import perl-Archive-Zip-1.60-3.el8

.gitignore

@@ -0,0 +1 @@
+SOURCES/Archive-Zip-1.60.tar.gz

.perl-Archive-Zip.metadata

@@ -0,0 +1 @@
+8900c3f288bddec63b429b8f038c71e4f745fbe1 SOURCES/Archive-Zip-1.60.tar.gz

SOURCES/Archive-Zip-1.60-Prevent-from-traversing-symlinks-and-parent-director.patch

@@ -0,0 +1,406 @@
+From 5c79b9faae0f1dd67cc8288964c72c12e03884f8 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
+Date: Fri, 15 Jun 2018 14:49:47 +0200
+Subject: [PATCH] Prevent from traversing symlinks and parent directories when
+ extracting
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+If an attacker-supplied archive contains symbolic links and files that
+referes to the symbolic links in their path components, the user can
+be tricked into overwriting any arbitrary file.
+
+The same issue is with archives whose members refer to a parent
+directory (..) in their path components.
+
+This patch fixes it by aborting an extraction (extractTree(),
+extractMember(), extractMemberWithoutPaths()) in those cases by not
+traversing the dangerous paths and returning AZ_ERORR instead.
+
+However, if a user supplies a local file name, the security checks are
+not performed. This is based on the assumption that a user knows
+what's on his local file system.
+
+CVE-2018-10860
+https://bugzilla.redhat.com/show_bug.cgi?id=1591449
+
+Signed-off-by: Petr Písař <ppisar@redhat.com>
+---
+ MANIFEST                               |   3 +
+ lib/Archive/Zip.pm                     |   8 ++
+ lib/Archive/Zip/Archive.pm             |  37 +++++++
+ t/25_traversal.t                       | 189 +++++++++++++++++++++++++++++++++
+ t/data/dotdot-from-unexistant-path.zip | Bin 0 -> 245 bytes
+ t/data/link-dir.zip                    | Bin 0 -> 260 bytes
+ t/data/link-samename.zip               | Bin 0 -> 257 bytes
+ 7 files changed, 237 insertions(+)
+ create mode 100644 t/25_traversal.t
+ create mode 100644 t/data/dotdot-from-unexistant-path.zip
+ create mode 100644 t/data/link-dir.zip
+ create mode 100644 t/data/link-samename.zip
+
+diff --git a/MANIFEST b/MANIFEST
+index 2e9655d..a1bd7d6 100644
+--- a/MANIFEST
++++ b/MANIFEST
+@@ -59,6 +59,7 @@ t/21_zip64.t
+ t/22_deflated_dir.t
+ t/23_closed_handle.t
+ t/24_unicode_win32.t
++t/25_traversal.t
+ t/badjpeg/expected.jpg
+ t/badjpeg/source.zip
+ t/common.pm
+@@ -68,6 +69,7 @@ t/data/crypcomp.zip
+ t/data/crypt.zip
+ t/data/def.zip
+ t/data/defstr.zip
++t/data/dotdot-from-unexistant-path.zip
+ t/data/empty.zip
+ t/data/emptydef.zip
+ t/data/emptydefstr.zip
+@@ -75,6 +77,7 @@ t/data/emptystore.zip
+ t/data/emptystorestr.zip
+ t/data/good_github11.zip
+ t/data/jar.zip
++t/data/link-dir.zip
+ t/data/linux.zip
+ t/data/mkzip.pl
+ t/data/perl.zip
+diff --git a/lib/Archive/Zip.pm b/lib/Archive/Zip.pm
+index ca82e31..907808b 100644
+--- a/lib/Archive/Zip.pm
++++ b/lib/Archive/Zip.pm
+@@ -1145,6 +1145,9 @@ member is used as the name of the extracted file or
+ directory.
+ If you pass C<$extractedName>, it should be in the local file
+ system's format.
++If you do not pass C<$extractedName> and the internal filename traverses
++a parent directory or a symbolic link, the extraction will be aborted with
++C<AC_ERROR> for security reason.
+ All necessary directories will be created. Returns C<AZ_OK>
+ on success.
