Change log for perl package in Ubuntu
1 → 75 of 246 results | First • Previous • Next • Last |
perl (5.38.2-4) unstable; urgency=medium * Import t64 NMUs. * Fix autopkgtest regression caused by the NMUs. (Closes: #1068934) -- Niko Tyni <email address hidden> Sat, 27 Apr 2024 18:32:01 +0300
Available diffs
- diff from 5.38.2-3.2build2 (in Ubuntu) to 5.38.2-4 (1023 bytes)
Superseded in oracular-release |
Published in noble-release |
Deleted in noble-proposed (Reason: Moved to noble) |
perl (5.38.2-3.2build2) noble; urgency=medium * No-change rebuild for time_t transition. -- Sergio Durigan Junior <email address hidden> Fri, 05 Apr 2024 15:57:12 -0400
Available diffs
- diff from 5.38.2-3.2build1 to 5.38.2-3.2build2 (321 bytes)
perl (5.38.2-3.2build1) noble; urgency=medium * No-change rebuild for CVE-2024-3094 -- Steve Langasek <email address hidden> Sun, 31 Mar 2024 08:13:57 +0000
Available diffs
perl (5.38.2-3.2) unstable; urgency=medium * Non-maintainer upload. * Fix check for i386 to avoid transitioning there. Closes: #1065483. * Manually add perlapi-5.38.2t64 to Provides: on i386 to avoid another difficult transition. -- Steve Langasek <email address hidden> Wed, 06 Mar 2024 17:19:01 +0000
Available diffs
- diff from 5.38.2-3 to 5.38.2-3.2 (16.9 KiB)
- diff from 5.38.2-3ubuntu1 (in Ubuntu) to 5.38.2-3.2 (17.2 KiB)
Superseded in noble-proposed |
perl (5.38.2-3ubuntu1) noble; urgency=medium * debian/rules: Use t64 perl ABI on 32-bit architectures -- Julian Andres Klode <email address hidden> Thu, 29 Feb 2024 10:06:01 +0100
Available diffs
Deleted in noble-updates (Reason: superseded by release) |
Superseded in noble-release |
Deleted in noble-proposed (Reason: Moved to noble) |
perl (5.38.2-3) unstable; urgency=medium * Unbreak locale initialization when embedding perl. (Closes: #1060456) -- Niko Tyni <email address hidden> Fri, 12 Jan 2024 18:16:08 +0200
Available diffs
- diff from 5.36.0-10ubuntu1 (in Ubuntu) to 5.38.2-3 (3.2 MiB)
- diff from 5.38.2-2 to 5.38.2-3 (1.0 KiB)
perl (5.38.2-2) unstable; urgency=medium * Update copyright file for the superfast hash algorithm removal. Thanks to Milton Moura. (Closes: #1054457) * Add 5.38.2 to debian/released-versions. * Upload to unstable. -- Niko Tyni <email address hidden> Tue, 09 Jan 2024 22:05:06 +0200
Available diffs
perl (5.36.0-10ubuntu1) noble; urgency=medium * Merge with Debian; remaining changes: - Fix for CVE-2023-31484.
Available diffs
perl (5.30.0-9ubuntu0.5) focal-security; urgency=medium * SECURITY UPDATE: heap overflow via regular expression - debian/patches/CVE-2023-47038.patch: fix read/write past buffer end in regcomp.c, t/re/pat_advanced.t. - CVE-2023-47038 -- Marc Deslauriers <email address hidden> Thu, 23 Nov 2023 10:02:19 -0500
Available diffs
perl (5.34.0-3ubuntu1.3) jammy-security; urgency=medium * SECURITY UPDATE: heap overflow via regular expression - debian/patches/CVE-2023-47038.patch: fix read/write past buffer end in regcomp.c, t/re/pat_advanced.t. - CVE-2023-47038 * SECURITY UPDATE: infinite recursion via warning message printing - debian/patches/CVE-2022-48522.patch: fix warning handling in sv.c, t/lib/warnings/sv. - CVE-2022-48522 -- Marc Deslauriers <email address hidden> Thu, 23 Nov 2023 09:56:46 -0500
Available diffs
perl (5.36.0-7ubuntu0.23.04.2) lunar-security; urgency=medium * SECURITY UPDATE: heap overflow via regular expression - debian/patches/CVE-2023-47038.patch: fix read/write past buffer end in regcomp.c, t/re/pat_advanced.t. - CVE-2023-47038 -- Marc Deslauriers <email address hidden> Thu, 23 Nov 2023 09:55:20 -0500
perl (5.36.0-9ubuntu1.1) mantic-security; urgency=medium * SECURITY UPDATE: heap overflow via regular expression - debian/patches/CVE-2023-47038.patch: fix read/write past buffer end in regcomp.c, t/re/pat_advanced.t. - CVE-2023-47038 -- Marc Deslauriers <email address hidden> Thu, 23 Nov 2023 09:53:16 -0500
Available diffs
Superseded in noble-release |
Published in mantic-release |
Deleted in mantic-proposed (Reason: Moved to mantic) |
perl (5.36.0-9ubuntu1) mantic; urgency=medium * Merge with Debian; remaining changes: - Fix for CVE-2023-31484.
