--- /var/abs/base/perl/PKGBUILD	2005-06-05 17:13:19.000000000 -0400
+++ /var/abs/local/perl/PKGBUILD	2005-12-28 15:25:06.000000000 -0500
@@ -2,12 +2,15 @@
 # Maintainer: judd <jvinet@zeroflux.org>
 pkgname=perl
 pkgver=5.8.7
-pkgrel=1
+pkgrel=2
 pkgdesc="Practical Extraction and Report Language"
 url="http://www.perl.org"
 depends=('glibc' 'coreutils' 'gdbm' 'db')
 source=(http://www.cpan.org/src/5.0/perl-$pkgver.tar.gz \
-  perl-5.8.1.patch http://theoryx5.uwinnipeg.ca/cpan/authors/id/P/PM/PMQS/DB_File-1.811.tar.gz)
+  perl-5.8.1.patch http://theoryx5.uwinnipeg.ca/cpan/authors/id/P/PM/PMQS/DB_File-1.811.tar.gz
+  ftp://ftp.cpan.org/pub/CPAN/authors/id/N/NW/NWCLARK/sprintf-5.8.7.patch
+  http://search.cpan.org/CPAN/authors/id/S/SA/SAPER/Sys-Syslog-0.10.tar.gz
+)
 install=perl.install
 md5sums=('dacefa1fe3c5b6d7bbc334ad94826131' '5d2aae48a809c06660f4abd7f95dec43'\
          'b5fe98c944ead904ebf2afb3eff95b9f')
@@ -15,11 +18,21 @@
 build() {
   cd $startdir/src/$pkgname-$pkgver
   patch -Np1 -i ../perl-5.8.1.patch || return 1
+
+  # correct recent sprintf format vulnerabilities:
+  # fix sprintf
+  patch -Np1 -i ../sprintf-5.8.7.patch || return 1
+  # replace Sys/Syslog with fixed version 0.10.
+  cd ext
+  rm -rf Sys/Syslog/*
+  mv $startdir/src/Sys-Syslog-0.10/* Sys/Syslog
+
   # replace the old DB_File with the newest one from CPAN,
   # since it supports sleepycat's db 4.1.x
-  cd ext
+  #cd ext
   rm -rf DB_File
   mv $startdir/src/DB_File-1.811 ./DB_File
+
   cd $startdir/src/$pkgname-$pkgver
   ./Configure -des -Dprefix=/usr -Dinstallprefix=$startdir/pkg/usr \
     -Dman1dir=/usr/man/man1 -Dman3dir=/usr/man/man3 -Doptimize="$CFLAGS" \