.gitignore

@@ -1 +1 @@
-SOURCES/CPAN-2.29.tar.gz
+SOURCES/CPAN-2.28.tar.gz

.perl-CPAN.metadata

@@ -1 +1 @@
-de996cc835df14685145bb52fea041d53ba59497 SOURCES/CPAN-2.29.tar.gz
+0609615e9d6b9ba50821aa6a8b14b528f2633ff6 SOURCES/CPAN-2.28.tar.gz

SOURCES/CPAN-2.32-s-dev-null-devnull.patch

@@ -1,26 +0,0 @@
-From 89b13baf1d46e4fb10023af30ef305efec4fd603 Mon Sep 17 00:00:00 2001
-From: Andreas Koenig <andk@cpan.org>
-Date: Wed, 12 Jan 2022 21:53:35 +0100
-Subject: [PATCH 2/2] s,/dev/null,$devnull,
-
-- another thanks to Tomas Hoger for spotting that
----
- lib/CPAN/Distribution.pm | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/lib/CPAN/Distribution.pm b/lib/CPAN/Distribution.pm
-index d837b8ad..6ca1b434 100644
---- a/lib/CPAN/Distribution.pm
-+++ b/lib/CPAN/Distribution.pm
-@@ -1554,7 +1554,7 @@ sub CHECKSUM_check_file {
-         my $devnull = File::Spec->devnull;
-         my $gpg = $CPAN::Config->{gpg} or
-             $CPAN::Frontend->mydie("Your configuration suggests that you do not have 'gpg' installed. This is needed to verify checksums with the config variable 'check_sigs' on. Please configure it with 'o conf init gpg'");
--        my $system = qq{"$gpg" --verify --batch --no-tty --output "$tempfile" "$chk_file" 2> "/dev/null"};
-+        my $system = qq{"$gpg" --verify --batch --no-tty --output "$tempfile" "$chk_file" 2> "$devnull"};
-         0 == system $system or $CPAN::Frontend->mydie("gpg run was failing, cannot continue: $system");
-         open $fh, $tempfile or $CPAN::Frontend->mydie("Could not open $tempfile: $!");
-         local $/;
--- 
-2.34.1
-

SOURCES/CPAN-2.32-s-gpg-gpg-in-system-add-quotes-where-needed.patch

@@ -1,29 +0,0 @@
-From 7d4d5e32bcd9b75f7bf70a395938a48ca4a06d25 Mon Sep 17 00:00:00 2001
-From: Andreas Koenig <andk@cpan.org>
-Date: Mon, 10 Jan 2022 21:47:30 +0100
-Subject: [PATCH 1/2] s/gpg/$gpg/ in system, add quotes where needed
-
-- thanks to Tomas Hoger for spotting the missing sigil
----
- lib/CPAN/Distribution.pm | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/lib/CPAN/Distribution.pm b/lib/CPAN/Distribution.pm
-index b262b6f6..d837b8ad 100644
---- a/lib/CPAN/Distribution.pm
-+++ b/lib/CPAN/Distribution.pm
-@@ -1551,9 +1551,10 @@ sub CHECKSUM_check_file {
-         }
-         my $tempfile = File::Spec->catfile($tempdir, "CHECKSUMS.$$");
-         unlink $tempfile; # ignore missing file
-+        my $devnull = File::Spec->devnull;
-         my $gpg = $CPAN::Config->{gpg} or
-             $CPAN::Frontend->mydie("Your configuration suggests that you do not have 'gpg' installed. This is needed to verify checksums with the config variable 'check_sigs' on. Please configure it with 'o conf init gpg'");
--        my $system = "gpg --verify --batch --no-tty --output $tempfile $chk_file 2> /dev/null";
-+        my $system = qq{"$gpg" --verify --batch --no-tty --output "$tempfile" "$chk_file" 2> "/dev/null"};
-         0 == system $system or $CPAN::Frontend->mydie("gpg run was failing, cannot continue: $system");
-         open $fh, $tempfile or $CPAN::Frontend->mydie("Could not open $tempfile: $!");
-         local $/;
--- 
-2.34.1
-

