include security bugfix for Safe.pm

perl/perl.patch

@@ -0,0 +1,26 @@
+"A security hole has been discovered in Safe.pm. When a Safe compartment
+has already been used, there's no guarantee that it's safe any longer,
+because there's a way for code executed within the Safe compartment to
+alter its operation mask. (Thus, programs that use a Safe compartment
+only once aren't affected by this bug.)"
+
+--- ext/Opcode/Safe.pm.orig
++++ ext/Opcode/Safe.pm
+@@ -213,7 +213,7 @@
+     # Create anon sub ref in root of compartment.
+     # Uses a closure (on $expr) to pass in the code to be executed.
+     # (eval on one line to keep line numbers as expected by caller)
+-	my $evalcode = sprintf('package %s; sub { eval $expr; }', $root);
++	my $evalcode = sprintf('package %s; sub { @_ = (); eval $expr; }', $root);
+     my $evalsub;
+ 
+ 	if ($strict) { use strict; $evalsub = eval $evalcode; }
+@@ -227,7 +227,7 @@
+     my $root = $obj->{Root};
+ 
+     my $evalsub = eval
+-	    sprintf('package %s; sub { do $file }', $root);
++	    sprintf('package %s; sub { @_ = (); do $file }', $root);
+     return Opcode::_safe_call_sv($root, $obj->{Mask}, $evalsub);
+ }
+ 

perl/perl.spec

@@ -33,11 +33,12 @@ Distribution: OpenPKG [CORE]
 Group:        Language
 License:      GPL/Artistic
 Version:      5.8.0
-Release:      20021129
+Release:      20021216
 
 #   list of sources
 Source0:      ftp://ftp.cpan.org/pub/CPAN/src/%{name}-%{version}.tar.gz
 Source1:      perl-openpkg.sh
+Patch0:       perl.patch
 
 #   build information
 Prefix:       %{l_prefix}
@@ -55,6 +56,7 @@ AutoReqProv:  no
 
 %prep
     %setup -q
+    %patch -p0
     chmod -R u+w .
 
 %build