Update File-Fetch to CPAN version 1.00

[DELTA] 1.00 Wed Nov 11 12:49:58 2020 * Fixed the mitigations for CVE-2016-1238 * Mentioned https support in CHANGES file
Perl · Nov 14, 2020 · 4c032c4 · 4c032c4
1 parent 7fc0439
commit 4c032c4
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 5 deletions.
diff --git a/Porting/Maintainers.pl b/Porting/Maintainers.pl
@@ -508,7 +508,7 @@ package Maintainers;
     },
 
     'File::Fetch' => {
-        'DISTRIBUTION' => 'BINGOS/File-Fetch-0.56.tar.gz',
+        'DISTRIBUTION' => 'BINGOS/File-Fetch-1.00.tar.gz',
         'FILES'        => q[cpan/File-Fetch],
     },
 

diff --git a/cpan/File-Fetch/lib/File/Fetch.pm b/cpan/File-Fetch/lib/File/Fetch.pm
@@ -22,7 +22,7 @@ use vars    qw[ $VERBOSE $PREFER_BIN $FROM_EMAIL $USER_AGENT
                 $FTP_PASSIVE $TIMEOUT $DEBUG $WARN $FORCEIPV4
             ];
 
-$VERSION        = '0.56';
+$VERSION        = '1.00';
 $VERSION        = eval $VERSION;    # avoid warnings with development releases
 $PREFER_BIN     = 0;                # XXX TODO implement
 $FROM_EMAIL     = 'File-Fetch@example.com';
@@ -52,9 +52,6 @@ local $Params::Check::VERBOSE               = 1;
 local $Module::Load::Conditional::VERBOSE   = 0;
 local $Module::Load::Conditional::VERBOSE   = 0;
 
-### Fix CVE-2016-1238 ###
-local $Module::Load::Conditional::FORCE_SAFE_INC = 1;
-
 ### see what OS we are on, important for file:// uris ###
 use constant ON_WIN     => ($^O eq 'MSWin32');
 use constant ON_VMS     => ($^O eq 'VMS');
@@ -576,6 +573,8 @@ sub _lwp_fetch {
         $use_list->{'LWP::Protocol::https'} = '0';
     }
 
+    ### Fix CVE-2016-1238 ###
+    local $Module::Load::Conditional::FORCE_SAFE_INC = 1;
     unless( can_load( modules => $use_list ) ) {
         $METHOD_FAIL->{'lwp'} = 1;
         return;
@@ -633,6 +632,8 @@ sub _httptiny_fetch {
 
     };
 
+    ### Fix CVE-2016-1238 ###
+    local $Module::Load::Conditional::FORCE_SAFE_INC = 1;
     unless( can_load(modules => $use_list) ) {
         $METHOD_FAIL->{'httptiny'} = 1;
         return;
@@ -672,6 +673,8 @@ sub _httplite_fetch {
         'MIME::Base64'  => '0',
     };
 
+    ### Fix CVE-2016-1238 ###
+    local $Module::Load::Conditional::FORCE_SAFE_INC = 1;
     unless( can_load(modules => $use_list) ) {
         $METHOD_FAIL->{'httplite'} = 1;
         return;
@@ -752,6 +755,8 @@ sub _iosock_fetch {
         'IO::Select'       => '0.0',
     };
 
+    ### Fix CVE-2016-1238 ###
+    local $Module::Load::Conditional::FORCE_SAFE_INC = 1;
     unless( can_load(modules => $use_list) ) {
         $METHOD_FAIL->{'iosock'} = 1;
         return;
@@ -835,6 +840,8 @@ sub _netftp_fetch {
     ### required modules ###
     my $use_list = { 'Net::FTP' => 0 };
 
+    ### Fix CVE-2016-1238 ###
+    local $Module::Load::Conditional::FORCE_SAFE_INC = 1;
     unless( can_load( modules => $use_list ) ) {
         $METHOD_FAIL->{'netftp'} = 1;
         return;