If a Perl script in a package contained a string declared as a here-document that included the "use" or "require" words, or a multiline string with these words, the package in some cases had incorrect dependencies when it was created using the "rpmbuild" command. Now, the "use" and "require" strings are ignored as keywords in here-documents and multiline strings, which prevents the problem from occurring.
Description of problem:
/usr/lib/rpm/perl.req returns wrong set of required modules for rpm-build spec files, since it has a parsing bug when a comment in perl module starts with "use something etc" (perl.req returns depencency on perl(something).
Version-Release number of selected component (if applicable):
- the bug is reproducable with certain version of some SpamAssassin module, which was later fixed to prevent such bugs with rpm-builds perl.req scripts
Steps to Reproduce:
1. curl -o /tmp/DependencyInfo.pm "http://svn.apache.org/viewvc/spamassassin/trunk/lib/Mail/SpamAssassin/Util/DependencyInfo.pm?revision=1531991&view=co"
2. /usr/lib/rpm/perl.req /tmp/DependencyInfo.pm
The script is parsing also through comments section of perl module, so it wrongly parses out comments starting with "use XXXX asdfasd" in the beginning of the line.
Moving to rpm component as the rpm-build package is a subpackage of rpm.
This looks like a dup of 1026750. Can someone else confirm and mark it as such?
Patch available upstream.
(In reply to Florian Festi from comment #4)
> Patch available upstream.
That's great news. Do you have a link to the patch?
could you please tell me how is this different from the bug 1026750? I can see that patches are different, the description seems similar though.
(In reply to Karel Srot from comment #7)
> Hi Florian,
> could you please tell me how is this different from the bug 1026750? I can
> see that patches are different, the description seems similar though.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.