SOURCES/CPAN-2.35-Add-verify-SSL.patch

@@ -1,13 +0,0 @@
-Add verify_SSL=>1 to HTTP::Tiny to verify https server identity (Stig Palmquist)
-
-diff -u -r CPAN-2.29.orig/lib/CPAN/HTTP/Client.pm CPAN-2.29/lib/CPAN/HTTP/Client.pm
---- CPAN-2.29.orig/lib/CPAN/HTTP/Client.pm	2023-08-01 16:19:19.216625710 +0200
-+++ CPAN-2.29/lib/CPAN/HTTP/Client.pm	2023-08-01 16:28:29.323221118 +0200
-@@ -32,6 +32,7 @@
- 
-     my $want_proxy = $self->_want_proxy($uri);
-     my $http = HTTP::Tiny->new(
-+        verify_SSL => 1,
-         $want_proxy ? (proxy => $self->{proxy}) : ()
-     );
- 

SPECS/perl-CPAN.spec

@@ -9,8 +9,8 @@
 %endif
 
 Name:           perl-CPAN
-Version:        2.29
-Release:        3%{?dist}
+Version:        2.28
+Release:        5%{?dist}
 Summary:        Query, download and build perl modules from CPAN sites
 License:        GPL+ or Artistic
 URL:            https://metacpan.org/release/CPAN
@@ -19,11 +19,6 @@ Source0:        https://cpan.metacpan.org/authors/id/A/AN/ANDK/CPAN-%{version}.t
 Patch0:         CPAN-2.18-Attemp-to-create-site-library-directories-on-first-t.patch
 # Change configuration directory name
 Patch1:         CPAN-2.18-Replace-configuration-directory-string-with-a-marke.patch
-# Some syntax fixes
-Patch2:         CPAN-2.32-s-gpg-gpg-in-system-add-quotes-where-needed.patch
-Patch3:         CPAN-2.32-s-dev-null-devnull.patch
-# CVE-2023-31484 - Add verify_SSL => 1
-Patch4:         CPAN-2.35-Add-verify-SSL.patch
 BuildArch:      noarch
 BuildRequires:  coreutils
 BuildRequires:  findutils
@@ -74,7 +69,6 @@ BuildRequires:  perl(Getopt::Std)
 # HTTP::Request is optional
 BuildRequires:  perl(HTTP::Tiny) >= 0.005
 BuildRequires:  perl(if)
-# IO::Socket::SSL 1.56 is optional
 # YAML::XS or YAML::Syck or JSON::PP, we already use YAML::Syck at a different
 # place, keep JSON::PP optional
 BuildRequires:  perl(lib)
@@ -87,7 +81,6 @@ BuildRequires:  perl(lib)
 # Net::Config not used at tests
 # Net::FTP not used at tests
 # Net::Ping is required but >= 2.13 version is a soft dependency
-# Net::SSLeay 1.49 is optional
 BuildRequires:  perl(Net::Ping)
 BuildRequires:  perl(overload)
 # Pod::Perldoc is optional
@@ -212,11 +205,6 @@ Requires:       perl(Digest::SHA)
 Requires:       perl(Dumpvalue)
 Requires:       perl(ExtUtils::CBuilder)
 %if ! %{defined perl_bootstrap}
-Requires:       perl(IO::Socket::SSL) >= 1.56
-Requires:       perl(Net::SSLeay) >= 1.49
-Requires:       perl(Module::Signature)
-%endif
-%if ! %{defined perl_bootstrap}
 # Avoid circular deps local::lib -> Module::Install -> CPAN when bootstraping
 # local::lib recommended by CPAN::FirstTime default choice, bug #1122498
 Requires:       perl(local::lib)
@@ -240,10 +228,7 @@ Provides:       cpan = %{version}
 %global __requires_exclude %{?__requires_exclude:%__requires_exclude|}^perl\\(Mac::BuildTools\\)
 # Filter under-specified dependencies
 %global __requires_exclude %{?__requires_exclude:%__requires_exclude|}^perl\\(CPAN::Meta::Requirements\\)
-# Filter modules bundled for tests
-%global __provides_exclude_from %{?__provides_exclude_from:%__provides_exclude_from|}^%{_libexecdir}
-%global __requires_exclude %{__requires_exclude}|^perl\\(CPAN::MyConfig\\)
-%global __requires_exclude %{__requires_exclude}|^perl\\(local_utils\\)
+
 
 %description
 The CPAN module automates or at least simplifies the make and install of
@@ -251,34 +236,16 @@ perl modules and extensions. It includes some primitive searching
 capabilities and knows how to use LWP, HTTP::Tiny, Net::FTP and certain
 external download clients to fetch distributions from the net.
 
