#
e0680481 |
| 14-May-2024 |
afresh1 <afresh1@openbsd.org> |
Fix merge issues, remove excess files - match perl-5.38.2 dist
ok gkoehler@ Commit and we'll fix fallout bluhm@ Right away, please deraadt@
|
#
cf22c65b |
| 23-Dec-2023 |
afresh1 <afresh1@openbsd.org> |
Update to perl 5.36.3
No changes to perl, as those were already committed for the earlier errata. This just brings documentation and such in line with upstream.
ok bluhm@
|
#
204dddbb |
| 08-Jul-2023 |
afresh1 <afresh1@openbsd.org> |
Update to perl 5.36.1
Many small bugfixes
you should commit 5.36.1 bluhm@
|
#
eac174f2 |
| 15-Feb-2023 |
afresh1 <afresh1@openbsd.org> |
Fix merge issues, remove excess files - match perl-5.36.0 dist
OK bluhm@ a good time naddy@
|
#
56d68f1e |
| 01-Mar-2021 |
afresh1 <afresh1@openbsd.org> |
Fix merge issues, remove excess files - match perl-5.32.1 dist
OK sthen@
|
#
4510546b |
| 04-Jun-2020 |
afresh1 <afresh1@openbsd.org> |
Sync to perl 5.30.3
All functional changes were committed already, this updates the version number, Module::Corelist, and documentation.
|
#
98dafc01 |
| 09-Apr-2020 |
afresh1 <afresh1@openbsd.org> |
Update perl to 5.30.2
https://metacpan.org/pod/release/SHAY/perl-5.30.2/pod/perldelta.pod
Incompatible Changes There are no changes intentionally incompatible with 5.30.0.
Updated Modules and
Update perl to 5.30.2
https://metacpan.org/pod/release/SHAY/perl-5.30.2/pod/perldelta.pod
Incompatible Changes There are no changes intentionally incompatible with 5.30.0.
Updated Modules and Pragmata * Compress::Raw::Bzip2 has been upgraded from version 2.084 to 2.089. * Module::CoreList has been upgraded from version 5.20191110 to 5.20200314.
Selected Bug Fixes * printf() or sprintf() with the %n format no longer cause a panic on debugging builds, or report an incorrectly cached length value when producing SVfUTF8 flagged strings. * A memory leak in regular expression patterns has been fixed. * A read beyond buffer in grok_infnan has been fixed. * An assertion failure in the regular expression engine has been fixed. * (?{...}) eval groups in regular expressions no longer unintentionally trigger "EVAL without pos change exceeded limit in regex".
Proceed when you feel comfortable. deraadt@
show more ...
|
#
b46d8ef2 |
| 30-Dec-2019 |
afresh1 <afresh1@openbsd.org> |
Fix merge issues, remove excess files - match perl-5.30.1 dist
Timing is good deraadt@, OK sthen@
|
#
e603c72f |
| 24-May-2019 |
afresh1 <afresh1@openbsd.org> |
Update to perl 5.28.2
Minor bugfixes and documentation improvments. See perldelta for details. https://metacpan.org/pod/release/SHAY/perl-5.28.2/pod/perldelta.pod
OK bluhm@
|
#
9f11ffb7 |
| 13-Feb-2019 |
afresh1 <afresh1@openbsd.org> |
Fix merge issues, remove excess files - match perl-5.28.1 dist
looking good sthen@, Great! bluhm@
|
#
c0dd97bf |
| 29-Oct-2017 |
afresh1 <afresh1@openbsd.org> |
Fix merge issues, remove excess files - match perl-5.24.3 dist
ok bluhm@
|
#
de18eedb |
| 14-Aug-2017 |
afresh1 <afresh1@openbsd.org> |
Fix merge issues, remove excess files - match perl-5.24.2 dist
OK bluhm@, Reads ok sthen@
|
#
b8851fcc |
| 05-Feb-2017 |
afresh1 <afresh1@openbsd.org> |
Fix merge issues, remove excess files - match perl-5.24.1 dist
|
#
0b7734b3 |
| 25-Jul-2016 |
afresh1 <afresh1@openbsd.org> |
Patch perl CVE-2016-1238
The problem relates to Perl 5 ("perl") loading modules from the includes directory array ("@INC") in which the last element is the current directory ("."). That means that,
Patch perl CVE-2016-1238
The problem relates to Perl 5 ("perl") loading modules from the includes directory array ("@INC") in which the last element is the current directory ("."). That means that, when "perl" wants to load a module (during first compilation or during lazy loading of a module in run-time), perl will look for the module in the current directory at the end, since '.' is the last include directory in its array of include directories to seek. The issue is with requiring libraries that are in "." but are not otherwise installed.
