From c8d880840d74ce22ba19ae95af65da1dfc49d672 Mon Sep 17 00:00:00 2001
From: dongyuzhen <dongyuzhen@h-partners.com>
Date: Mon, 15 May 2023 16:20:21 +0800
Subject: [PATCH] fix CVE-2023-31484

---
 backport-CVE-2023-31484.patch | 25 +++++++++++++++++++++++++
 perl.spec                     |  6 +++++-
 2 files changed, 30 insertions(+), 1 deletion(-)
 create mode 100644 backport-CVE-2023-31484.patch

diff --git a/backport-CVE-2023-31484.patch b/backport-CVE-2023-31484.patch
new file mode 100644
index 0000000..2860101
--- /dev/null
+++ b/backport-CVE-2023-31484.patch
@@ -0,0 +1,25 @@
+From 9c98370287f4e709924aee7c58ef21c85289a7f0 Mon Sep 17 00:00:00 2001
+From: Stig Palmquist <git@stig.io>
+Date: Tue, 28 Feb 2023 11:54:06 +0100
+Subject: [PATCH] Add verify_SSL=>1 to HTTP::Tiny to verify https server
+ identity
+
+---
+ cpan/CPAN/lib/CPAN/HTTP/Client.pm | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/cpan/CPAN/lib/CPAN/HTTP/Client.pm b/cpan/CPAN/lib/CPAN/HTTP/Client.pm
+index 4fc792c..a616fee 100644
+--- a/cpan/CPAN/lib/CPAN/HTTP/Client.pm
++++ b/cpan/CPAN/lib/CPAN/HTTP/Client.pm
+@@ -32,6 +32,7 @@ sub mirror {
+ 
+     my $want_proxy = $self->_want_proxy($uri);
+     my $http = HTTP::Tiny->new(
++        verify_SSL => 1,
+         $want_proxy ? (proxy => $self->{proxy}) : ()
+     );
+ 
+-- 
+2.33.0
+
diff --git a/perl.spec b/perl.spec
index 6c29fe5..e192e02 100644
--- a/perl.spec
+++ b/perl.spec
@@ -18,7 +18,7 @@ Name:           perl
 License:        (GPL+ or Artistic) and (GPLv2+ or Artistic) and MIT and UCD and Public Domain and BSD
 Epoch:          4
 Version:        5.28.3
-Release:        6
+Release:        7
 Summary:        A highly capable, feature-rich programming language
 Url:            https://www.perl.org/
 Source0:        https://www.cpan.org/src/5.0/%{name}-%{version}.tar.xz
@@ -55,6 +55,7 @@ Patch25:        perl-132683-don-t-try-to-convert-PL_sv_placeholder-i.patch
 # In 2020, a year of 70 starts to mean 2070. So cpan/Time-Local/t/Local.t test
 Patch27:        Fix-time-local-tests-in-2020.patch
 Patch28:	backport-perl-5.22.0-Install-libperl.so-to-shrpdir-on-Linux.patch
+Patch29:        backport-CVE-2023-31484.patch
 
 BuildRequires:  gcc bash findutils coreutils make tar procps bzip2-devel gdbm-devel
 BuildRequires:  zlib-devel systemtap-sdt-devel perl-interpreter perl-generators gdb
@@ -499,6 +500,9 @@ make test_harness
 %{_mandir}/man3/*
 
 %changelog
+* Mon May 15 2023 dongyuzhen<dongyuzhen@h-partners.com> - 4:5.28.3-7
+- fix CVE-2023-31484
+
 * Thu Aug 5 2021 yuanxin<yuanxin24@huawei.com> - 4:5.28.3-6
 - Type:bugfix
 - ID:NA
-- 
Gitee