| From a22785783b17cbaa28afaee4a024d81a1903701d |
| From: Stig Palmquist <git@stig.io> |
| Date: Sun Jun 18 11:36:05 2023 +0200 |
| Subject: [PATCH] Fix incorrect env var name for verify_SSL default |
| |
| The variable to override the verify_SSL default differed slightly in the |
| documentation from what was checked for in the code. |
| |
| This commit makes the code use `PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT` |
| as documented, instead of `PERL_HTTP_TINY_INSECURE_BY_DEFAULT` which was |
| missing `SSL_` |
| |
| CVE: CVE-2023-31486 |
| |
| Upstream-Status: Backport [https://github.com/chansen/p5-http-tiny/commit/a22785783b17cbaa28afaee4a024d81a1903701d] |
| |
| Signed-off-by: Soumya <soumya.sambu@windriver.com> |
| --- |
| cpan/HTTP-Tiny/lib/HTTP/Tiny.pm | 2 +- |
| 1 file changed, 1 insertion(+), 1 deletion(-) |
| |
| diff --git a/cpan/HTTP-Tiny/lib/HTTP/Tiny.pm b/cpan/HTTP-Tiny/lib/HTTP/Tiny.pm |
| index ebc34a1..65ac8ff 100644 |
| --- a/cpan/HTTP-Tiny/lib/HTTP/Tiny.pm |
| +++ b/cpan/HTTP-Tiny/lib/HTTP/Tiny.pm |
| @@ -148,7 +148,7 @@ sub _verify_SSL_default { |
| my ($self) = @_; |
| # Check if insecure default certificate verification behaviour has been |
| # changed by the user by setting PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT=1 |
| - return (($ENV{PERL_HTTP_TINY_INSECURE_BY_DEFAULT} || '') eq '1') ? 0 : 1; |
| + return (($ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT} || '') eq '1') ? 0 : 1; |
| } |
| |
| sub _set_proxies { |
| -- |
| 2.40.0 |