+ 
+@@ -1162,6 +1165,9 @@ extracted member (its paths will be deleted too). Otherwise,
+ the internal filename of the member (minus paths) is used as
+ the name of the extracted file or directory. Returns C<AZ_OK>
+ on success.
++If you do not pass C<$extractedName> and the internal filename is equalled
++to a local symbolic link, the extraction will be aborted with C<AC_ERROR> for
++security reason.
+ 
+ =item addMember( $member )
+ 
+@@ -1609,6 +1615,8 @@ a/x to f:\d\e\x
+ 
+ a/b/c to f:\d\e\b\c and ignore ax/d/e and d/e
+ 
++If the path to the extracted file traverses a parent directory or a symbolic
++link, the extraction will be aborted with C<AC_ERROR> for security reason.
+ Returns an error code or AZ_OK if everything worked OK.
+ 
+ =back
+diff --git a/lib/Archive/Zip/Archive.pm b/lib/Archive/Zip/Archive.pm
+index 48f0d1a..b0d3e46 100644
+--- a/lib/Archive/Zip/Archive.pm
++++ b/lib/Archive/Zip/Archive.pm
+@@ -185,6 +185,8 @@ sub extractMember {
+         $dirName = File::Spec->catpath($volumeName, $dirName, '');
+     } else {
+         $name = $member->fileName();
++        if ((my $ret = _extractionNameIsSafe($name))
++            != AZ_OK) { return $ret; }
+         ($dirName = $name) =~ s{[^/]*$}{};
+         $dirName = Archive::Zip::_asLocalName($dirName);
+         $name    = Archive::Zip::_asLocalName($name);
+@@ -218,6 +220,8 @@ sub extractMemberWithoutPaths {
+     unless ($name) {
+         $name = $member->fileName();
+         $name =~ s{.*/}{};    # strip off directories, if any
++        if ((my $ret = _extractionNameIsSafe($name))
++            != AZ_OK) { return $ret; }
+         $name = Archive::Zip::_asLocalName($name);
+     }
+     my $rc = $member->extractToFileNamed($name, @_);
+@@ -827,6 +831,37 @@ sub addTreeMatching {
+     return $self->addTree($root, $dest, $matcher, $compressionLevel);
+ }
+ 
++# Check if one of the components of a path to the file or the file name
++# itself is an already existing symbolic link. If yes then return an
++# error. Continuing and writing to a file traversing a link posseses
++# a security threat, especially if the link was extracted from an
++# attacker-supplied archive. This would allow writing to an arbitrary
++# file. The same applies when using ".." to escape from a working
++# directory. <https://bugzilla.redhat.com/show_bug.cgi?id=1591449>
++sub _extractionNameIsSafe {
++    my $name = shift;
++    my ($volume, $directories) = File::Spec->splitpath($name, 1);
++    my @directories = File::Spec->splitdir($directories);
++    if (grep '..' eq $_, @directories) {
++        return _error(
++            "Could not extract $name safely: a parent directory is used");
++    }
++    my @path;
++    my $path;
++    for my $directory (@directories) {
++        push @path, $directory;
++        $path = File::Spec->catpath($volume, File::Spec->catdir(@path), '');
++        if (-l $path) {
++            return _error(
++                "Could not extract $name safely: $path is an existing symbolic link");
++        }
++        if (!-e $path) {
++            last;
++        }
++    }
++    return AZ_OK;
++}
++
+ # $zip->extractTree( $root, $dest [, $volume] );
+ #
+ # $root and $dest are Unix-style.
+@@ -861,6 +896,8 @@ sub extractTree {
+         $fileName =~ s{$pattern}{$dest};       # in Unix format
+                                                # convert to platform format:
+         $fileName = Archive::Zip::_asLocalName($fileName, $volume);
++        if ((my $ret = _extractionNameIsSafe($fileName))
++            != AZ_OK) { return $ret; }
+         my $status = $member->extractToFileNamed($fileName);
+         return $status if $status != AZ_OK;
+     }
+diff --git a/t/25_traversal.t b/t/25_traversal.t
+new file mode 100644
+index 0000000..d03dede
+--- /dev/null
++++ b/t/25_traversal.t
+@@ -0,0 +1,189 @@
++use strict;
++use warnings;
++
++use Archive::Zip qw( :ERROR_CODES );
++use File::Spec;
++use File::Path;
++use lib 't';
++use common;
++
++use Test::More tests => 41;
++
++# These tests check for CVE-2018-10860 vulnerabilities.