The major problem with this behavior is that it unexpectedly puts a user at risk whenever they execute any Perl scripts from a directory that is writable by other accounts on the system. For instance, if a user is logged in as root and changes directory into /tmp or an account's home directory, it is possible to now run any shell commands that are written in C, Python or Ruby without fear.
The same isn't true for any shell commands that are written in Perl, since a significant proportion of Perl scripts will execute code in the current working directory whenever they are run. For example, if a user on a shared system creates the file /tmp/Pod/Perldoc/Toterm.pm, and then I log in as root, change directory to /tmp, and run "perldoc perlrun", it will execute the code they have placed in the file.
ok deraadt@
show more ...
|
#
ee730484 |
| 08-Jul-2016 |
millert <millert@openbsd.org> |
The XSLoader issue has been assigned CVE-2016-6185
|
#
fb8aa749 |
| 03-Jul-2016 |
afresh1 <afresh1@openbsd.org> |
Update to perl 5.20.3
OK bluhm@
|
#
429e98d2 |
| 22-Apr-2016 |
millert <millert@openbsd.org> |
Add entry for CVE-2015-8853 patch.
|
#
e9260a21 |
| 25-Apr-2015 |
afresh1 <afresh1@openbsd.org> |
Fix merge issues, remove excess files - match perl-5.20.2 dist
|
#
dddc9066 |
| 17-Nov-2014 |
afresh1 <afresh1@openbsd.org> |
Apply local patches to perl-5.20.1
ok deraadt@ sthen@ espie@ miod@
|
#
e5157e49 |
| 17-Nov-2014 |
afresh1 <afresh1@openbsd.org> |
Fix merge conflicts, remove extra files, match upstream perl-5.20.1
ok deraadt@ sthen@ espie@ miod@
|
#
adf9d303 |
| 26-Oct-2014 |
bluhm <bluhm@openbsd.org> |
Fix a possibly infinite recursion in Perl Data::Dumper.
Derived from Perl git commit http://perl5.git.perl.org/perl.git 19be3be6968e2337bcdfe480693fff795ecd1304 Add a configuration variable/option t
Fix a possibly infinite recursion in Perl Data::Dumper.
Derived from Perl git commit http://perl5.git.perl.org/perl.git 19be3be6968e2337bcdfe480693fff795ecd1304 Add a configuration variable/option to limit recursion when dumping deep data structures. Defaults the limit to 1000, which can be reduced or increase, or eliminated by setting it to 0. This patch addresses CVE-2014-4330. This bug was found and reported by: LSE Leading Security Experts GmbH employee Markus Vervier.
From Maximilian Pascher; OK schwarze@ afresh1@
show more ...
|
#
c87e12b9 |
| 05-Sep-2014 |
jasper <jasper@openbsd.org> |
update libnet to 1.27; various bugfixes and improvements: http://cpansearch.perl.org/src/SHAY/libnet-1.27/Changes
ok millert@
|
#
d5d7d10e |
| 01-Sep-2014 |
jasper <jasper@openbsd.org> |
apply fix from upstream to remedy RT 37700, which hardens the close() function
ok millert@
|
#
e9ce3842 |
| 24-Mar-2014 |
afresh1 <afresh1@openbsd.org> |
Merge perl-5.18.2 plus local patches, remove old files
OK espie@ sthen@ deraadt@
|
#
48950c12 |
| 25-Mar-2013 |
sthen <sthen@openbsd.org> |
merge/resolve conflicts (some more to do after this one)
|