1 files changed, 0 insertions, 45 deletions

diff --git a/meta/recipes-devtools/perl/perl-5.20.0/perl-5.14.3-fix-CVE-2010-4777.patch b/meta/recipes-devtools/perl/perl-5.20.0/perl-5.14.3-fix-CVE-2010-4777.patch
deleted file mode 100644
index e0dcf412bb..0000000000
--- a/meta/recipes-devtools/perl/perl-5.20.0/perl-5.14.3-fix-CVE-2010-4777.patch
+++ /dev/null
@@ -1,45 +0,0 @@
-perl:fix for CVE-2010-4777
-
-Upstream-Status: Backport
-    
-The Perl_reg_numbered_buff_fetch function in Perl 5.10.0, 5.12.0,
-5.14.0, and other versions, when running with debugging enabled,
-allows context-dependent attackers to cause a denial of service
-(assertion failure and application exit) via crafted input that
-is not properly handled when using certain regular expressions,
-as demonstrated by causing SpamAssassin and OCSInventory to
-crash.
-
-http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4777
-
-Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com>
---- a/regcomp.c
-+++ b/regcomp.c
-@@ -11868,8 +11868,25 @@ Perl_save_re_context(pTHX)
- 
- 		if (gvp) {
- 		    GV * const gv = *gvp;
--		    if (SvTYPE(gv) == SVt_PVGV && GvSV(gv))
--			save_scalar(gv);
-+		    if (SvTYPE(gv) == SVt_PVGV && GvSV(gv)) {
-+			/* this is a copy of save_scalar() without the GETMAGIC call, RT#76538 */
-+			SV ** const sptr = &GvSVn(gv);
-+			SV * osv = *sptr;
-+			SV * nsv = newSV(0);
-+			save_pushptrptr(SvREFCNT_inc_simple(gv),
-+			SvREFCNT_inc(osv), SAVEt_SV);
-+			if (SvTYPE(osv) >= SVt_PVMG && SvMAGIC(osv) &&
-+			    SvTYPE(osv) != SVt_PVGV) {
-+			    if (SvGMAGICAL(osv)) {
-+				const bool oldtainted = PL_tainted;
-+				SvFLAGS(osv) |= (SvFLAGS(osv) &
-+				    (SVp_IOK|SVp_NOK|SVp_POK)) >> PRIVSHIFT;
-+				PL_tainted = oldtainted;
-+			    }
-+			    mg_localize(osv, nsv, 1);
-+			}
-+			*sptr = nsv;
-+		    }
- 		}
- 	    }
- 	}