++# If an archive contains a symlink and then a file that traverses that symlink,
++# extracting the archive tree could write into an abitrary file selected by
++# the symlink value.
++# Another issue is if an archive contains a file whose path component refers
++# to a parent direcotory. Then extracting that file could write into a file
++# out of current working directory subtree.
++# These tests check extracting of these files is refuses and that they are
++# indeed not created.
++
++# Suppress croaking errors, the tests produce some.
++Archive::Zip::setErrorHandler(sub {});
++my ($existed, $ret, $zip, $allowed_file, $forbidden_file);
++
++# Change working directory to a temporary directory because some tested
++# functions operarates there and we need prepared symlinks there.
++my @data_path = (File::Spec->splitdir(File::Spec->rel2abs('.')), 't', 'data');
++ok(chdir TESTDIR, "Working directory changed");
++
++# Case 1:
++#   link-dir -> /tmp
++#   link-dir/gotcha-linkdir
++# writes into /tmp/gotcha-linkdir file.
++SKIP: {
++    # Symlink tests make sense only if a file system supports them.
++    my $link = 'trylink';
++    $ret = eval { symlink('.', $link)};
++    skip 'Symbolic links are not supported', 12 if $@;
++    unlink $link;
++
++    # Extracting an archive tree must fail
++    $zip = Archive::Zip->new();
++    isa_ok($zip, 'Archive::Zip');
++    is($zip->read(File::Spec->catfile(@data_path, 'link-dir.zip')), AZ_OK,
++        'Archive read');
++    $existed = -e File::Spec->catfile('', 'tmp', 'gotcha-linkdir');
++    $ret = eval { $zip->extractTree() };
++    is($ret, AZ_ERROR, 'Tree extraction aborted');
++    SKIP: {
++        skip 'A canary file existed before the test', 1 if $existed;
++        ok(! -e File::Spec->catfile('link-dir', 'gotcha-linkdir'),
++            'A file was not created in a symlinked directory');
++    }
++    ok(unlink(File::Spec->catfile('link-dir')), 'link-dir removed');
++
++    # The same applies to extracting an archive member without an explicit
++    # local file name. It must abort.
++    $link = 'link-dir';
++    ok(symlink('.', $link), 'A symlink to a directory created');
++    $forbidden_file = File::Spec->catfile($link, 'gotcha-linkdir');
++    $existed = -e $forbidden_file;
++    $ret = eval { $zip->extractMember('link-dir/gotcha-linkdir') };
++    is($ret, AZ_ERROR, 'Member extraction without a local name aborted');
++    SKIP: {
++        skip 'A canary file existed before the test', 1 if $existed;
++        ok(! -e $forbidden_file,
++            'A file was not created in a symlinked directory');
++    }
++
++    # But allow extracting an archive member into a supplied file name
++    $allowed_file = File::Spec->catfile($link, 'file');
++    $ret = eval { $zip->extractMember('link-dir/gotcha-linkdir', $allowed_file) };
++    is($ret, AZ_OK, 'Member extraction passed');
++    ok(-e $allowed_file, 'File created');
++    ok(unlink($allowed_file), 'File removed');
++    ok(unlink($link), 'A symlink to a directory removed');
++}
++
++# Case 2:
++#   unexisting/../../../../../tmp/gotcha-dotdot-unexistingpath
++# writes into ../../../../tmp/gotcha-dotdot-unexistingpath, that is
++# /tmp/gotcha-dotdot-unexistingpath file if CWD is not deeper than
++# 4 directories.
