| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
| |
We are never going to update the files that generate this test and
the interaction with "cvs up" means we can accidentally hit it when
they hange between releases but permissions when building the system
prevent us from writing the update and breaks the build.
Found by naddy@, krw@, and deraadt@
|
| |
|
|
| |
OK sthen@
|
| |
|
|
| |
OK sthen@
|
| |
|
|
| |
OK sthen@
|
| |
|
|
|
| |
All functional changes were committed already, this updates the
version number, Module::Corelist, and documentation.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
https://metacpan.org/pod/release/SHAY/perl-5.30.2/pod/perldelta.pod
Incompatible Changes
There are no changes intentionally incompatible with 5.30.0.
Updated Modules and Pragmata
* Compress::Raw::Bzip2 has been upgraded from version 2.084 to 2.089.
* Module::CoreList has been upgraded from version 5.20191110 to 5.20200314.
Selected Bug Fixes
* printf() or sprintf() with the %n format no longer cause a panic
on debugging builds, or report an incorrectly cached length value
when producing SVfUTF8 flagged strings.
* A memory leak in regular expression patterns has been fixed.
* A read beyond buffer in grok_infnan has been fixed.
* An assertion failure in the regular expression engine has been fixed.
* (?{...}) eval groups in regular expressions no longer unintentionally
trigger "EVAL without pos change exceeded limit in regex".
Proceed when you feel comfortable. deraadt@
|
| |
|
|
| |
Timing is good deraadt@, OK sthen@
|
| |
|
|
| |
Timing is good deraadt@, OK sthen@
|
| |
|
|
| |
Timing is good deraadt@, OK sthen@
|
| |
|
|
|
|
|
| |
Minor bugfixes and documentation improvments. See perldelta for details.
https://metacpan.org/pod/release/SHAY/perl-5.28.2/pod/perldelta.pod
OK bluhm@
|
| |
|
|
| |
looking good sthen@, Great! bluhm@
|
| |
|
|
| |
looking good sthen@, Great! bluhm@
|
| |
|
|
| |
looking good sthen@, Great! bluhm@
|
| |
|
|
| |
OK bluhm@
|
| |
|
|
| |
ok bluhm@
|
| |
|
|
| |
ok bluhm@
|
| |
|
|
| |
OK bluhm@, Reads ok sthen@
|
| |
|
|
| |
OK bluhm@, Reads ok sthen@
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Allows user to clean up after a noperm build
requested and makes sense to tb@
|
| |
|
|
| |
OK sthen@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The problem relates to Perl 5 ("perl") loading modules from the
includes directory array ("@INC") in which the last element is the
current directory ("."). That means that, when "perl" wants to
load a module (during first compilation or during lazy loading of
a module in run-time), perl will look for the module in the current
directory at the end, since '.' is the last include directory in
its array of include directories to seek. The issue is with requiring
libraries that are in "." but are not otherwise installed.
The major problem with this behavior is that it unexpectedly puts
a user at risk whenever they execute any Perl scripts from a directory
that is writable by other accounts on the system. For instance, if
a user is logged in as root and changes directory into /tmp or an
account's home directory, it is possible to now run any shell
commands that are written in C, Python or Ruby without fear.
The same isn't true for any shell commands that are written in Perl,
since a significant proportion of Perl scripts will execute code
in the current working directory whenever they are run. For example,
if a user on a shared system creates the file /tmp/Pod/Perldoc/Toterm.pm,
and then I log in as root, change directory to /tmp, and run "perldoc
perlrun", it will execute the code they have placed in the file.
ok deraadt@
|
| |
|
|
|
| |
This fixes a bug where XSLoader could try to load from a subdir
of the cwd when called via eval. OK afresh1@
|
| |
|
|
| |
OK bluhm@
|
| |
|
|
| |
https://rt.perl.org/Ticket/Display.html?id=126862
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
ok deraadt@ sthen@ espie@ miod@
|
| |
|
|
| |
ok deraadt@ sthen@ espie@ miod@
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Derived from Perl git commit http://perl5.git.perl.org/perl.git
19be3be6968e2337bcdfe480693fff795ecd1304
Add a configuration variable/option to limit recursion when dumping
deep data structures.
Defaults the limit to 1000, which can be reduced or increase, or
eliminated by setting it to 0.
This patch addresses CVE-2014-4330. This bug was found and
reported by: LSE Leading Security Experts GmbH employee Markus
Vervier.
From Maximilian Pascher; OK schwarze@ afresh1@
|
| |
|
|
| |
OK espie@ sthen@ deraadt@
|
| |
|
|
| |
OK espie@ sthen@ deraadt@
|
| |
|
|
| |
(some more to do after this one)
|
| | |
|
| | |
|
| | |
|
| |
|
afresh1
millert
bluhm
sthen