reads ok sthen@

Apply local patches - perl-5.24.1

Fix merge issues, remove excess files - match perl-5.24.1 dist

Create perl directories 0775 in OBJDIR

Allows user to clean up after a noperm build

requested and makes sense to tb@

Patch perl CVE-2016-1238

The problem relates to Perl 5 ("perl") loading modules from the
includes directory array ("@INC") in which the last element is the
current directory ("."). That means that, when "perl" wants to
load a module (during first compilation or during lazy loading of
a module in run-time), perl will look for the module in the current
directory at the end, since '.' is the last include directory in
its array of include directories to seek. The issue is with requiring
libraries that are in "." but are not otherwise installed.

The major problem with this behavior is that it unexpectedly puts
a user at risk whenever they execute any Perl scripts from a directory
that is writable by other accounts on the system. For instance, if
a user is logged in as root and changes directory into /tmp or an
account's home directory, it is possible to now run any shell
commands that are written in C, Python or Ruby without fear.

The same isn't true for any shell commands that are written in Perl,
since a significant proportion of Perl scripts will execute code
in the current working directory whenever they are run. For example,
if a user on a shared system creates the file /tmp/Pod/Perldoc/Toterm.pm,
and then I log in as root, change directory to /tmp, and run "perldoc
perlrun", it will execute the code they have placed in the file.


ok deraadt@

branches: 1.8.2; 1.8.4;
Apply local patches, remove excess files - perl-5.20.2

Fix merge issues, remove excess files - match perl-5.20.2 dist

Fix race condition in perl's ExtUtils::MakeMaker

Many thanks to Nathanael Rensen <nathanael at polymorpheus dot com>
for tracking it down and supplying the patch.

Has been reported upstream and the fix incorporated into a larger change
https://github.com/Perl-Toolchain-Gang/ExtUtils-MakeMaker/issues/192

Fix merge conflicts, remove extra files, match upstream perl-5.20.1

ok deraadt@ sthen@ espie@ miod@

Merge perl-5.18.2 plus local patches, remove old files

OK espie@ sthen@ deraadt@

merge/resolve conflicts
(some more to do after this one)

merge in perl 5.12.2 plus local changes

branches: 1.1.1;
Initial revision

Apply local patches, remove excess files - perl-5.24.3

OK bluhm@

Fix merge issues, remove excess files - match perl-5.24.3 dist

ok bluhm@

Apply local patches - perl-5.24.2

OK bluhm@, Reads ok sthen@

Fix merge issues, remove excess files - match perl-5.24.2 dist

OK bluhm@, Reads ok sthen@

Apply local patches - perl-5.24.1

Fix merge issues, remove excess files - match perl-5.24.1 dist

Create perl directories 0775 in OBJDIR

Allows user to clean up after a noperm build

requested and makes sense to tb@

Patch perl CVE-2016-1238

The problem relates to Perl 5 ("perl") loading modules from the
includes directory array ("@INC") in which the last element is the
current directory ("."). That means that, when "perl" wants to
load a module (during first compilation or during lazy loading of
a module in run-time), perl will look for the module in the current
directory at the end, since '.' is the last include directory in
its array of include directories to seek. The issue is with requiring
libraries that are in "." but are not otherwise installed.

The major problem with this behavior is that it unexpectedly puts
a user at risk whenever they execute any Perl scripts from a directory
that is writable by other accounts on the system. For instance, if
a user is logged in as root and changes directory into /tmp or an
account's home directory, it is possible to now run any shell
commands that are written in C, Python or Ruby without fear.

The same isn't true for any shell commands that are written in Perl,
since a significant proportion of Perl scripts will execute code
in the current working directory whenever they are run. For example,
if a user on a shared system creates the file /tmp/Pod/Perldoc/Toterm.pm,
and then I log in as root, change directory to /tmp, and run "perldoc
perlrun", it will execute the code they have placed in the file.


ok deraadt@

branches: 1.8.2; 1.8.4;
Apply local patches, remove excess files - perl-5.20.2

Fix merge issues, remove excess files - match perl-5.20.2 dist

Fix race condition in perl's ExtUtils::MakeMaker

Many thanks to Nathanael Rensen <nathanael at polymorpheus dot com>
for tracking it down and supplying the patch.

Has been reported upstream and the fix incorporated into a larger change
https://github.com/Perl-Toolchain-Gang/ExtUtils-MakeMaker/issues/192

Fix merge conflicts, remove extra files, match upstream perl-5.20.1

ok deraadt@ sthen@ espie@ miod@

Merge perl-5.18.2 plus local patches, remove old files

OK espie@ sthen@ deraadt@

merge/resolve conflicts
(some more to do after this one)

merge in perl 5.12.2 plus local changes

branches: 1.1.1;
Initial revision