++$zip = Archive::Zip->new();
++isa_ok($zip, 'Archive::Zip');
++is($zip->read(File::Spec->catfile(@data_path,
++            'dotdot-from-unexistant-path.zip')), AZ_OK, 'Archive read');
++$forbidden_file = File::Spec->catfile('..', '..', '..', '..', 'tmp',
++    'gotcha-dotdot-unexistingpath');
++$existed = -e $forbidden_file;
++$ret = eval { $zip->extractTree() };
++is($ret, AZ_ERROR, 'Tree extraction aborted');
++SKIP: {
++    skip 'A canary file existed before the test', 1 if $existed;
++    ok(! -e $forbidden_file, 'A file was not created in a parent directory');
++}
++
++# The same applies to extracting an archive member without an explicit local
++# file name. It must abort.
++$existed = -e $forbidden_file;
++$ret = eval { $zip->extractMember(
++        'unexisting/../../../../../tmp/gotcha-dotdot-unexistingpath',
++    ) };
++is($ret, AZ_ERROR, 'Member extraction without a local name aborted');
++SKIP: {
++    skip 'A canary file existed before the test', 1 if $existed;
++    ok(! -e $forbidden_file, 'A file was not created in a parent directory');
++}
++
++# But allow extracting an archive member into a supplied file name
++ok(mkdir('directory'), 'Directory created');
++$allowed_file = File::Spec->catfile('directory', '..', 'file');
++$ret = eval { $zip->extractMember(
++        'unexisting/../../../../../tmp/gotcha-dotdot-unexistingpath',
++        $allowed_file
++    ) };
++is($ret, AZ_OK, 'Member extraction passed');
++ok(-e $allowed_file, 'File created');
++ok(unlink($allowed_file), 'File removed');
++
++# Case 3:
++#   link-file -> /tmp/gotcha-samename
++#   link-file
++# writes into /tmp/gotcha-samename. It must abort. (Or replace the symlink in
++# more relaxed mode in the future.)
++$zip = Archive::Zip->new();
++isa_ok($zip, 'Archive::Zip');
++is($zip->read(File::Spec->catfile(@data_path, 'link-samename.zip')), AZ_OK,
++    'Archive read');
++$existed = -e File::Spec->catfile('', 'tmp', 'gotcha-samename');
++$ret = eval { $zip->extractTree() };
++is($ret, AZ_ERROR, 'Tree extraction aborted');
++SKIP: {
++    skip 'A canary file existed before the test', 1 if $existed;
++    ok(! -e File::Spec->catfile('', 'tmp', 'gotcha-samename'),
++        'A file was not created through a symlinked file');
++}
++ok(unlink(File::Spec->catfile('link-file')), 'link-file removed');
++
++# The same applies to extracting an archive member using extractMember()
++# without an explicit local file name. It must abort.
++my $link = 'link-file';
++my $target = 'target';
++ok(symlink($target, $link), 'A symlink to a file created');
++$forbidden_file = File::Spec->catfile($target);
++$existed = -e $forbidden_file;
++# Select a member by order due to same file names.
++my $member = ${[$zip->members]}[1];
++ok($member, 'A member to extract selected');
++$ret = eval { $zip->extractMember($member) };
++is($ret, AZ_ERROR,
++    'Member extraction using extractMember() without a local name aborted');
++SKIP: {
++    skip 'A canary file existed before the test', 1 if $existed;
++    ok(! -e $forbidden_file,
++        'A symlinked target file was not created');
++}
++
++# But allow extracting an archive member using extractMember() into a supplied
++# file name.
++$allowed_file = $target;
++$ret = eval { $zip->extractMember($member, $allowed_file) };
++is($ret, AZ_OK, 'Member extraction using extractMember() passed');
++ok(-e $allowed_file, 'File created');
++ok(unlink($allowed_file), 'File removed');
++
++# The same applies to extracting an archive member using
++# extractMemberWithoutPaths() without an explicit local file name.
++# It must abort.
++$existed = -e $forbidden_file;
++# Select a member by order due to same file names.
++$ret = eval { $zip->extractMemberWithoutPaths($member) };
++is($ret, AZ_ERROR,
++    'Member extraction using extractMemberWithoutPaths() without a local name aborted');
++SKIP: {
++    skip 'A canary file existed before the test', 1 if $existed;
++    ok(! -e $forbidden_file,
++        'A symlinked target file was not created');
++}
++
++# But allow extracting an archive member using extractMemberWithoutPaths()
++# into a supplied file name.