Available diffs
- diff from 5.36.0-7ubuntu1 to 5.36.0-9ubuntu1 (14.6 KiB)
- diff from 5.36.0-7ubuntu3 to 5.36.0-9ubuntu1 (15.7 KiB)
Superseded in mantic-proposed |
perl (5.36.0-7ubuntu3) mantic; urgency=medium * Unconditionally use Perl_my_strlcat and Perl_my_strlcpy to avoid an ABI break with glibc 2.38 (can be dropped with perl 5.38). -- Matthias Klose <email address hidden> Thu, 07 Sep 2023 08:58:55 +0200
Available diffs
- diff from 5.36.0-7ubuntu2 to 5.36.0-7ubuntu3 (913 bytes)
Superseded in mantic-proposed |
perl (5.36.0-7ubuntu2) mantic; urgency=medium * Unconditionally use Perl_my_strlcat and Perl_my_strlcpy to avoid an ABI break with glibc 2.38 (can be dropped with perl 5.38). -- Matthias Klose <email address hidden> Thu, 07 Sep 2023 08:58:55 +0200
Available diffs
perl (5.36.0-7ubuntu1) mantic; urgency=medium * SECURITY UPDATE: insecure default TLS configuration in HTTP::Tiny module - debian/patches/CVE-2023-31484.patch: add verify_SSL=>1 to HTTP::Tiny to verify https server identity. - CVE-2023-31484 -- Camila Camargo de Matos <email address hidden> Tue, 23 May 2023 14:20:48 -0300
Available diffs
perl (5.36.0-7ubuntu0.23.04.1) lunar-security; urgency=medium * SECURITY UPDATE: insecure default TLS configuration in HTTP::Tiny module - debian/patches/CVE-2023-31484.patch: add verify_SSL=>1 to HTTP::Tiny to verify https server identity. - CVE-2023-31484 -- Camila Camargo de Matos <email address hidden> Tue, 23 May 2023 14:19:09 -0300
Available diffs
perl (5.34.0-5ubuntu1.2) kinetic-security; urgency=medium * SECURITY UPDATE: insecure default TLS configuration in HTTP::Tiny module - debian/patches/CVE-2023-31484.patch: add verify_SSL=>1 to HTTP::Tiny to verify https server identity. - CVE-2023-31484 -- Camila Camargo de Matos <email address hidden> Tue, 23 May 2023 14:18:57 -0300
Available diffs
- diff from 5.34.0-5ubuntu1.1 to 5.34.0-5ubuntu1.2 (882 bytes)
perl (5.34.0-3ubuntu1.2) jammy-security; urgency=medium * SECURITY UPDATE: insecure default TLS configuration in HTTP::Tiny module - debian/patches/CVE-2023-31484.patch: add verify_SSL=>1 to HTTP::Tiny to verify https server identity. - CVE-2023-31484 -- Camila Camargo de Matos <email address hidden> Tue, 23 May 2023 14:18:13 -0300
Available diffs
- diff from 5.34.0-3ubuntu1.1 to 5.34.0-3ubuntu1.2 (884 bytes)
perl (5.30.0-9ubuntu0.4) focal-security; urgency=medium * SECURITY UPDATE: insecure default TLS configuration in HTTP::Tiny module - debian/patches/CVE-2023-31484.patch: add verify_SSL=>1 to HTTP::Tiny to verify https server identity. - CVE-2023-31484 * debian/patches/fix-ext-POSIX-t-mb-test.patch: fix edge case test failure in ext/POSIX/t/mb.t. -- Camila Camargo de Matos <email address hidden> Tue, 23 May 2023 14:17:48 -0300
