4 changed files with 77 additions and 187 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1 +1 @@
-SOURCES/File-Path-2.12.tar.gz
+SOURCES/File-Path-2.18.tar.gz
--- a/.perl-File-Path.metadata
+++ b/.perl-File-Path.metadata
@ -1 +1 @@
-346a8b06e02b3bf517e23c3d242b3b2d2a7fc5ac SOURCES/File-Path-2.12.tar.gz
+fac0b391e2c5ae46f35b347a74144635974b7be0 SOURCES/File-Path-2.18.tar.gz
--- a/SOURCES/File-Path-2.12-Prevent-directory-chmod-race-attack.patch
+++ b/SOURCES/File-Path-2.12-Prevent-directory-chmod-race-attack.patch
@ -1,165 +0,0 @@
 From e9cc25a6109e9191bcbf59a967ed6c60b0156f72 Mon Sep 17 00:00:00 2001
 From: John Lightsey <john@nixnuts.net>
 Date: Tue, 2 May 2017 12:03:52 -0500
 Subject: [PATCH] Prevent directory chmod race attack.
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
 CVE-2017-6512 is a race condition attack where the chmod() of directories
 that cannot be entered is misused to change the permissions on other
 files or directories on the system. This has been corrected by limiting
 the directory-permission loosening logic to systems where fchmod() is
 supported.
 Petr Písař: Ported to 2.12.
 Signed-off-by: Petr Písař <ppisar@redhat.com>
 ---
 lib/File/Path.pm | 39 +++++++++++++++++++++++++--------------
 t/Path.t         | 40 ++++++++++++++++++++++++++--------------
 2 files changed, 51 insertions(+), 28 deletions(-)
 diff --git a/lib/File/Path.pm b/lib/File/Path.pm
 index 36f12cc..871f43a 100644
 --- a/lib/File/Path.pm
 +++ b/lib/File/Path.pm
@@ -354,21 +354,32 @@ sub _rmtree {
                 # see if we can escalate privileges to get in
                 # (e.g. funny protection mask such as -w- instead of rwx)
 -                $perm &= oct '7777';
 -                my $nperm = $perm | oct '700';
 -                if (
 -                    !(
 -                           $arg->{safe}
 -                        or $nperm == $perm
 -                        or chmod( $nperm, $root )
 -                    )
 -                  )
 -                {
 -                    _error( $arg,
 -                        "cannot make child directory read-write-exec", $canon );
 -                    next ROOT_DIR;
 +                # This uses fchmod to avoid traversing outside of the proper
 +                # location (CVE-2017-6512)
 +                my $root_fh;
 +                if (open($root_fh, '<', $root)) {
 +                    my ($fh_dev, $fh_inode) = (stat $root_fh )[0,1];
 +                    $perm &= oct '7777';
 +                    my $nperm = $perm | oct '700';
 +                    local $@;
 +                    if (
 +                        !(
 +                            $arg->{safe}
 +                           or $nperm == $perm
 +                           or !-d _
 +                           or $fh_dev ne $ldev
 +                           or $fh_inode ne $lino
 +                           or eval { chmod( $nperm, $root_fh ) }
 +                        )
 +                      )
 +                    {
 +                        _error( $arg,
 +                            "cannot make child directory read-write-exec", $canon );
 +                        next ROOT_DIR;
 +                    }
 +                    close $root_fh;
                 }
 -                elsif ( !chdir($root) ) {
 +                if ( !chdir($root) ) {
                     _error( $arg, "cannot chdir to child", $canon );
                     next ROOT_DIR;
                 }
 diff --git a/t/Path.t b/t/Path.t
 index 5644f57..fffc49c 100755
 --- a/t/Path.t
 +++ b/t/Path.t
@@ -3,7 +3,7 @@
 use strict;
 -use Test::More tests => 127;
 +use Test::More tests => 126;
 use Config;
 use Fcntl ':mode';
 use lib 't/';
@@ -17,6 +17,13 @@ BEGIN {
 my $Is_VMS = $^O eq 'VMS';
 +my $fchmod_supported = 0;
 +if (open my $fh, curdir()) {
 +    my ($perm) = (stat($fh))[2];
 +    $perm &= 07777;
 +    eval { $fchmod_supported = chmod( $perm, $fh); };
 +}
 +
 # first check for stupid permissions second for full, so we clean up
 # behind ourselves
 for my $perm (0111,0777) {
