perl: add patch for cve-2012-5195 (via Arch).

srcpkgs/perl/patches/cve-2012-5195.patch

@@ -0,0 +1,29 @@
+commit b11b0d3ef18a35595a07a06c91fa4f27c9cacf5b
+Author: Andy Dougherty <doughera@lafayette.edu>
+Date:   Thu Sep 27 09:52:18 2012 -0400
+
+    avoid calling memset with a negative count
+
+    Poorly written perl code that allows an attacker to specify the count to
+    perl's 'x' string repeat operator can already cause a memory exhaustion
+    denial-of-service attack. A flaw in versions of perl before 5.15.5 can
+    escalate that into a heap buffer overrun; coupled with versions of glibc
+    before 2.16, it possibly allows the execution of arbitrary code.
+
+    The flaw addressed to this commit has been assigned identifier
+    CVE-2012-5195.
+
+diff --git a/util.c b/util.c
+index 171456f..34f5fa9 100644
+--- util.c
++++ util.c
+@@ -3416,6 +3416,9 @@ Perl_repeatcpy(register char *to, register const char *from, I32 len, register I
+ {
+     PERL_ARGS_ASSERT_REPEATCPY;
+
++    if (count < 0)
++	Perl_croak_nocontext("%s",PL_memory_wrap);
++
+     if (len == 1)
+	memset(to, *from, count);
+     else if (count) {

srcpkgs/perl/template

@@ -1,7 +1,7 @@
 # Template build file for 'perl'.
 pkgname=perl
 version=5.16.1
-revision=1
+revision=2
 makedepends="gdbm-devel db-devel less groff"
 short_desc="Practical Extraction and Report Language"
 maintainer="Juan RP <xtraeme@gmail.com>"