Available diffs
perl (5.26.1-6ubuntu0.7) bionic-security; urgency=medium * SECURITY UPDATE: insecure default TLS configuration in HTTP::Tiny module - debian/patches/CVE-2023-31484.patch: add verify_SSL=>1 to HTTP::Tiny to verify https server identity. - CVE-2023-31484 -- Camila Camargo de Matos <email address hidden> Tue, 23 May 2023 14:17:19 -0300
Available diffs
- diff from 5.26.1-6ubuntu0.6 to 5.26.1-6ubuntu0.7 (881 bytes)
Superseded in mantic-release |
Published in lunar-release |
Deleted in lunar-proposed (Reason: Moved to lunar) |
perl (5.36.0-7) unstable; urgency=medium * Break backuppc (<< 4.4.0-7~) due to Data::Dumper changes in 5.36 (Closes: #1026270) -- Niko Tyni <email address hidden> Sun, 08 Jan 2023 23:28:47 +0200
Available diffs
- diff from 5.36.0-4ubuntu2 (in Ubuntu) to 5.36.0-7 (56.4 KiB)
- diff from 5.36.0-6 to 5.36.0-7 (476 bytes)
perl (5.36.0-6) unstable; urgency=medium * Break duck (<< 0.14.1) due to #1025722 -- Niko Tyni <email address hidden> Sat, 10 Dec 2022 10:15:23 +0200
Available diffs
perl (5.34.0-5ubuntu1.1) kinetic-security; urgency=medium * SECURITY UPDATE: Signature verification bypass - debian/patches/CVE-2020-16156-1.patch: signature verification type CANNOT_VERIFY was not recognized in cpan/CPAN/lib/CPAN/Distribution.pm. - debia/patches/CVE-2020-16156-2.patch: add two new failure modes in cpan/CPAN/lib/CPAN/Distribution.pm. - debian/patches/CVE-2020-16156-3.patch: use gpg to disentangle data and signature in cpan/CPAN/lib/CPAN/Distribution.pm. - debian/patches/CVE-2020-16156-4.patch: replacing die with mydie in three spots in cpan/CPAN/lib/CPAN/Distribution.pm. - debian/patches/CVE-2020-16156-5.patch: disambiguate the call to gpg --output by adding --verify in cpan/CPAN/lib/CPAN/Distribution.pm. - debian/patches/CVE-2020-16156-6.patch: corrects typo in cpan/CPAN/lib/CPAN/Distribution.pm. - debian/patches/CVE-2020-16156-7.patch: corrects typo in cpan/CPAN/lib/CPAN/Distribution.pm. - CVE-2020-16156 -- Leonidas Da Silva Barbosa <email address hidden> Tue, 04 Oct 2022 09:36:22 -0300
Available diffs
perl (5.36.0-4ubuntu2) lunar; urgency=medium * Rebuild against new perlapi-5.36. -- Gianfranco Costamagna <email address hidden> Fri, 04 Nov 2022 12:18:03 +0100
Available diffs
Superseded in lunar-proposed |
perl (5.36.0-4ubuntu1) lunar; urgency=low * Merge from Debian unstable. Remaining changes: - Disable two porting/libperl.t tests, only run on x86*, and only testing the static libperl.a. - Disable the same porting/libperl.t tests on x86*, as on the other Linux architectures.
