--- libauthen-captcha-perl-1.023.orig/debian/rules +++ libauthen-captcha-perl-1.023/debian/rules @@ -0,0 +1,64 @@ +#!/usr/bin/make -f + +# Using quilt for patches +include /usr/share/quilt/quilt.make + +# If set to a true value then MakeMaker's prompt function will +# always return the default without waiting for user input. +export PERL_MM_USE_DEFAULT=1 + +PACKAGE=$(shell dh_listpackages) + +ifndef PERL +PERL = /usr/bin/perl +endif + +TMP =$(CURDIR)/debian/$(PACKAGE) + +build: patch build-stamp +build-stamp: + dh_testdir + $(PERL) Makefile.PL INSTALLDIRS=vendor + $(MAKE) + $(MAKE) test + touch build-stamp + +clean: unpatch + dh_testdir + dh_testroot + dh_clean build-stamp install-stamp + [ ! -f Makefile ] || $(MAKE) realclean + rm -rf t/captcha_temp + +install: install-stamp +install-stamp: build-stamp + dh_testdir + dh_testroot + dh_clean -k + $(MAKE) install DESTDIR=$(TMP) PREFIX=/usr + [ ! -d $(TMP)/usr/lib/perl5 ] || rmdir --ignore-fail-on-non-empty --parents --verbose $(TMP)/usr/lib/perl5 + rm -f $(TMP)/usr/share/perl5/Authen/Captcha/images/Thumbs.db + touch install-stamp + +binary-arch: +# We have nothing to do by default. + +binary-indep: build install + dh_testdir + dh_testroot + dh_installdocs README + dh_installchangelogs Changes + dh_installexamples examples/* + dh_perl + dh_compress + dh_fixperms + dh_installdeb + dh_gencontrol + dh_md5sums + dh_builddeb + +source diff: + @echo >&2 'source and diff are obsolete - use dpkg-source -b'; false + +binary: binary-indep binary-arch +.PHONY: build clean binary-indep binary-arch binary --- libauthen-captcha-perl-1.023.orig/debian/patches/series +++ libauthen-captcha-perl-1.023/debian/patches/series @@ -0,0 +1 @@ +fix409731_not-taint-safe.patch --- libauthen-captcha-perl-1.023.orig/debian/patches/fix409731_not-taint-safe.patch +++ libauthen-captcha-perl-1.023/debian/patches/fix409731_not-taint-safe.patch @@ -0,0 +1,31 @@ +Index: libauthen-captcha-perl/Captcha.pm +=================================================================== +--- libauthen-captcha-perl.orig/Captcha.pm 2007-11-20 14:57:48.219068831 -0400 ++++ libauthen-captcha-perl/Captcha.pm 2007-11-20 15:00:29.961048461 -0400 +@@ -232,7 +232,11 @@ + foreach my $line (@data) + { + $line =~ s/\n//; +- my ($data_time,$data_code) = split(/::/,$line); ++ # Fixes Debian Bug #409731 ++ # Extract untainted time and code ++ # Patch provided by Chris Dunlop ++ # applied by Ernesto Hernández-Novich ++ my ($data_time,$data_code) = $line =~ m/(^\d+)::([[:xdigit:]]{32})$/; + + my $png_file = File::Spec->catfile($self->output_folder(),$data_code . ".png"); + if ($data_code eq $crypt) +@@ -351,7 +355,12 @@ + foreach my $line (@data) + { + $line =~ s/\n//; +- my ($data_time,$data_code) = split(/::/,$line); ++ # Fixes Debian Bug #409731 ++ # Extract untainted time and code ++ # Patch provided by Chris Dunlop ++ # applied by Ernesto Hernández-Novich ++ my ($data_time,$data_code) = $line =~ m/(^\d+)::([[:xdigit:]]{32})$/; ++ + if ( (($current_time - $data_time) > ($self->expire())) || + ($data_code eq $md5) ) + { # remove expired captcha, or a dup --- libauthen-captcha-perl-1.023.orig/debian/watch +++ libauthen-captcha-perl-1.023/debian/watch @@ -0,0 +1,2 @@ +version=3 +http://www.cpan.org/modules/by-module/Authen/Authen-Captcha-([\d\.]+)\.(?:tar\.gz|tar|tgz) --- libauthen-captcha-perl-1.023.orig/debian/compat +++ libauthen-captcha-perl-1.023/debian/compat @@ -0,0 +1 @@ +6 --- libauthen-captcha-perl-1.023.orig/debian/copyright +++ libauthen-captcha-perl-1.023/debian/copyright @@ -0,0 +1,31 @@ +This package was debianized by Ernesto Hernández-Novich +on Fri, 02 Dec 2005 14:51:49 -0400 + +It was downloaded from: http://search.cpan.org/dist/Authen-Captcha/ + +Upstream Authors: + +Seth T. Jackson, +Josh I. Miller, + +First Productions, Inc. created the cgi-script distributed under the GPL +which was used as the basis for this module. Much work has gone into +making this more robust, and suitable for other applications, but much +of the original code remains. + +Copyright: + +Copyright 2003, First Productions, Inc. (FIRSTPRODUCTIONS HUMAN TEST 1.0) +Copyright 2003 by Seth Jackson + +This library is free software; you can redistribute it and/or modify it +under the terms of the GNU General Public License