Merge updates from debian/bullseye-security

9b51ba33 · Apertis CI robot · 3bebfa6e · 306d4d14 · 9b51ba33 · 9b51ba33
Commit 9b51ba33 authored 3 years ago by Apertis CI robot
--- a/debian/changelog
+++ b/debian/changelog
+libencode-perl (3.08-1+deb11u1+apertis0) apertis; urgency=medium
+
+  * Sync from debian/bullseye-security.
+
+ -- Apertis CI <devel@lists.apertis.org>  Wed, 11 Aug 2021 16:18:15 +0000
+
+libencode-perl (3.08-1+deb11u1) bullseye-security; urgency=high
+
+  * [SECURITY] CVE-2021-36770: Encode loading code from working directory
+
+ -- Niko Tyni <ntyni@debian.org>  Fri, 06 Aug 2021 21:49:32 +0300
+
 libencode-perl (3.08-1apertis0) apertis; urgency=medium

  * Import from Debian bullseye.

--- a/debian/patches/0001-mitigate-INC-pollution-when-loading-ConfigLocal.patch
+++ b/debian/patches/0001-mitigate-INC-pollution-when-loading-ConfigLocal.patch
+From 200652dec217550188bf7984021552bd4114fe34 Mon Sep 17 00:00:00 2001
+From: Ricardo Signes <rjbs@semiotic.systems>
+Date: Sat, 17 Jul 2021 14:46:10 -0400
+Subject: [PATCH] mitigate @INC pollution when loading ConfigLocal
+
+---
+ Encode.pm | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/Encode.pm b/Encode.pm
+index d3eb3c1..9fb5fc7 100644
+--- a/Encode.pm
+++ b/Encode.pm
+@@ -65,8 +65,8 @@ require Encode::Config;
+ eval {
+     local $SIG{__DIE__};
+     local $SIG{__WARN__};
+-    local @INC = @INC || ();
+-    pop @INC if $INC[-1] eq '.';
+    local @INC = @INC;
+    pop @INC if @INC && $INC[-1] eq '.';
+     require Encode::ConfigLocal;
+ };
+ 
+-- 
+2.29.2
+
--- a/debian/patches/series
+++ b/debian/patches/series
+0001-mitigate-INC-pollution-when-loading-ConfigLocal.patch