++$allowed_file = $target;
++$ret = eval { $zip->extractMemberWithoutPaths($member, $allowed_file) };
++is($ret, AZ_OK, 'Member extraction using extractMemberWithoutPaths() passed');
++ok(-e $allowed_file, 'File created');
++ok(unlink($allowed_file), 'File removed');
++ok(unlink($link), 'A symlink to a file removed');
+diff --git a/t/data/dotdot-from-unexistant-path.zip b/t/data/dotdot-from-unexistant-path.zip
+new file mode 100644
+index 0000000000000000000000000000000000000000..faaa5bb95c4310ad3dfa8ea7bbad6850da3f2095
+GIT binary patch
+literal 245
+zcmWIWW@Zs#0D%jBS9~Vyb&-_^vO(Aih)eTQD>92qGV{{)_4H6sNp69DdVWcAMxt&?
+zehCoiBGeWnmSjNWtQ7S06v{J8G87Q93LxnKZ$>5&X51D7?FNHwjUWo48O04iClPW+
+TfHx}}$OJ|p%mC8mAPxfn{*XXp
+
+literal 0
+HcmV?d00001
+
+diff --git a/t/data/link-dir.zip b/t/data/link-dir.zip
+new file mode 100644
+index 0000000000000000000000000000000000000000..99fbb437ec0bd694b8122cdb1ce8221a3da2e453
+GIT binary patch
+literal 260
+zcmWIWW@Zs#0D<k1mwfb&?B-$tvO$;wh;uUYvUO83i}Xu!3j$D7hJV%T0_g)`ab%V0
+z`6bC2iMk-2K#dTdLRn^_0+6Qw66Ff;W@Hj!#%(FkG%)zT5JbV8fUXPO0T4Y54BHyD
+ZkaX#zIw!!Jl?|kj2?(o!bTNp-004oiIM)CG
+
+literal 0
+HcmV?d00001
+
+diff --git a/t/data/link-samename.zip b/t/data/link-samename.zip
+new file mode 100644
+index 0000000000000000000000000000000000000000..e9036c0348f5fb9536cb7ee0f2c09b9ef595a12c
+GIT binary patch
+literal 257
+zcmWIWW@Zs#00HsHOFm_vR<nY5Aj}EGIhlFcx@nm?srn_k1^VgvCCM3yy2XjPsd+#g
+zfTHz8cF##^pcW8D(F)O}P?njf0Me-o(wd?GGMOvDn~_O`8MpO7qrl+*LJ$Ra47xUS
+bt09^g7`8Q9qiSPi14%IfVIGjK1#uVvx^_1y
+
+literal 0
+HcmV?d00001
+
+-- 
+2.14.4
+

SPECS/perl-Archive-Zip.spec

@@ -0,0 +1,325 @@
+Name:           perl-Archive-Zip
+Version:        1.60
+Release:        3%{?dist}
+Summary:        Perl library for accessing Zip archives
+# lib/Archive/Zip/Member.pm:    (GPL+ or Artistic) and BSD
+#                               (The _mapPermissionsToUnix() comments are
+#                               copied from BSD-licensed unzip)
+# other files:                  GPL+ or Artistic
+License:        (GPL+ or Artistic) and BSD
+URL:            https://metacpan.org/release/Archive-Zip
+Source0:        https://cpan.metacpan.org/authors/id/P/PH/PHRED/Archive-Zip-%{version}.tar.gz
+# Fix CVE-2018-10860 (a directory and symbolic link traversal), bug #1596131,
+# in upstream after 1.60.
