summaryrefslogtreecommitdiffstats
path: root/gnu/usr.bin/perl (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Fix various overflows in perlafresh12018-11-297-60/+128
| | | | | | | | Addresses: * CVE-2018-18311 (Perl RT #133204) * CVE-2018-18312 (Perl RT #133423) * CVE-2018-18313 (Perl RT #133192) * CVE-2018-18314 (Perl RT #131649)
* Avoid Archive::Tar directory traversalafresh12018-06-191-0/+14
| | | | | | | | | | | | | | Addresses CVE-2018-12015 From Silamael <silamael () coronamundi ! de> Original bug reports: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900834 https://rt.cpan.org/Public/Bug/Display.html?id=125523 Original commit with the fix: https://github.com/jib/archive-tar-new/commit/ae65651eab053fc6dc4590dbb863a268215c1fc5 OK bluhm@, they should already be committed! deraadt@
* Correct heap overflow bugs in perlafresh12018-04-146-22/+87
| | | | | | | | | | | | | | | | | | | | * RT #131844: [CVE-2018-6913] heap-buffer-overflow in S_pack_rec Reported by GwanYeong Kim, fixed by Tony Cook. * RT #132063: [CVE-2018-6798] Heap-buffer-overflow in Perl__byte_dump_string (utf8.c) Reported by Nguyen Duc Manh, fixed by Karl Williamson, Yves Orton, and Tony Cook. * RT #132227: [CVE-2018-6797] heap-buffer-overflow (WRITE of size 1) in S_regatom (regcomp.c) Reported by Brian Carpenter, fixed by Yves Orton, Karl Williamson, and Tony Cook. Many thanks to deraadt@ tj@ bluhm@ tb@ robert@
* Fix perl build not to install libperl* twice. This has caused anyasuoka2018-01-251-21/+2
| | | | | | actual error if "install" was done parallelly. ok espie todd andrew1, input andrew1
* Support Time::HiRes::utime in File::Copyafresh12017-11-202-2/+9
| | | | Fixes issues with cross-device moves, noticed with autoconf
* Apply pre-built unicore patch, remove excess files - perl-5.24.3afresh12017-10-296-35/+491
| | | | ok bluhm@
* Apply local patches, remove excess files - perl-5.24.3afresh12017-10-2955-830/+1025
| | | | OK bluhm@
* Fix merge issues, remove excess files - match perl-5.24.3 distafresh12017-10-29137-1955/+2602
| | | | ok bluhm@
* Import perl-5.24.3afresh12017-10-299-8/+364
| | | | ok bluhm@
* Rev. 1.2 enabled UTF-8 by default.schwarze2017-09-291-0/+1
| | | | | | | During subsequent Perl updates, all the documentation changes etc. got carried along, but the actual code change was deleted in Rev. 1.3 and never restored. Restore it now. Bug found by bentley@; OK afresh1@ bentley@.
* A buffer over-read and heap overflow in perl's regexp may result inafresh12017-09-221-2/+5
| | | | | | | | | | a crash or memory leak. Fixes * CVE-2017-12883 (Buffer over-read) * CVE-2017-12837 (Heap overflow when compiling case-insensitive regexp) Patches by Karl Williamson
* Remove path support from perl OpenBSD::Pledgeafresh12017-09-093-87/+31
| | | | ok guenther@ deraadt@ giovanni@
* Update IO-Socket-IP to 0.39, bug fix needed for p5-Net-DNS 1.12.bluhm2017-08-232-7/+54
| | | | OK afresh1@ sthen@
* Apply pre-built unicore patch - perl-5.24.2afresh12017-08-146-35/+491
| | | | OK bluhm@, Reads ok sthen@
* Apply local patches - perl-5.24.2afresh12017-08-1471-971/+1415
| | | | OK bluhm@, Reads ok sthen@
* Fix merge issues, remove excess files - match perl-5.24.2 distafresh12017-08-14115-2372/+2400
| | | | OK bluhm@, Reads ok sthen@
* Import perl-5.24.2afresh12017-08-145-0/+644
|
* Zero out excess bytes in perl long doublesafresh12017-08-011-8/+7
| | | | | | | | From upstream commits by Niko Tyni <ntyni AT debian.org> * dd6885360b15e763e0706dc28555eea328de432d * 6b2c7479d6d33249c2385d8a36d8ee9e61e1a519 ok aja@
* get rid of flag clang doesn't grok (include -Werror in Configure, becauseespie2017-07-262-2/+1
| | | | | | clang will not error out on unknown flags) okay millert@, deraadt@
* Should have committed this two days ago, last part that ran during dependespie2017-07-041-2/+4
| | | | can run normally
* move all the post-Configure stuff to Makefile.bsd-wrapper1 instead of justespie2017-06-282-135/+124
| | | | | | | | | | the man parts. just leave Configure and forwarding targets in Makefile.bsd-wrapper, this allows bsd.lib.mk to function normally without depend, because all the puzzle is here. okay millert@ afresh1@
* Update to perl File::Path 2.13 for security fixesafresh12017-06-045-244/+639
| | | | | | Reccomended by upstream - jkeenan AT pobox.com OK sthen@
* Better avoid installing versioned perl, makes perlivp happyafresh12017-03-041-2/+4
|
