perl-Module-Signature-0.81-bp153.1.12 RPM for noarch

From OpenSuSE Leap 15.3 for noarch

*Module::Signature* adds cryptographic authentications to CPAN
distributions, via the special _SIGNATURE_ file.

If you are a module user, all you have to do is to remember to run
'cpansign -v' (or just 'cpansign') before issuing 'perl Makefile.PL' or
'perl Build.PL'; that will ensure the distribution has not been tampered
with.

Module authors can easily add the _SIGNATURE_ file to the distribution
tarball; see NOTES below for how to do it as part of 'make dist'.

If you _really_ want to sign a distribution manually, simply add
'SIGNATURE' to _MANIFEST_, then type 'cpansign -s' immediately before 'make
dist'. Be sure to delete the _SIGNATURE_ file afterwards.

Please also see NOTES about _MANIFEST.SKIP_ issues, especially if you are
using *Module::Build* or writing your own _MANIFEST.SKIP_.

Provides

• perl-Module-Signature
• perl(Module::Signature)

Requires

• /usr/bin/perl
• gpg
• perl(:MODULE_COMPAT_5.26.1)
• rpmlib(CompressedFileNames) <= 3.0.4-1
• rpmlib(FileDigests) <= 4.6.0-1
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(PayloadIsXz) <= 5.2-1

License

CC0-1.0 and (GPL-1.0+ or Artistic-1.0)

Changelog

* Tue Oct 03 2017 coolo@suse.com
  - patch the Makefile to build with perl 5.26
* Tue Sep 06 2016 coolo@suse.com
  - updated to 0.81
    see /usr/share/doc/packages/perl-Module-Signature/Changes
* Sun Jun 12 2016 coolo@suse.com
  - updated to 0.80
    see /usr/share/doc/packages/perl-Module-Signature/Changes
* Fri Jan 08 2016 chris@computersalat.de
  - update changelog
    * add missing CVE tags for 0.78 changes (boo#928382)
* Tue May 19 2015 coolo@suse.com
  - updated to 0.79
    see /usr/share/doc/packages/perl-Module-Signature/Changes
    [Changes for 0.79 - Mon May 18 23:02:11 CST 2015]
    * Restore "cpansign --skip" functionality.
      Contributed by: CLOOS
* Fri Apr 17 2015 coolo@suse.com
  - updated to 0.78
    see /usr/share/doc/packages/perl-Module-Signature/Changes
    [Changes for 0.78 - Thu Apr  9 16:58:27 CST 2015]
    * Fix verify() use from cpanm and CPAN.pm.
      Contributed by: ANDK
    [Changes for 0.77 - Wed Apr  8 19:36:50 CST 2015]
    * Include the latest public keys of PAUSE, ANDK and AUDREYT.
    * Clarify scripts/cpansign copyright to CC0.
      Reported by: @pghmcfc
    [Changes for 0.76 - Wed Apr  8 18:05:48 CST 2015]
    * Fix signature tests by defaulting to verify(skip=>1)
      when $ENV{TEST_SIGNATURE} is true.
      Reported by: @pghmcfc
    [Changes for 0.75 - Tue Apr  7 04:56:09 CST 2015]
    Two more issues reported by John Lightsey:
    * Update ChangeLog.
    * More protection of @INC from relative paths. (CVE-2015-3409)
    Fix various issues reported by John Lightsey:
    [Changes for 0.74 - Tue Apr  7 02:39:14 CST 2015]
    Fix various issues reported by John Lightsey:
    * Fix GPG signature parsing logic. (CVE-2015-3406)
    * MANIFEST.SKIP is no longer consulted unless --skip is given. (CVE-2015-3407)
    * Properly use open() modes to avoid injection attacks. (CVE-2015-3408)
* Sun Aug 04 2013 coolo@suse.com
  - fix souce url
* Wed Jul 03 2013 chris@computersalat.de
  - update to 0.73
    * fix for bnc#828010 (CVE-2013-2145)
      https://bugzilla.novell.com/process_bug.cgi
      https://bugzilla.redhat.com/show_bug.cgi?id=971096
    * Properly redo the previous fix using File::Spec->file_name_is_absolute.
  - [Changes for 0.72 - Wed Jun  5 23:19:02 CST 2013]
    * Only allow loading Digest::* from absolute paths in @INC,
      by ensuring they begin with \ or / characters.
      Contributed by: Florian Weimer (CVE-2013-2145)
  - [Changes for 0.71 - Tue Jun  4 18:24:10 CST 2013]
    * Constrain the user-specified digest name to /^\w+\d+$/.
    * Avoid loading Digest::* from relative paths in @INC.
      Contributed by: Florian Weimer (CVE-2013-2145)
  - [Changes for 0.70 - Thu Nov 29 01:45:54 CST 2012]
    * Don't check gpg version if gpg does not exist.
      This avoids unnecessary warnings during installation
      when gpg executable is not installed.
      Contributed by: Kenichi Ishigaki
  - [Changes for 0.69 - Fri Nov  2 23:04:19 CST 2012]
    * Support for gpg under these alternate names:
      gpg gpg2 gnupg gnupg2
      Contributed by: Michael Schwern
* Mon Dec 19 2011 cfarrell@suse.com
  - license update: CC0-1.0 and (GPL-1.0+ or Artistic-1.0)
    License purports to be CC zero, not CC-BY. Also, see the script/cpansign
    and Module/Signature (line 88+) files for Perl licenses
* Thu Dec 15 2011 coolo@suse.com
  - regenerate with cpanspec to fix requires/buildrequires

Files

/usr/bin/cpansign
/usr/lib/perl5/vendor_perl/5.26.1/Module
/usr/lib/perl5/vendor_perl/5.26.1/Module/Signature.pm
/usr/lib/perl5/vendor_perl/5.26.1/x86_64-linux-thread-multi
/usr/share/doc/packages/perl-Module-Signature
/usr/share/doc/packages/perl-Module-Signature/ANDK2015.pub
/usr/share/doc/packages/perl-Module-Signature/AUDREYT2015.pub
/usr/share/doc/packages/perl-Module-Signature/AUTHORS
/usr/share/doc/packages/perl-Module-Signature/Changes
/usr/share/doc/packages/perl-Module-Signature/PAUSE2017.pub
/usr/share/doc/packages/perl-Module-Signature/README
/usr/share/man/man1/cpansign.1.gz
/usr/share/man/man3/Module::Signature.3pm.gz

Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Jul 9 13:49:26 2024