Update Digest-SHA to CPAN version 5.81

  [DELTA]

  5.81  Mon Jan 14 05:17:08 MST 2013
        - corrected load subroutine (SHA.pm) to prevent double-free
              -- Bug #82655: Security issue - segfault
              -- thanks to Victor Efimov and Nicholas Clark
                 for technical expertise and suggestions

diff --git a/Porting/Maintainers.pl b/Porting/Maintainers.pl
index 8287f66..bca6395 100755 (executable)
--- a/Porting/Maintainers.pl
+++ b/Porting/Maintainers.pl
@@ -594,7 +594,7 @@ use File::Glob qw(:case);
 
     'Digest::SHA' => {
         'MAINTAINER'   => 'mshelor',
-        'DISTRIBUTION' => 'MSHELOR/Digest-SHA-5.80.tar.gz',
+        'DISTRIBUTION' => 'MSHELOR/Digest-SHA-5.81.tar.gz',
         'FILES'        => q[cpan/Digest-SHA],
         'EXCLUDED'     => [
             qw( t/pod.t

diff --git a/cpan/Digest-SHA/Changes b/cpan/Digest-SHA/Changes
index 97cb0fa..59fb090 100644 (file)
--- a/cpan/Digest-SHA/Changes
+++ b/cpan/Digest-SHA/Changes
@@ -1,5 +1,11 @@
 Revision history for Perl extension Digest::SHA.
 
+5.81  Mon Jan 14 05:17:08 MST 2013
+       - corrected load subroutine (SHA.pm) to prevent double-free
+               -- Bug #82655: Security issue - segfault
+               -- thanks to Victor Efimov and Nicholas Clark
+                       for technical expertise and suggestions
+
 5.80  Mon Dec 10 14:15:26 MST 2012
        - obtained noticeable speedup on Intel/gcc
                -- by setting -O1 and -fomit-frame-pointer

diff --git a/cpan/Digest-SHA/README b/cpan/Digest-SHA/README
index c6592c8..8e0dca1 100644 (file)
--- a/cpan/Digest-SHA/README
+++ b/cpan/Digest-SHA/README
@@ -1,4 +1,4 @@
-Digest::SHA version 5.80
+Digest::SHA version 5.81
 ========================
 
 Digest::SHA is a complete implementation of the NIST Secure Hash

diff --git a/cpan/Digest-SHA/lib/Digest/SHA.pm b/cpan/Digest-SHA/lib/Digest/SHA.pm
index 40934b6..24fbc8b 100644 (file)
--- a/cpan/Digest-SHA/lib/Digest/SHA.pm
+++ b/cpan/Digest-SHA/lib/Digest/SHA.pm
@@ -7,7 +7,7 @@ use vars qw($VERSION @ISA @EXPORT @EXPORT_OK);
 use Fcntl;
 use integer;
 
-$VERSION = '5.80';
+$VERSION = '5.81';
 
 require Exporter;
 require DynaLoader;
@@ -50,7 +50,7 @@ sub new {
                        return($class);
                }
                shaclose($$class) if $$class;
-               $$class = shaopen($alg) || return;
+               return unless $$class = shaopen($alg);
                return($class);
        }
        $alg = 1 unless defined $alg;
@@ -163,18 +163,21 @@ sub Addfile {
 
 sub dump {
        my $self = shift;
-       my $file = shift || "";
+       my $file = shift;
 
+       $file = "" unless defined $file;
        shadump($file, $$self) || return;
        return($self);
 }
 
 sub load {
        my $class = shift;
-       my $file = shift || "";
+       my $file = shift;
+
+       $file = "" unless defined $file;
        if (ref($class)) {      # instance method
                shaclose($$class) if $$class;
-               $$class = shaload($file) || return;
+               return unless $$class = shaload($file);
                return($class);
        }
        my $state = shaload($file) || return;

diff --git a/cpan/Digest-SHA/shasum b/cpan/Digest-SHA/shasum
index 12a27db..c8a67b1 100644 (file)
--- a/cpan/Digest-SHA/shasum
+++ b/cpan/Digest-SHA/shasum
@@ -4,8 +4,8 @@
        ##
        ## Copyright (C) 2003-2012 Mark Shelor, All Rights Reserved
        ##
-       ## Version: 5.80
-       ## Mon Dec 10 14:15:26 MST 2012
+       ## Version: 5.81
+       ## Mon Jan 14 05:17:08 MST 2013
 
        ## shasum SYNOPSIS adapted from GNU Coreutils sha1sum.
        ## Add an "-a" option for algorithm selection, a "-p"
@@ -97,7 +97,7 @@ use strict;
 use Fcntl;
 use Getopt::Long;
 
-my $VERSION = "5.80";
+my $VERSION = "5.81";
 
 
        ## Try to use Digest::SHA.  If not installed, use the slower

diff --git a/cpan/Digest-SHA/src/hmac.c b/cpan/Digest-SHA/src/hmac.c
index 97e7894..b9a7809 100644 (file)
--- a/cpan/Digest-SHA/src/hmac.c
+++ b/cpan/Digest-SHA/src/hmac.c
@@ -5,8 +5,8 @@
  *
  * Copyright (C) 2003-2012 Mark Shelor, All Rights Reserved
  *
- * Version: 5.80
- * Mon Dec 10 14:15:26 MST 2012
+ * Version: 5.81
+ * Mon Jan 14 05:17:08 MST 2013
  *
  */
 

diff --git a/cpan/Digest-SHA/src/hmac.h b/cpan/Digest-SHA/src/hmac.h
index bb81a33..d10b9e8 100644 (file)
--- a/cpan/Digest-SHA/src/hmac.h
+++ b/cpan/Digest-SHA/src/hmac.h
@@ -5,8 +5,8 @@
  *
  * Copyright (C) 2003-2012 Mark Shelor, All Rights Reserved
  *
- * Version: 5.80
- * Mon Dec 10 14:15:26 MST 2012
+ * Version: 5.81
+ * Mon Jan 14 05:17:08 MST 2013
  *
  */
 

diff --git a/cpan/Digest-SHA/src/sha.c b/cpan/Digest-SHA/src/sha.c
index d6b24c2..7bd6f1b 100644 (file)
--- a/cpan/Digest-SHA/src/sha.c
+++ b/cpan/Digest-SHA/src/sha.c
@@ -5,8 +5,8 @@
  *
  * Copyright (C) 2003-2012 Mark Shelor, All Rights Reserved
  *
- * Version: 5.80
- * Mon Dec 10 14:15:26 MST 2012
+ * Version: 5.81
+ * Mon Jan 14 05:17:08 MST 2013
  *
  */
 
@@ -272,7 +272,7 @@ void sharewind(SHA *s)
 /* shaopen: creates a new digest object */
 SHA *shaopen(int alg)
 {
-       SHA *s;
+       SHA *s = NULL;
 
        if (alg != SHA1 && alg != SHA224 && alg != SHA256 &&
                alg != SHA384    && alg != SHA512 &&

diff --git a/cpan/Digest-SHA/src/sha.h b/cpan/Digest-SHA/src/sha.h
index 3355086..6534b76 100644 (file)
--- a/cpan/Digest-SHA/src/sha.h
+++ b/cpan/Digest-SHA/src/sha.h
@@ -5,8 +5,8 @@
  *
  * Copyright (C) 2003-2012 Mark Shelor, All Rights Reserved
  *
- * Version: 5.80
- * Mon Dec 10 14:15:26 MST 2012
+ * Version: 5.81
+ * Mon Jan 14 05:17:08 MST 2013
  *
  */