* Correct list of perl manpages to be installedafresh12017-02-181-19/+10
| | | | Many thanks to schwarze@ for feedback and OK
* Remove incorrect perl version commentafresh12017-02-061-2/+2
| | | | From didickman AT gmail.com
* Apply pre-built unicore patch - perl-5.24.1afresh12017-02-05465-74764/+128931
|
* Apply local patches - perl-5.24.1afresh12017-02-0577-770/+1087
|
* Fix merge issues, remove excess files - match perl-5.24.1 distafresh12017-02-052821-279506/+377745
|
* Create perl directories 0775 in OBJDIRafresh12016-12-113-7/+9
| | | | | | Allows user to clean up after a noperm build requested and makes sense to tb@
* Remove /usr/libdata/perl5/site_perl from sitelib and sitearch, nowmillert2016-11-091-5/+3
| | | | | that we don't install .ph files we only want to search for these under /usr/local/libdata/perl5/site_perl. OK afresh1@
* Stop installing perl .ph filesafresh12016-11-091-10/+1
| | | | It's finally time
* Build install Config_heavy.pl during build not installafresh12016-09-242-13/+16
| | | | | | Needed for noperm builds OK natano@
* Set correct owner for installed files. One step closer to nopermnatano2016-09-203-9/+42
| | | | | | builds. initial diff and ok millert
* Don't check if target directory is writeable. This gets in the way ofnatano2016-09-161-2/+0
| | | | | | noperm builds. ok deraadt some time ago
* Really stop linking perl to pthreadafresh12016-09-011-0/+3
| | | | ok guenther@
* Revert unneeded version bump for perl modulesafresh12016-07-3010-10/+10
| | | | OK sthen@
* Patch perl CVE-2016-1238afresh12016-07-25269-279/+430
| | | | | | | | | | | | | | | | | | | | | | | | | | | | The problem relates to Perl 5 ("perl") loading modules from the includes directory array ("@INC") in which the last element is the current directory ("."). That means that, when "perl" wants to load a module (during first compilation or during lazy loading of a module in run-time), perl will look for the module in the current directory at the end, since '.' is the last include directory in its array of include directories to seek. The issue is with requiring libraries that are in "." but are not otherwise installed. The major problem with this behavior is that it unexpectedly puts a user at risk whenever they execute any Perl scripts from a directory that is writable by other accounts on the system. For instance, if a user is logged in as root and changes directory into /tmp or an account's home directory, it is possible to now run any shell commands that are written in C, Python or Ruby without fear. The same isn't true for any shell commands that are written in Perl, since a significant proportion of Perl scripts will execute code in the current working directory whenever they are run. For example, if a user on a shared system creates the file /tmp/Pod/Perldoc/Toterm.pm, and then I log in as root, change directory to /tmp, and run "perldoc perlrun", it will execute the code they have placed in the file. ok deraadt@
* The XSLoader issue has been assigned CVE-2016-6185millert2016-07-081-0/+1
|
* Apply http://perl5.git.perl.org/perl.git/commitdiff/08e3451d7millert2016-07-072-1/+51
| | | | | This fixes a bug where XSLoader could try to load from a subdir of the cwd when called via eval. OK afresh1@
* Update to perl 5.20.3afresh12016-07-03111-646/+2523
| | | | OK bluhm@
* Update perl Time::HiRes to 1.9739afresh12016-06-3017-205/+809
| | | | | | Which provides hires `utime` requested by espie@ OK millert@
* Stop linking perl to libpthreadafresh12016-06-281-8/+0
| | | | | | No longer necessary with TIB work from guenther@ ok sthen@
* Stop linking perl to libutil, never necessaryafresh12016-06-282-2/+4
| | | | from guenther@ ok sthen@
* Correct return value of OpenBSD::MkTemp in scalar contextafresh12016-05-082-4/+16
| | | | | | From Francesco Toscan < f.toscan AT hotmail DOT it > ok guenther@
* remove reference to file that's only built when dbm is presenttedu2016-05-071-1/+0
|
* ... and link into the buildespie2016-05-072-0/+12
|
* fix build within perlespie2016-05-071-2/+2
|
* same patch as ports treeespie2016-05-071-1/+1
|
* Term::ReadKey vendor import, as discussed with millert@ and afresh1@espie2016-05-0715-0/+12485
|
* Stop embedding the build time in the Perl binary.daniel2016-04-251-7/+14
| | | | | | | This is a backport of commit 6baa8d with the local addition of: undef PERL_BUILD_DATE ok afresh1@
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.