-%package tests
-Summary:        Tests for %{name}
-Requires:       %{name} = %{?epoch:%{epoch}:}%{version}-%{release}
-Requires:       perl-Test-Harness
-
-%description tests
-Tests from %{name}. Execute them
-with "%{_libexecdir}/%{name}/test".
-
 %prep
 %setup -q -n CPAN-%{version}
 %patch0 -p1
 %patch1 -p1
-%patch2 -p1
-%patch3 -p1
-%patch4 -p1
 # Change configuration name
 find -type f -exec perl -i -pe 's/XCPANCONFIGNAMEX/cpan/g' {} \;
 # Remove bundled modules
 rm -r ./inc/*
 perl -i -ne 'print $_ unless m{^inc/}' MANIFEST
 
-# Help generators to recognize Perl scripts
-for F in t/*.t; do
-    perl -i -MConfig -ple 'print $Config{startperl} if $. == 1 && !s{\A#!.*perl\b}{$Config{startperl}}' "$F"
-    chmod +x "$F"
-done
-
 %build
 perl Makefile.PL INSTALLDIRS=vendor NO_PACKLIST=1 NO_PERLLOCAL=1
 %{make_build}
@@ -287,38 +254,6 @@ perl Makefile.PL INSTALLDIRS=vendor NO_PACKLIST=1 NO_PERLLOCAL=1
 %{make_install}
 %{_fixperms} $RPM_BUILD_ROOT/*
 
-# Install tests
-mkdir -p %{buildroot}%{_libexecdir}/%{name}
-cp -a t distroprefs %{buildroot}%{_libexecdir}/%{name}
-# Does not work with system module
-rm %{buildroot}%{_libexecdir}/%{name}/t/51pod.t
-# Remove the tests which need ./lib and ./blib
-rm %{buildroot}%{_libexecdir}/%{name}/t/03pkgs.t
-rm %{buildroot}%{_libexecdir}/%{name}/t/04clean_load.t
-# Needed internet connection
-rm %{buildroot}%{_libexecdir}/%{name}/t/31sessions.t
-# Use system modules for tests
-perl -i -ple 's{-Mblib}{}' %{buildroot}%{_libexecdir}/%{name}/t/97-run.t
-perl -i -ple 's{-Mblib}{}' %{buildroot}%{_libexecdir}/%{name}/t/97-return_values.t
-mkdir -p %{buildroot}%{_libexecdir}/%{name}/blib/script
-ln -s %{_bindir}/cpan %{buildroot}%{_libexecdir}/%{name}/blib/script
-cat > %{buildroot}%{_libexecdir}/%{name}/test << 'EOF'
-#!/bin/sh
-set -e
-unset AUTHOR_TEST CPAN_EXPECT_TIMEOUT CPAN_RUN_SHELL_TEST_WITHOUT_EXPECT \
-    ftp_proxy http_proxy no_proxy \
-    PERL5_CPAN_IS_RUNNING PERL5_CPAN_IS_RUNNING_IN_RECURSION PERL_CORE VERBOSE
-# Some tests write into temporary files/directories. The easiest solution
-# is to copy the tests into a writable directory and execute them from there.
-DIR=$(mktemp -d)
-pushd "$DIR"
-cp -a %{_libexecdir}/%{name}/* ./
-prove -I . -j "$(getconf _NPROCESSORS_ONLN)"
-popd
-rm -rf "$DIR"
-EOF
-chmod +x %{buildroot}%{_libexecdir}/%{name}/test
-
 %check
 unset AUTHOR_TEST CPAN_EXPECT_TIMEOUT CPAN_RUN_SHELL_TEST_WITHOUT_EXPECT \
     ftp_proxy http_proxy no_proxy \
@@ -332,30 +267,7 @@ make test
 %{_mandir}/man1/*
 %{_mandir}/man3/*
 
-%files tests
-%{_libexecdir}/%{name}
-
 %changelog
-* Tue Aug 01 2023 Michal Josef Špaček <mspacek@redhat.com> - 2.29-3
-- Resolves: rhbz#2218907 - Fix CVE-2023-31484
-
-* Wed Feb 16 2022 Jitka Plesnikova <jplesnik@redhat.com> - 2.29-2
-- Resolves: rhbz#2037211 - Enable gating
-
-* Mon Feb 07 2022 Jitka Plesnikova <jplesnik@redhat.com> - 2.29-1
-- 2.29 bump; Package tests
-- Resolves: rhbz#2037211
-
-* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 2.28-8
-- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
-  Related: rhbz#1991688
-
-* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 2.28-7
-- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
-
-* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.28-6
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
-
 * Wed Sep 23 2020 Petr Pisar <ppisar@redhat.com> - 2.28-5
 - Run-require complete perl