+Patch0:         Archive-Zip-1.60-Prevent-from-traversing-symlinks-and-parent-director.patch
+BuildArch:      noarch
+# For a Git binary patch
+BuildRequires:  git-core
+BuildRequires:  make
+BuildRequires:  perl-interpreter
+BuildRequires:  perl-generators
+BuildRequires:  perl(:VERSION) >= 5.4
+BuildRequires:  perl(Config)
+BuildRequires:  perl(ExtUtils::MakeMaker) >= 6.76
+BuildRequires:  perl(strict)
+# Run-time
+BuildRequires:  perl(:VERSION) >= 5.6
+BuildRequires:  perl(bytes)
+BuildRequires:  perl(Carp)
+BuildRequires:  perl(Compress::Raw::Zlib)
+BuildRequires:  perl(constant)
+BuildRequires:  perl(Cwd)
+BuildRequires:  perl(Data::Dumper)
+BuildRequires:  perl(Encode)
+BuildRequires:  perl(Exporter)
+BuildRequires:  perl(File::Basename)
+BuildRequires:  perl(File::Copy)
+BuildRequires:  perl(File::Find)
+BuildRequires:  perl(File::Path)
+BuildRequires:  perl(File::Spec) >= 0.80
+BuildRequires:  perl(File::Temp)
+BuildRequires:  perl(FileHandle)
+BuildRequires:  perl(integer)
+BuildRequires:  perl(IO::File)
+BuildRequires:  perl(IO::Seekable)
+BuildRequires:  perl(Time::Local)
+BuildRequires:  perl(vars)
+# Tests
+BuildRequires:  perl(File::Spec::Unix)
+# IO::Scalar not used
+BuildRequires:  perl(lib)
+BuildRequires:  perl(Test::MockModule)
+BuildRequires:  perl(Test::More) >= 0.88
+BuildRequires:  perl(utf8)
+BuildRequires:  perl(warnings)
+BuildRequires:  unzip
+BuildRequires:  zip
+Requires:       perl(:MODULE_COMPAT_%(eval "`perl -V:version`"; echo $version))
+Requires:       perl(Exporter)
+Requires:       perl(File::Spec) >= 0.80
+
+# Remove under-specified dependencies
+%global __requires_exclude %{?__requires_exclude:%__requires_exclude|}^perl\\(File::Spec\\)$
+
+%description
+The Archive::Zip module allows a Perl program to create, manipulate,
+read, and write Zip archive files.
+Zip archives can be created, or you can read from existing zip files.
+Once created, they can be written to files, streams, or strings.
+Members can be added, removed, extracted, replaced, rearranged, and
+enumerated.  They can also be renamed or have their dates, comments,
+or other attributes queried or modified.  Their data can be compressed
+or uncompressed as needed.  Members can be created from members in
+existing Zip files, or from existing directories, files, or strings.
+
+
+%prep
+%autosetup -S git -n Archive-Zip-%{version}
+for F in examples/*.pl; do
+    perl -MExtUtils::MakeMaker -e "ExtUtils::MM_Unix->fixin(q{$F})"
+done
+
+
+%build
+perl Makefile.PL INSTALLDIRS=vendor NO_PACKLIST=1
+make %{?_smp_mflags}
+
+
+%install
+make pure_install DESTDIR=$RPM_BUILD_ROOT
+%{_fixperms} $RPM_BUILD_ROOT/*
+
+
+%check
+make test
+
+
+%files
+%doc Changes examples/
+%{_bindir}/crc32
+%{perl_vendorlib}/Archive/
+%{_mandir}/man3/Archive*.3*
+
+
+%changelog
+* Tue Jul 10 2018 Petr Pisar <ppisar@redhat.com> - 1.60-3
+- Fix CVE-2018-10860 (a directory and symbolic link traversal) (bug #1596131)
+
+* Thu Feb 08 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.60-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
+
+* Wed Dec 20 2017 Jitka Plesnikova <jplesnik@redhat.com> - 1.60-1
+- 1.60 bump
+
+* Tue Dec 19 2017 Petr Pisar <ppisar@redhat.com> - 1.59-6
+- Fix shellbang in examples/selfex.pl documentation (CPAN RT#123913)
+- Modernize spec file
+
+* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.59-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
+
+* Mon Jun 05 2017 Jitka Plesnikova <jplesnik@redhat.com> - 1.59-4
+- Perl 5.26 rebuild
+
+* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.59-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
+
+* Tue Sep 20 2016 Petr Pisar <ppisar@redhat.com> - 1.59-2
+- License tag corrected to ((GPL+ or Artistic) and BSD)
+
+* Fri Aug 12 2016 Jitka Plesnikova <jplesnik@redhat.com> - 1.59-1
+- 1.59 bump
+
+* Mon Aug 08 2016 Jitka Plesnikova <jplesnik@redhat.com> - 1.58-1