@@ -298,16 +305,19 @@ is($created[0], $dir, "created directory (old style 3 mode undef) cross-check");
 is(rmtree($dir, 0, undef), 1, "removed directory 3 verbose undef");
 -$dir = catdir($tmp_base,'G');
 -$dir = VMS::Filespec::unixify($dir) if $Is_VMS;
 +SKIP: {
 +    skip "fchmod of directories not supported on this platform", 3 unless $fchmod_supported;
 +    $dir = catdir($tmp_base,'G');
 +    $dir = VMS::Filespec::unixify($dir) if $Is_VMS;
 -@created = mkpath($dir, undef, 0200);
 +    @created = mkpath($dir, undef, 0400);
 -is(scalar(@created), 1, "created write-only dir");
 +    is(scalar(@created), 1, "created read-only dir");
 -is($created[0], $dir, "created write-only directory cross-check");
 +    is($created[0], $dir, "created read-only directory cross-check");
 -is(rmtree($dir), 1, "removed write-only dir");
 +    is(rmtree($dir), 1, "removed read-only dir");
 +}
 # borderline new-style heuristics
 if (chdir $tmp_base) {
@@ -449,26 +459,28 @@ SKIP: {
 }
 SKIP : {
 -    my $skip_count = 19;
 +    my $skip_count = 18;
     # this test will fail on Windows, as per:
     #   http://perldoc.perl.org/perlport.html#chmod
     skip "Windows chmod test skipped", $skip_count
         if $^O eq 'MSWin32';
 +    skip "fchmod() on directories is not supported on this platform", $skip_count
 +        unless $fchmod_supported;
     my $mode;
     my $octal_mode;
     my @inputs = (
 -      0777, 0700, 0070, 0007,
 -      0333, 0300, 0030, 0003,
 -      0111, 0100, 0010, 0001,
 -      0731, 0713, 0317, 0371, 0173, 0137,
 -      00 );
 +      0777, 0700, 0470, 0407,
 +      0433, 0400, 0430, 0403,
 +      0111, 0100, 0110, 0101,
 +      0731, 0713, 0317, 0371,
 +      0173, 0137);
     my $input;
     my $octal_input;
 -    $dir = catdir($tmp_base, 'chmod_test');
     foreach (@inputs) {
         $input = $_;
 +        $dir = catdir($tmp_base, sprintf("chmod_test%04o", $input));
         # We can skip from here because 0 is last in the list.
         skip "Mode of 0 means assume user defaults on VMS", 1
           if ($input == 0 && $Is_VMS);
 -- 
 2.9.4
--- a/SPECS/perl-File-Path.spec
+++ b/SPECS/perl-File-Path.spec
@ -1,23 +1,17 @@
 Name:           perl-File-Path
-Version:        2.12
+Version:        2.18
-Release:        367%{?dist}
+Release:        4%{?dist}
 Summary:        Create or remove directory trees
 License:        GPL+ or Artistic
-Group:          Development/Libraries
+URL:            https://metacpan.org/release/File-Path
-URL:            http://search.cpan.org/dist/File-Path/
+Source0:        https://cpan.metacpan.org/authors/id/J/JK/JKEENAN/File-Path-%{version}.tar.gz
 Source0:        http://www.cpan.org/authors/id/R/RI/RICHE/File-Path-%{version}.tar.gz
 # Fix CVE-2017-6512 (setting arbitrary mode on an arbitrary file in rmtree()
 # and remove_tree()), bug #1457834, CPAN RT#121951, in upstream 2.13
 Patch0:         File-Path-2.12-Prevent-directory-chmod-race-attack.patch
 BuildArch:      noarch
 BuildRequires:  coreutils
 BuildRequires:  findutils
 BuildRequires:  make
 BuildRequires:  perl
 BuildRequires:  perl-generators
-BuildRequires:  perl(ExtUtils::MakeMaker)
+BuildRequires:  perl-interpreter
 BuildRequires:  perl(ExtUtils::MakeMaker) >= 6.76
 BuildRequires:  perl(strict)
 # ExtUtils::MakeMaker::Coverage not used
 # Run-time:
 BuildRequires:  perl(Carp)
 BuildRequires:  perl(Cwd)
@ -29,11 +23,13 @@ BuildRequires:  perl(vars)
 # Tests:
 BuildRequires:  perl(base)
 BuildRequires:  perl(Config)
 BuildRequires:  perl(Errno)
 BuildRequires:  perl(Fcntl)
 BuildRequires:  perl(File::Spec::Functions)
 BuildRequires:  perl(lib)
 BuildRequires:  perl(SelectSaver)
-BuildRequires:  perl(Test::More)
+# Test::More version from Test::Simple in META
 BuildRequires:  perl(Test::More) >= 0.44
 BuildRequires:  perl(warnings)
 Requires:       perl(:MODULE_COMPAT_%(eval "`perl -V:version`"; echo $version))
 Requires:       perl(Carp)
@ -44,15 +40,13 @@ depth and to delete an entire directory subtree from the file system.
