./lang/perl5, Practical Extraction and Report Language

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 5.26.1, Package name: perl-5.26.1, Maintainer: pkgsrc-users

Perl is a general-purpose programming language originally developed
for text manipulation and now used for a wide range of tasks including
system administration, web development, network programming, GUI
development, and more. The language is intended to be practical (easy
to use, efficient, complete) rather than beautiful (tiny, elegant,
minimal). Its major features are that it's easy to use, supports both
procedural and object-oriented (OO) programming, has powerful built-in
support for text processing, and has one of the world's most impressive
collections of third-party modules.


Required to build:
[pkgtools/cwrappers]

Package options: 64bitauto, threads

Master sites: (Expand)

SHA1: fadec45b7b48a06b3d2adab91c13f568dce717cd
RMD160: fff5bf2e6ad6488b8866bf300c32707972b8ffc6
Filesize: 14153.168 KB

Version history: (Expand)


CVS history: (Expand)


   2017-10-04 14:54:17 by Havard Eidnes | Files touched by this commit (4) | Package updated
Log message:
Update perl to version 5.26.1.

Pkgsrc changes:
 * Remove patch which has been integrated upstream

Upstream changes:

NAME
       perldelta - what is new for perl v5.26.1

DESCRIPTION
       This document describes differences between the 5.26.0 release and the
       5.26.1 release.

       If you are upgrading from an earlier release such as 5.24.0, first read
       perl5260delta, which describes differences between 5.24.0 and 5.26.0.

Security
   [CVE-2017-12837] Heap buffer overflow in regular expression compiler
       Compiling certain regular expression patterns with the case-insensitive
       modifier could cause a heap buffer overflow and crash perl.  This has
       now been fixed.  [perl #131582]
       <https://rt.perl.org/Public/Bug/Display.html?id=131582>

   [CVE-2017-12883] Buffer over-read in regular expression parser
       For certain types of syntax error in a regular expression pattern, the
       error message could either contain the contents of a random, possibly
       large, chunk of memory, or could crash perl.  This has now been fixed.
       [perl #131598] <https://rt.perl.org/Public/Bug/Display.html?id=131598>

   [CVE-2017-12814] $ENV{$key} stack buffer overflow on Windows
       A possible stack buffer overflow in the %ENV code on Windows has been
       fixed by removing the buffer completely since it was superfluous
       anyway.  [perl #131665]
       <https://rt.perl.org/Public/Bug/Display.html?id=131665>

Incompatible Changes
       There are no changes intentionally incompatible with 5.26.0.  If any
       exist, they are bugs, and we request that you submit a report.  See
       "Reporting Bugs" below.

Modules and Pragmata
   Updated Modules and Pragmata
       *   base has been upgraded from version 2.25 to 2.26.

           The effects of dotless @INC on this module have been limited by the
           introduction of a more refined and accurate solution for removing
           '.' from @INC while reducing the false positives.

       *   charnames has been upgraded from version 1.44 to 1.45.

       *   Module::CoreList has been upgraded from version 5.20170530 to
           5.20170922_26.

Platform Support
   Platform-Specific Notes
       FreeBSD
           *   Building with g++ on FreeBSD-11.0 has been fixed.  [perl
               #131337]
               <https://rt.perl.org/Public/Bug/Display.html?id=131337>

       Windows
           *   Support for compiling perl on Windows using Microsoft Visual
               Studio 2017 (containing Visual C++ 14.1) has been added.

           *   Building XS modules with GCC 6 in a 64-bit build of Perl failed
               due to incorrect mapping of "strtoll" and \ 
"strtoull".  This has
               now been fixed.  [perl #131726]
               <https://rt.perl.org/Public/Bug/Display.html?id=131726> [cpan
               #121683]
               <https://rt.cpan.org/Public/Bug/Display.html?id=121683> [cpan
               #122353]
               <https://rt.cpan.org/Public/Bug/Display.html?id=122353>

Selected Bug Fixes
       *   Several built-in functions previously had bugs that could cause
           them to write to the internal stack without allocating room for the
           item being written.  In rare situations, this could have led to a
           crash.  These bugs have now been fixed, and if any similar bugs are
           introduced in future, they will be detected automatically in
           debugging builds.  [perl #131732]
           <https://rt.perl.org/Public/Bug/Display.html?id=131732>

       *   Using a symbolic ref with postderef syntax as the key in a hash
           lookup was yielding an assertion failure on debugging builds.
           [perl #131627]
           <https://rt.perl.org/Public/Bug/Display.html?id=131627>

       *   List assignment ("aassign") could in some rare cases allocate an
           entry on the mortal stack and leave the entry uninitialized.  [perl
           #131570] <https://rt.perl.org/Public/Bug/Display.html?id=131570>

       *   Attempting to apply an attribute to an "our" variable where a
           function of that name already exists could result in a NULL pointer
           being supplied where an SV was expected, crashing perl.  [perl
           #131597] <https://rt.perl.org/Public/Bug/Display.html?id=131597>

       *   The code that vivifies a typeglob out of a code ref made some false
           assumptions that could lead to a crash in cases such as \ 
$::{"A"} =
           sub {}; \&{"A"}.  This has now been fixed.  [perl #131085]
           <https://rt.perl.org/Public/Bug/Display.html?id=131085>