+- 1.58 bump
+
+* Sun May 15 2016 Jitka Plesnikova <jplesnik@redhat.com> - 1.57-2
+- Perl 5.24 rebuild
+
+* Mon Apr 04 2016 Jitka Plesnikova <jplesnik@redhat.com> - 1.57-1
+- 1.57 bump
+
+* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.56-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
+
+* Mon Dec 21 2015 Jitka Plesnikova <jplesnik@redhat.com> - 1.56-1
+- 1.56 bump
+
+* Mon Dec 07 2015 Jitka Plesnikova <jplesnik@redhat.com> - 1.55-1
+- 1.55 bump
+
+* Fri Sep 25 2015 Jitka Plesnikova <jplesnik@redhat.com> - 1.53-1
+- 1.53 bump
+
+* Tue Sep 22 2015 Jitka Plesnikova <jplesnik@redhat.com> - 1.51-1
+- 1.51 bump
+
+* Wed Aug 26 2015 Jitka Plesnikova <jplesnik@redhat.com> - 1.50-1
+- 1.50 bump
+
+* Mon Aug 03 2015 Petr Pisar <ppisar@redhat.com> - 1.49-1
+- 1.49 bump
+
+* Fri Jun 19 2015 Jitka Plesnikova <jplesnik@redhat.com> - 1.48-1
+- 1.48 bump
+
+* Thu Jun 18 2015 Jitka Plesnikova <jplesnik@redhat.com> - 1.47-1
+- 1.47 bump
+
+* Thu Jun 18 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.46-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
+
+* Wed Jun 03 2015 Jitka Plesnikova <jplesnik@redhat.com> - 1.46-2
+- Perl 5.22 rebuild
+
+* Wed Mar 25 2015 Jitka Plesnikova <jplesnik@redhat.com> - 1.46-1
+- 1.46 bump
+
+* Tue Feb 10 2015 Jitka Plesnikova <jplesnik@redhat.com> - 1.45-1
+- 1.45 bump
+
+* Thu Jan 15 2015 Petr Pisar <ppisar@redhat.com> - 1.39-2
+- Correct dependencies
+- Improve sharpbang fix
+
+* Wed Oct 22 2014 Jitka Plesnikova <jplesnik@redhat.com> - 1.39-1
+- 1.39 bump
+
+* Wed Sep 10 2014 Jitka Plesnikova <jplesnik@redhat.com> - 1.38-1
+- 1.38 bump
+
+* Wed Aug 27 2014 Jitka Plesnikova <jplesnik@redhat.com> - 1.37-3
+- Perl 5.20 rebuild
+
+* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.37-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
+
+* Wed Jan 15 2014 Jitka Plesnikova <jplesnik@redhat.com> - 1.37-1
+- 1.37 bump
+
+* Thu Jan 02 2014 Jitka Plesnikova <jplesnik@redhat.com> - 1.36-1
+- 1.36 bump
+
+* Tue Dec 10 2013 Jitka Plesnikova <jplesnik@redhat.com> - 1.34-1
+- 1.34 bump
+
+* Fri Nov 22 2013 Jitka Plesnikova <jplesnik@redhat.com> - 1.33-1
+- 1.33 bump
+
+* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.30-13
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
+
+* Thu Jul 18 2013 Petr Pisar <ppisar@redhat.com> - 1.30-12
+- Perl 5.18 rebuild
+
+* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.30-11
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
+
+* Fri Jul 20 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.30-10
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
+
+* Mon Jun 11 2012 Petr Pisar <ppisar@redhat.com> - 1.30-9
+- Perl 5.16 rebuild
+- Specify all dependencies
+
+* Mon Mar 19 2012 Marcela Mašláňová <mmaslano@redhat.com> - 1.30-8
+- 543660 apply patch from rt cpan 54827
+
+* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.30-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
+
+* Tue Jul 19 2011 Petr Sabata <contyk@redhat.com> - 1.30-6
+- Perl mass rebuild
+
+* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.30-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
+
+* Wed Dec 15 2010 Marcela Maslanova <mmaslano@redhat.com> - 1.30-4
+- 661697 rebuild for fixing problems with vendorach/lib
+
+* Thu Apr 29 2010 Marcela Maslanova <mmaslano@redhat.com> - 1.30-3
+- Mass rebuild with perl-5.12.0
+
+* Mon Dec  7 2009 Stepan Kasal <skasal@redhat.com> - 1.30-2
+- rebuild against perl 5.10.1
+
+* Mon Jul 27 2009 Marcela Mašláňová <mmaslano@redhat.com> - 1.30-1
+- update to 1.30
+
+* Sat Jul 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.23-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
+
+* Thu Feb 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.23-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
+
+* Fri May 16 2008 Steven Pritchard <steve@kspei.com> 1.23-1
+- Update to 1.23.
