main/perl: upgrade to 5.38.5

https://www.nntp.perl.org/group/perl.perl5.porters/2025/08/msg270152.html
2026-02-16 05:11:59 +01:00 · 2025-08-03 13:48:33 +00:00 · 2025-08-03 13:48:33 +00:00 · a1b19b36e2
commit a1b19b36e2
parent 448c64cf5d
2 changed files with 5 additions and 32 deletions
--- a/main/perl/APKBUILD
+++ b/main/perl/APKBUILD
@ -2,8 +2,8 @@
 # Contributor: Leonardo Arena <rnalrd@alpinelinux.org>
 # Contributor: Valery Kartel <valery.kartel@gmail.com>
 pkgname=perl
-pkgver=5.38.3
-pkgrel=1
+pkgver=5.38.5
+pkgrel=0
 pkgdesc="Larry Wall's Practical Extraction and Report Language"
 url="https://www.perl.org/"
 arch="all"
@ -11,12 +11,12 @@ license="Artistic-1.0-Perl OR GPL-1.0-or-later"
 depends_dev="perl-utils=$pkgver-r$pkgrel"
 makedepends="bzip2-dev zlib-dev"
 subpackages="$pkgname-doc $pkgname-dev $pkgname-utils::noarch miniperl"
-source="https://www.cpan.org/src/5.0/perl-$pkgver.tar.xz
+#source="https://www.cpan.org/src/5.0/perl-$pkgver.tar.xz
+source="https://cpan.metacpan.org/authors/id/S/SH/SHAY/perl-$pkgver.tar.xz
 	digest-sha-cflags.patch
 	musl-skip-dst-test.patch
 	skip-test-due-to-busybox-ps.patch
 	musl-stack-size.patch
-	CVE-2024-56406.patch
 	"
 # creates empty usr/local/{lib,share} for local sitedirs
 options="!fhs"
@ -190,10 +190,9 @@ utils() {
 }

 sha512sums="
-4c81d34589e560dae8740cbdd8e29f103ba2c297a5c1d6196f78967f89d1a786d0ee5075e0eac9825c0d5130078803b39ffbde2cec4540f3d4f76530f3bf53b7  perl-5.38.3.tar.xz
+d95c7d2dcd275db127e1da32ee105cbb7d944aa9d6e61c994ef7af6afdb3d0445af564b93a0df4adeb599a97efb4491488e448b149512beb3c1954306ed29ca3  perl-5.38.5.tar.xz
 59afa4c166e4808d355e19cd70748540ffce9da5c6919c71648be7678de328409f9121ddea33415add73fc01a22e95ed9d9629f31b8ba20b3bbfc04dab926c63  digest-sha-cflags.patch
 3eaec691bc38e208ba4f34130ae45e50b6c339fa50093d0b0f6d7f24cb5b7c2a3734ca714a279c4b51173f82e46a8e7a3e70bfc7d7471a18c55a2102140e4186  musl-skip-dst-test.patch
 ba9cb1ff4a6e8e4c31bf4ef132c071ac919ffe45842cf5e98c8ca72d78ef4803883b57a0e7b8037da0079561a6ce9e6bd8d127892ac1bcb047638cb3ba3157f6  skip-test-due-to-busybox-ps.patch
 c004d6612ec754e5947255a2e2d15b5581f187c32495aeeec9f4fa286919bd9f40c72b63db61e3f4004b09288af2063a6a14b67e5c289e9a8b23ebd7c216e16f  musl-stack-size.patch
-45bc05ea9efa9e527ecff4a4796b97fa34cbdf86e736d968c7cca90b372f2b7f4f351b577e4d61d71d6250088735bbf193e757467dc29c568fbc4c15baef9aba  CVE-2024-56406.patch
 "
--- a/main/perl/CVE-2024-56406.patch
+++ b/main/perl/CVE-2024-56406.patch
@ -1,26 +0,0 @@
-From 87f42aa0e0096e9a346c9672aa3a0bd3bef8c1dd Mon Sep 17 00:00:00 2001
-From: Karl Williamson <khw@cpan.org>
-Date: Wed, 18 Dec 2024 18:25:29 -0700
-Subject: [PATCH] CVE-2024-56406: Heap-buffer-overflow with tr//
-
-This was due to underallocating needed space.  If the translation forces
-something to become UTF-8 that is initially bytes, that UTF-8 could
-now require two bytes where previously a single one would do.
-
-(cherry picked from commit f93109c8a6950aafbd7488d98e112552033a3686)
---
- op.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/op.c b/op.c
-index 69ff030e88eb..298b2926338a 100644
--- a/op.c
-+++ b/op.c
-@@ -6881,6 +6881,7 @@ S_pmtrans(pTHX_ OP *o, OP *expr, OP *repl)
-                  * same time.  But otherwise one crosses before the other */
-                 if (t_cp < 256 && r_cp_end > 255 && r_cp != t_cp) {
-                     can_force_utf8 = TRUE;
-+                    max_expansion = MAX(2, max_expansion);
-                 }
-             }
-