as published by the +Free Software Foundation; either version 2 of the License, or (at your +option) any later version. + +This program is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY +or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +for more details. + +The GPL license can be found in /usr/share/common-licenses/GPL --- libauthen-captcha-perl-1.023.orig/debian/changelog +++ libauthen-captcha-perl-1.023/debian/changelog @@ -0,0 +1,65 @@ +libauthen-captcha-perl (1.023-5) unstable; urgency=low + + [ gregor herrmann ] + * debian/rules: delete /usr/lib/perl5 only if it exists (Closes: #467665). + + [ Ernesto Hernández-Novich (USB) ] + * Upgraded to debhelper 6 + * Updated to Standards-Version 3.7.3 + + -- Ernesto Hernández-Novich (USB) Wed, 27 Feb 2008 08:04:09 -0430 + +libauthen-captcha-perl (1.023-4) unstable; urgency=low + + * Really add README.Debian-source + + -- Damyan Ivanov Wed, 28 Nov 2007 18:21:46 +0200 + +libauthen-captcha-perl (1.023-3) unstable; urgency=low + + [ Ernesto Hernández-Novich (USB) ] + * Updated Standards-Version to 3.7.2. + * Moved package into Debian Pkg Perl Project SVN. + * Fixed copyright file with a better URL. + * Cleanup debian/rules. + * Fixed watch file. + + [ Rene Mayorga ] + * Remove debian/docs, is not needed, Changes and README are installed + as line option at debian/rules + * Install examples with dh_installexamples + * Fix Upstream URLs at debian/control and debian/copyright + * Remove Thumbs.db to keeps lintian happy + W: libauthen-captcha-perl: windows-thumbnail-database-in-package + usr/share/perl5/Authen/Captcha/images/Thumbs.db + + [ Ernesto Hernández-Novich (USB) ] + * Applied patch by Chris Dunlop + Closes: #409731 -- libauthen-captcha-perl: not taint safe + * Changed debian/rules to use quilt for patch management until + upstream catches up. + + [ Damyan Ivanov ] + * Remove t/captcha_temp, leftover after distclean + * Convert debian/copyright to UTF-8 + * Add README.Debian-source explaining repackaging + * Use debhelper 5 + + [ Ernesto Hernández-Novich (USB) ] + * Fixed Maintainer field in control file. + + -- Ernesto Hernández-Novich (USB) Fri, 23 Nov 2007 09:46:51 -0400 + +libauthen-captcha-perl (1.023-2) unstable; urgency=low + + * Fixed typo in long description (closes: #344694) + * Removed dependencies on libgd1 (closes: #369111) + + -- Ernesto Hernández-Novich Sat, 27 May 2006 22:00:26 -0400 + +libauthen-captcha-perl (1.023-1) unstable; urgency=low + + * Initial Release. + + -- Ernesto Hernández-Novich Thu, 1 Dec 2005 17:22:34 -0400 + --- libauthen-captcha-perl-1.023.orig/debian/README.Debian-source +++ libauthen-captcha-perl-1.023/debian/README.Debian-source @@ -0,0 +1,2 @@ +The only difference between the source released upstream and the .orig.tar.gz +used by Debian source package is the ommission of CVS directories --- libauthen-captcha-perl-1.023.orig/debian/control +++ libauthen-captcha-perl-1.023/debian/control @@ -0,0 +1,29 @@ +Source: libauthen-captcha-perl +Section: perl +Priority: extra +Build-Depends: debhelper (>= 6), quilt +Build-Depends-Indep: perl (>= 5.6.0), libgd-gd2-noxpm-perl | libgd-gd2-perl +Maintainer: Debian Perl Group +Uploaders: Ernesto Hernández-Novich (USB) , + Damyan Ivanov +Homepage: http://search.cpan.org/dist/Authen-Captcha/ +Vcs-Svn: svn://svn.debian.org/pkg-perl/trunk/libauthen-captcha-perl/ +Vcs-Browser: http://svn.debian.org/wsvn/pkg-perl/trunk/libauthen-captcha-perl/ +Standards-Version: 3.7.3 + +Package: libauthen-captcha-perl +Architecture: all +Depends: ${perl:Depends}, libgd-gd2-noxpm-perl | libgd-gd2-perl +Description: Extension for creating captcha's to verify the human element in transactions + Authen::Captcha provides an object oriented interface to captcha file + creations. Captcha stands for Completely Automated Public Turing test to + tell Computers and Humans Apart. A Captcha is a program that can generate + and grade tests that: + . + - Most humans can pass. + - Current computer programs can't pass. + . + The most common form is an image file containing distorted text, which + humans are adept at reading, and computers (generally) do a poor job. + This module currently implements that method. We plan to add other methods, + such as distorted sound files, and plain text riddles.