main/perl: upgrade to 5.40.2

2026-05-05 12:26:52 +02:00 · 2025-04-15 15:50:09 +00:00 · 2025-04-15 15:50:09 +00:00 · 090377c19b
commit 090377c19b
parent 0179c68796
2 changed files with 3 additions and 31 deletions
--- a/main/perl/APKBUILD
+++ b/main/perl/APKBUILD
@ -3,8 +3,8 @@
 # Maintainer: Celeste <cielesti@protonmail.com>
 maintainer="Celeste <cielesti@protonmail.com>"
 pkgname=perl
-pkgver=5.40.1
-pkgrel=1
+pkgver=5.40.2
+pkgrel=0
 pkgdesc="Larry Wall's Practical Extraction and Report Language"
 url="https://www.perl.org/"
 arch="all"
@ -19,7 +19,6 @@ source="https://www.cpan.org/src/5.0/perl-$pkgver.tar.xz
 	musl-skip-dst-test.patch
 	musl-stack-size.patch
 	skip-test-due-to-busybox-ps.patch
-	CVE-2024-56406.patch
 	"
 # creates empty usr/local/{lib,share} for local sitedirs
 options="!fhs"
@ -197,12 +196,11 @@ utils() {
 }

 sha512sums="
-3ff16b3462ce43ff38dab21b3dfc20f81772b8c9eac19ab96ba2d5e6cbb390e2302fa76c4879f915249357cd11c7ec0d548bcbf3ab2c156df1b9fca95da3f545  perl-5.40.1.tar.xz
+1324b119e4370bbeb47a343d152f46c637addb0373ff07f0e214aa9d5912c03cd2bd23987a6e86d43453166412d3a03a52e780201941f679ef4186df16590e41  perl-5.40.2.tar.xz
 59afa4c166e4808d355e19cd70748540ffce9da5c6919c71648be7678de328409f9121ddea33415add73fc01a22e95ed9d9629f31b8ba20b3bbfc04dab926c63  digest-sha-cflags.patch
 abae709290306a8fbc96b604b9b38fc09a46ae178f3e77944813f1b46c78e2e3654e5c3b3a6aca96684a2d1061e2871376d508fbe82604864055309156b4d0d8  dont-write-packlist.patch
 4e8a655160e54a151e0bc4819fd1cd69e43c1e36844bcefbb9734f36130a2d9e1700b1aa64153a9d20a8deb875e904876dbe7b14dd278266b21a86a33d91eebd  json-pp-options.patch
 3eaec691bc38e208ba4f34130ae45e50b6c339fa50093d0b0f6d7f24cb5b7c2a3734ca714a279c4b51173f82e46a8e7a3e70bfc7d7471a18c55a2102140e4186  musl-skip-dst-test.patch
 c004d6612ec754e5947255a2e2d15b5581f187c32495aeeec9f4fa286919bd9f40c72b63db61e3f4004b09288af2063a6a14b67e5c289e9a8b23ebd7c216e16f  musl-stack-size.patch
 ba9cb1ff4a6e8e4c31bf4ef132c071ac919ffe45842cf5e98c8ca72d78ef4803883b57a0e7b8037da0079561a6ce9e6bd8d127892ac1bcb047638cb3ba3157f6  skip-test-due-to-busybox-ps.patch
-45bc05ea9efa9e527ecff4a4796b97fa34cbdf86e736d968c7cca90b372f2b7f4f351b577e4d61d71d6250088735bbf193e757467dc29c568fbc4c15baef9aba  CVE-2024-56406.patch
 "
--- a/main/perl/CVE-2024-56406.patch
+++ b/main/perl/CVE-2024-56406.patch
@ -1,26 +0,0 @@
-From 87f42aa0e0096e9a346c9672aa3a0bd3bef8c1dd Mon Sep 17 00:00:00 2001
-From: Karl Williamson <khw@cpan.org>
-Date: Wed, 18 Dec 2024 18:25:29 -0700
-Subject: [PATCH] CVE-2024-56406: Heap-buffer-overflow with tr//
-
-This was due to underallocating needed space.  If the translation forces
-something to become UTF-8 that is initially bytes, that UTF-8 could
-now require two bytes where previously a single one would do.
-
-(cherry picked from commit f93109c8a6950aafbd7488d98e112552033a3686)
---
- op.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/op.c b/op.c
-index 69ff030e88eb..298b2926338a 100644
--- a/op.c
-+++ b/op.c
-@@ -6881,6 +6881,7 @@ S_pmtrans(pTHX_ OP *o, OP *expr, OP *repl)
-                  * same time.  But otherwise one crosses before the other */
-                 if (t_cp < 256 && r_cp_end > 255 && r_cp != t_cp) {
-                     can_force_utf8 = TRUE;
-+                    max_expansion = MAX(2, max_expansion);
-                 }
-             }
-