| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
OK sthen@
|
| |
|
|
| |
OK sthen@
|
| |
|
|
| |
OK sthen@
|
| |
|
|
|
|
|
|
|
|
|
| |
Found by: ManhND of The Tarantula Team, VinCSS (a member of Vingroup),
Hugo van der Sanden, Slaven Rezic, and Sergey Aleynikov
Fixed by: John Lightsey, Hugo van der Sanden, and Karl Williamson
Addresses:
* CVE-2020-10543
* CVE-2020-10878
* CVE-2020-12723
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
https://metacpan.org/pod/release/SHAY/perl-5.30.2/pod/perldelta.pod
Incompatible Changes
There are no changes intentionally incompatible with 5.30.0.
Updated Modules and Pragmata
* Compress::Raw::Bzip2 has been upgraded from version 2.084 to 2.089.
* Module::CoreList has been upgraded from version 5.20191110 to 5.20200314.
Selected Bug Fixes
* printf() or sprintf() with the %n format no longer cause a panic
on debugging builds, or report an incorrectly cached length value
when producing SVfUTF8 flagged strings.
* A memory leak in regular expression patterns has been fixed.
* A read beyond buffer in grok_infnan has been fixed.
* An assertion failure in the regular expression engine has been fixed.
* (?{...}) eval groups in regular expressions no longer unintentionally
trigger "EVAL without pos change exceeded limit in regex".
Proceed when you feel comfortable. deraadt@
|
| |
|
|
| |
Timing is good deraadt@, OK sthen@
|
| |
|
|
| |
Timing is good deraadt@, OK sthen@
|
| |
|
|
| |
Timing is good deraadt@, OK sthen@
|
| |
|
|
|
|
|
| |
Minor bugfixes and documentation improvments. See perldelta for details.
https://metacpan.org/pod/release/SHAY/perl-5.28.2/pod/perldelta.pod
OK bluhm@
|
| |
|
|
| |
looking good sthen@, Great! bluhm@
|
| |
|
|
| |
looking good sthen@, Great! bluhm@
|
| |
|
|
| |
looking good sthen@, Great! bluhm@
|
| |
|
|
|
|
|
|
| |
Addresses:
* CVE-2018-18311 (Perl RT #133204)
* CVE-2018-18312 (Perl RT #133423)
* CVE-2018-18313 (Perl RT #133192)
* CVE-2018-18314 (Perl RT #131649)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* RT #131844: [CVE-2018-6913] heap-buffer-overflow in S_pack_rec
Reported by GwanYeong Kim, fixed by Tony Cook.
* RT #132063: [CVE-2018-6798] Heap-buffer-overflow in
Perl__byte_dump_string (utf8.c)
Reported by Nguyen Duc Manh, fixed by Karl Williamson, Yves Orton, and
Tony Cook.
* RT #132227: [CVE-2018-6797] heap-buffer-overflow (WRITE of size 1) in
S_regatom (regcomp.c)
Reported by Brian Carpenter, fixed by Yves Orton, Karl Williamson, and
Tony Cook.
Many thanks to deraadt@ tj@ bluhm@ tb@ robert@
|
| |
|
|
| |
OK bluhm@
|
| |
|
|
| |
ok bluhm@
|
| |
|
|
| |
OK bluhm@, Reads ok sthen@
|
| |
|
|
| |
OK bluhm@, Reads ok sthen@
|
| | |
|
| | |
|
| |
|
|
| |
OK bluhm@
|
| |
|
|
|
| |
It can cause certain regular expressions with malformed UTF8 inputs
to go into a forever loop and consume 100% CPU. OK afresh1@
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
ok deraadt@ sthen@ espie@ miod@
|
| |
|
|
| |
ok deraadt@ sthen@ espie@ miod@
|
| | |
|
| |
|
|
| |
OK espie@ sthen@ deraadt@
|
| |
|
|
| |
OK espie@ sthen@ deraadt@
|
| |
|
|
| |
(some more to do after this one)
|
| | |
|
| |
|
afresh1
millert
sthen