       *   "my_atof2" no longer reads beyond the terminating NUL, which
           previously occurred if the decimal point is immediately before the
           NUL.  [perl #131526]
           <https://rt.perl.org/Public/Bug/Display.html?id=131526>

       *   Occasional "Malformed UTF-8 character" crashes in \ 
"s//" on utf8
           strings have been fixed.  [perl #131575]
           <https://rt.perl.org/Public/Bug/Display.html?id=131575>

       *   "perldoc -f s" now finds "s///".  [perl #131371]
           <https://rt.perl.org/Public/Bug/Display.html?id=131371>

       *   Some erroneous warnings after utf8 conversion have been fixed.
           [perl #131190]
           <https://rt.perl.org/Public/Bug/Display.html?id=131190>

       *   The "jmpenv" frame to catch Perl exceptions is set up \ 
lazily, and
           this used to be a bit too lazy.  The catcher is now set up earlier,
           preventing some possible crashes.  [perl #105930]
           <https://rt.perl.org/Public/Bug/Display.html?id=105930>

       *   Spurious "Assuming NOT a POSIX class" warnings have been \ 
removed.
           [perl #131522]
           <https://rt.perl.org/Public/Bug/Display.html?id=131522>

Acknowledgements
       Perl 5.26.1 represents approximately 4 months of development since Perl
       5.26.0 and contains approximately 8,900 lines of changes across 85
       files from 23 authors.

       Excluding auto-generated files, documentation and release tools, there
       were approximately 990 lines of changes to 38 .pm, .t, .c and .h files.

       Perl continues to flourish into its third decade thanks to a vibrant
       community of users and developers.  The following people are known to
       have contributed the improvements that became Perl 5.26.1:

       Aaron Crane, Andy Dougherty, Aristotle Pagaltzis, Chris 'BinGOs'
       Williams, Craig A. Berry, Dagfinn Ilmari Mannsaaker, David Mitchell, E.
       Choroba, Eric Herman, Father Chrysostomos, Jacques Germishuys, James E
       Keenan, John SJ Anderson, Karl Williamson, Ken Brown, Lukas Mai,
       Matthew Horsfall, Ricardo Signes, Sawyer X, Steve Hay, Tony Cook, Yves
       Orton, Zefram.

       The list above is almost certainly incomplete as it is automatically
       generated from version control history.  In particular, it does not
       include the names of the (very much appreciated) contributors who
       reported issues to the Perl bug tracker.

       Many of the changes included in this version originated in the CPAN
       modules included in Perl's core.  We're grateful to the entire CPAN
       community for helping Perl to flourish.

       For a more complete list of all of Perl's historical contributors,
       please see the AUTHORS file in the Perl source distribution.

Reporting Bugs
       If you find what you think is a bug, you might check the perl bug
       database at <https://rt.perl.org/> .  There may also be information at
       <http://www.perl.org/> , the Perl Home Page.

       If you believe you have an unreported bug, please run the perlbug
       program included with your release.  Be sure to trim your bug down to a
       tiny but sufficient test case.  Your bug report, along with the output
       of "perl -V", will be sent off to perlbug@perl.org to be analysed by
       the Perl porting team.

       If the bug you are reporting has security implications which make it
       inappropriate to send to a publicly archived mailing list, then see
       "SECURITY VULNERABILITY CONTACT INFORMATION" in perlsec for \ 
details of
       how to report the issue.

Give Thanks
       If you wish to thank the Perl 5 Porters for the work we had done in
       Perl 5, you can do so by running the "perlthanks" program:

           perlthanks

       This will send an email to the Perl 5 Porters list with your show of
       thanks.

SEE ALSO
       The Changes file for an explanation of how to view exhaustive details
       on what changed.

       The INSTALL file for how to build Perl.

       The README file for general stuff.

       The Artistic and Copying files for copyright information.
   2017-09-23 07:29:07 by Maya Rashish | Files touched by this commit (3) | Package updated
Log message:
perl5: patch for CVE-2017-12837, CVE-2017-12883

CVE-2017-12837: heap buffer overflow in regular expression compiler
CVE-2017-12883: buffer over-read in regular expression parser

From upstream commits:
https://perl5.git.perl.org/perl.git/com … d2041f300f
https://perl5.git.perl.org/perl.git/com … 9a822dc8a5

bump PKGREVISION
   2017-09-03 10:53:18 by Thomas Klausner | Files touched by this commit (165)
Log message:
Follow some redirects.
   2017-07-07 07:54:24 by Thomas Klausner | Files touched by this commit (4) | Package updated
Log message:
Use ldflags during build.
Allow -Wl,-z arguments into lddlflags.

Fixes RELRO build.

Bump PKGREVISION.

While here, remove bogus comment from patch and remove reference
to two non-existing files.
   2017-06-08 13:05:33 by Thomas Klausner | Files touched by this commit (1)
Log message:
Actually bump perl requirement to 5.26 (different installation path
for modules).
   2017-06-06 14:37:50 by Jonathan Perkin | Files touched by this commit (3)
Log message:
Fix build with dtrace option.
   2017-06-05 20:58:44 by Benny Siegert | Files touched by this commit (3)
Log message:
Apply patch from latest OpenBSD errata (CVE-2017-6512) here, too.
   2017-06-05 16:45:54 by Ryo ONODERA | Files touched by this commit (1)
Log message:
Increment version number of perl5