 %prep
 %setup -q -n File-Path-%{version}
 %patch0 -p1
 %build
-perl Makefile.PL INSTALLDIRS=vendor
+perl Makefile.PL INSTALLDIRS=vendor NO_PACKLIST=1 NO_PERLLOCAL=1
-make %{?_smp_mflags}
+%{make_build}
 %install
-make pure_install DESTDIR=$RPM_BUILD_ROOT
+%{make_install}
 find $RPM_BUILD_ROOT -type f -name .packlist -exec rm -f {} \;
 %{_fixperms} $RPM_BUILD_ROOT/*
 %check
@ -64,8 +58,69 @@ make test
 %{_mandir}/man3/*
 %changelog
-* Sun Dec 10 2023 MSVSphere Packaging Team <packager@msvsphere-os.ru> - 2.12-367
+* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 2.18-4
- Rebuilt for MSVSphere 8.8
+- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
  Related: rhbz#1991688
 * Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 2.18-3
 - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
 * Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.18-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
 * Thu Nov 05 2020 Jitka Plesnikova <jplesnik@redhat.com> - 2.18-1
 - 2.18 bump
 * Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.17-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
 * Mon Jul 20 2020 Petr Pisar <ppisar@redhat.com> - 2.17-1
 - 2.17 bump
 * Mon Jun 22 2020 Jitka Plesnikova <jplesnik@redhat.com> - 2.16-456
 - Increase release to favour standalone package
 * Thu Jan 30 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.16-440
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
 * Fri Jul 26 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.16-439
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
 * Thu May 30 2019 Jitka Plesnikova <jplesnik@redhat.com> - 2.16-438
 - Increase release to favour standalone package
 * Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.16-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
 * Tue Sep 04 2018 Petr Pisar <ppisar@redhat.com> - 2.16-1
 - 2.16 bump
 * Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.15-417
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
 * Wed Jun 27 2018 Jitka Plesnikova <jplesnik@redhat.com> - 2.15-416
 - Increase release to favour standalone package
 * Thu Feb 08 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.15-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
 * Mon Jul 31 2017 Petr Pisar <ppisar@redhat.com> - 2.15-1
 - 2.15 bump
 * Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.14-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
 * Thu Jun 08 2017 Petr Pisar <ppisar@redhat.com> - 2.14-1
 - 2.14 bump
 * Wed Jun 07 2017 Jitka Plesnikova <jplesnik@redhat.com> - 2.13-2
 - Perl 5.26 re-rebuild of bootstrapped packages
 * Mon Jun 05 2017 Petr Pisar <ppisar@redhat.com> - 2.13-1
 - 2.13 bump
 * Sat Jun 03 2017 Jitka Plesnikova <jplesnik@redhat.com> - 2.12-393
 - Perl 5.26 rebuild
 * Thu Jun 01 2017 Petr Pisar <ppisar@redhat.com> - 2.12-367
 - Fix CVE-2017-6512 (setting arbitrary mode on an arbitrary file in rmtree()
`@ -1 +1 @@`
	`SOURCES/File-Path-2.12.tar.gz`	`SOURCES/File-Path-2.18.tar.gz`
`@ -1 +1 @@`
	`346a8b06e02b3bf517e23c3d242b3b2d2a7fc5ac SOURCES/File-Path-2.12.tar.gz`	`fac0b391e2c5ae46f35b347a74144635974b7be0 SOURCES/File-Path-2.18.tar.gz`