./lang/perl5, Practical Extraction and Report Language

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 5.40.2, Package name: perl-5.40.2, Maintainer: pkgsrc-users

Perl is a general-purpose programming language originally developed
for text manipulation and now used for a wide range of tasks including
system administration, web development, network programming, GUI
development, and more. The language is intended to be practical (easy
to use, efficient, complete) rather than beautiful (tiny, elegant,
minimal). Its major features are that it's easy to use, supports both
procedural and object-oriented (OO) programming, has powerful built-in
support for text processing, and has one of the world's most impressive
collections of third-party modules.


Required to build:
[pkgtools/cwrappers]

Package options: perl-64bitauto, threads

Master sites: (Expand)

Filesize: 13597.191 KB

Version history: (Expand)


CVS history: (Expand)


   2025-04-21 22:55:52 by Thomas Klausner | Files touched by this commit (2)
Log message:
perl5: remove NetBSD 6 support
   2025-04-21 22:55:34 by Thomas Klausner | Files touched by this commit (3)
Log message:
perl5: remove Interix support
   2025-04-14 07:26:48 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
perl: update to 5.40.2.

[CVE-2024-56406] Heap buffer overflow vulnerability with tr//

A heap buffer overflow vulnerability was discovered in Perl.

When there are non-ASCII bytes in the left-hand-side of the C<tr> operator,
C<S_do_trans_invmap()> can overflow the destination pointer C<d>.

  $ perl -e '$_ = "\x{FF}" x 1000000; tr/\xFF/\x{100}/;'
  Segmentation fault (core dumped)

It is believed that this vulnerability can enable Denial of Service or
Arbitrary Code Execution attacks on platforms that lack sufficient defenses.

Discovered by: Nathan Mills.

<Module::CoreList> has been upgraded from version 5.20250118_40 to \ 
5.20250413_40.
   2025-03-30 23:10:49 by Thomas Klausner | Files touched by this commit (100)
Log message:
*: remove MirBSD support
   2025-03-30 17:00:21 by Thomas Klausner | Files touched by this commit (4)
Log message:
*: remove references to GNU/kFreeBSD
   2025-03-04 10:37:39 by Nia Alarie | Files touched by this commit (31)
Log message:
*: Assume that the user has a C99-capable compiler.

A compiler that supports -std=c99 is required for
bootstrap, so it doesn't make sense to specify a c99
compiler everywhere in package makefiles.

At any rate, I would bet my entire life's savings that
this is a small fraction of the total number of packages
requiring c99.

Note that compilers that default to c89 but support c99
are still supported...
   2025-02-18 12:49:55 by Thomas Klausner | Files touched by this commit (2)
Log message:
perl5: Fix build on Cygwin.

From Jonathan Perkin <jperkin@smartos.org>
via drecklypkg commit $46566a0efacfaf4b8cfb6c46ac9715d150453d12
   2025-02-11 13:30:15 by Ryo ONODERA | Files touched by this commit (3) | Package updated
Log message:
lang/perl5, databases/p5-gdbm: Update to 5.40.1

Changelog:
NAME
    perldelta - what is new for perl v5.40.1

DESCRIPTION
    This document describes differences between the 5.40.0 release and the
    5.40.1 release.

    If you are upgrading from an earlier release such as 5.39.0, first read
    perl5400delta, which describes differences between 5.39.0 and 5.40.0.

Incompatible Changes
    There are no changes intentionally incompatible with 5.40.0. If any
    exist, they are bugs, and we request that you submit a report. See
    "Reporting Bugs" below.

Modules and Pragmata
  Updated Modules and Pragmata
    *   File::Spec has been upgraded from version 3.90 to 3.91.

    *   Module::CoreList has been upgraded from version 5.20240609 to
        5.20250118_40.

    *   warnings has been upgraded from version 1.69 to 1.70.

Documentation
  Changes to Existing Documentation
    We have attempted to update the documentation to reflect the changes
    listed in this document. If you find any we have missed, open an issue
    at <https://github.com/Perl/perl5/issues>.

Configuration and Compilation
    *   Fixed compilation on platforms (e.g. "Gentoo Prefix") with only a C
        locale. [GH #22569 <https://github.com/Perl/perl5/issues/22569>] Bug
        first reported downstream at bugs.gentoo.org/939014
        <https://bugs.gentoo.org/939014>.

    *   Fixed compilation error on some systems due to a typo in a printf()
        format. [GH #22793 <https://github.com/Perl/perl5/issues/22793>]

Testing
    Tests were added and changed to reflect the other additions and changes
    in this release.

Selected Bug Fixes
    *   Starting in Perl 5.39.8, ""strftime"" in POSIX would \ 
crash or
        produce odd errors (such as "Out of memory in
        perl:util:safesysmalloc") when given a format string that wasn't
        actually a string, but a number, "undef", or an object (even one
        with overloaded string conversion).

        Now "strftime" stringifies its first argument, as before. [GH \ 
#22498
        <https://github.com/Perl/perl5/issues/22498>]

    *   Builds with "-msse" and quadmath on 32-bit x86 systems would crash
        with a misaligned access early in the build. [GH #22577
        <https://github.com/Perl/perl5/issues/22577>]

    *   Using "goto" to tail call, or using the call_sv() and related APIs
        to call, any of trim(), refaddr(), reftype(), ceil(), floor() or
        stringify() in the "builtin::" package would crash or assert due to
        a "TARG" handling bug. [GH #22542
        <https://github.com/Perl/perl5/issues/22542>]

    *   Fixed an issue where utf8n_to_uvchr() failed to correctly identify
        certain invalid UTF-8 sequences as invalid. Specifically, sequences
        that start with continuation bytes or unassigned bytes could cause
        unexpected behaviour or a panic. This fix ensures that such invalid
        sequences are now properly detected and handled. This correction
        also resolves related issues in modules that handle UTF-8
        processing, such as Encode.

    *   Fixed a double free error or possible memory leak when failing to
        compile certain regexps. [GH #21661
        <https://github.com/Perl/perl5/issues/21661>]