+
+* Wed Feb 27 2008 Tom "spot" Callaway <tcallawa@redhat.com> - 1.20-5
+- Rebuild for perl 5.10 (again)
+
+* Fri Jan 11 2008 Tom "spot" Callaway <tcallawa@redhat.com> - 1.20-4
+- rebuild for new perl
+
+* Thu Aug 23 2007 Robin Norwood <rnorwood@redhat.com> - 1.20-3
+- Fix license tag
+
+* Wed Jun 27 2007 Robin Norwood <rnorwood@redhat.com> - 1.20-2
+- Resolves: rhbz#226240
+- Incorporate changes from Steven Pritchard's package review
+- Fix find option order.
+- Use fixperms macro instead of our own chmod incantation.
+- Remove check macro cruft.
+- Update build dependencies.
+- Package LICENSE.
+- BR unzip, zip for better test coverage.
+
+* Tue Jun 05 2007 Robin Norwood <rnorwood@redhat.com> - 1.20-1
+- Update to latest CPAN version: 1.20
+- Fix broken changelog
+
+* Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 1.16-1.2.1
+- rebuild
+
+* Fri Feb 03 2006 Jason Vas Dias<jvdias@redhat.com> - 1.16-1.2
+- rebuilt for new perl-5.8.8
+
+* Fri Dec 16 2005 Jesse Keating <jkeating@redhat.com>
+- rebuilt for new gcc
+
+* Mon Jul 11 2005 Jose Pedro Oliveira <jpo at di.uminho.pt> - 1.16-1
+- Update to 1.16.
+
+* Thu Apr 14 2005 Jose Pedro Oliveira <jpo at di.uminho.pt> - 1.14-1
+- Update to 1.14.
+
+* Fri Apr  8 2005 Michael Schwendt <mschwendt[AT]users.sf.net>
+- rebuilt
+
+* Sun Aug 15 2004 Ville Skyttä <ville.skytta at iki.fi> - 0:1.12-0.fdr.1
+- Update to 1.12.
+
+* Tue Jul  6 2004 Ville Skyttä <ville.skytta at iki.fi> - 0:1.11-0.fdr.1
+- Update to 1.11.
+- Bring up to date with current fedora.us Perl spec template.
+
+* Sun Apr 18 2004 Ville Skyttä <ville.skytta at iki.fi> - 0:1.10-0.fdr.1
+- Update to 1.10.
+- Reduce directory ownership bloat.
+- Require perl(:MODULE_COMPAT_*).
+
+* Fri Nov 28 2003 Ville Skyttä <ville.skytta at iki.fi> - 0:1.09-0.fdr.1
+- Update to 1.09.
+
+* Wed Oct 22 2003 Ville Skyttä <ville.skytta at iki.fi> - 0:1.08-0.fdr.1
+- Update to 1.08.
+
+* Tue Oct 21 2003 Ville Skyttä <ville.skytta at iki.fi> - 0:1.07-0.fdr.1
+- Update to 1.07.
+
+* Sun Sep 14 2003 Ville Skyttä <ville.skytta at iki.fi> - 0:1.06-0.fdr.1
+- Update to 1.06.
+- Specfile cleanups.
+
+* Sun Jun  8 2003 Ville Skyttä <ville.skytta at iki.fi> - 0:1.05-0.fdr.1
+- First build.