Available diffs
perl (5.30.0-9ubuntu0.3) focal-security; urgency=medium * SECURITY UPDATE: Signature verification bypass - debian/patches/CVE-2020-16156-1.patch: signature verification type CANNOT_VERIFY was not recognized in cpan/CPAN/lib/CPAN/Distribution.pm. - debia/patches/CVE-2020-16156-2.patch: add two new failure modes in cpan/CPAN/lib/CPAN/Distribution.pm. - debian/patches/CVE-2020-16156-3.patch: use gpg to disentangle data and signature in cpan/CPAN/lib/CPAN/Distribution.pm. - debian/patches/CVE-2020-16156-4.patch: replacing die with mydie in three spots in cpan/CPAN/lib/CPAN/Distribution.pm. - debian/patches/CVE-2020-16156-5.patch: disambiguate the call to gpg --output by adding --verify in cpan/CPAN/lib/CPAN/Distribution.pm. - debian/patches/CVE-2020-16156-6.patch: corrects typo in cpan/CPAN/lib/CPAN/Distribution.pm. - debian/patches/CVE-2020-16156-7.patch: corrects typo in cpan/CPAN/lib/CPAN/Distribution.pm. - CVE-2020-16156 -- Leonidas Da Silva Barbosa <email address hidden> Wed, 05 Oct 2022 07:27:25 -0300
Available diffs
perl (5.26.1-6ubuntu0.6) bionic-security; urgency=medium * SECURITY UPDATE: Signature verification bypass - debian/patches/CVE-2020-16156-1.patch: signature verification type CANNOT_VERIFY was not recognized in cpan/CPAN/lib/CPAN/Distribution.pm. - debia/patches/CVE-2020-16156-2.patch: add two new failure modes in cpan/CPAN/lib/CPAN/Distribution.pm. - debian/patches/CVE-2020-16156-3.patch: use gpg to disentangle data and signature in cpan/CPAN/lib/CPAN/Distribution.pm. - debian/patches/CVE-2020-16156-4.patch: replacing die with mydie in three spots in cpan/CPAN/lib/CPAN/Distribution.pm. - debian/patches/CVE-2020-16156-5.patch: disambiguate the call to gpg --output by adding --verify in cpan/CPAN/lib/CPAN/Distribution.pm. - debian/patches/CVE-2020-16156-6.patch: corrects typo in cpan/CPAN/lib/CPAN/Distribution.pm. - debian/patches/CVE-2020-16156-7.patch: corrects typo in cpan/CPAN/lib/CPAN/Distribution.pm. - CVE-2020-16156 -- Leonidas Da Silva Barbosa <email address hidden> Wed, 05 Oct 2022 07:49:22 -0300
Available diffs
perl (5.34.0-3ubuntu1.1) jammy-security; urgency=medium * SECURITY UPDATE: Signature verification bypass - debian/patches/CVE-2020-16156-1.patch: signature verification type CANNOT_VERIFY was not recognized in cpan/CPAN/lib/CPAN/Distribution.pm. - debia/patches/CVE-2020-16156-2.patch: add two new failure modes in cpan/CPAN/lib/CPAN/Distribution.pm. - debian/patches/CVE-2020-16156-3.patch: use gpg to disentangle data and signature in cpan/CPAN/lib/CPAN/Distribution.pm. - debian/patches/CVE-2020-16156-4.patch: replacing die with mydie in three spots in cpan/CPAN/lib/CPAN/Distribution.pm. - debian/patches/CVE-2020-16156-5.patch: disambiguate the call to gpg --output by adding --verify in cpan/CPAN/lib/CPAN/Distribution.pm. - debian/patches/CVE-2020-16156-6.patch: corrects typo in cpan/CPAN/lib/CPAN/Distribution.pm. - debian/patches/CVE-2020-16156-7.patch: corrects typo in cpan/CPAN/lib/CPAN/Distribution.pm. - CVE-2020-16156 -- Leonidas Da Silva Barbosa <email address hidden> Tue, 04 Oct 2022 15:16:23 -0300
Available diffs
Superseded in lunar-release |
Obsolete in kinetic-release |
Deleted in kinetic-proposed (Reason: Moved to kinetic) |
perl (5.34.0-5ubuntu1) kinetic; urgency=medium * Merge with Debian; remaining changes: - Disable two porting/libperl.t tests, only run on x86*, and only testing the static libperl.a. - Disable the same porting/libperl.t tests on x86*, as on the other Linux architectures.
Available diffs
- diff from 5.34.0-3ubuntu1 to 5.34.0-5ubuntu1 (61.3 KiB)
Superseded in kinetic-release |
Published in jammy-release |
Deleted in jammy-proposed (Reason: Moved to jammy) |
perl (5.34.0-3ubuntu1) jammy; urgency=medium * Merge with Debian; remaining changes: - Disable two porting/libperl.t tests, only run on x86*, and only testing the static libperl.a. - Disable the same porting/libperl.t tests on x86*, as on the other Linux architectures.
Available diffs
Superseded in jammy-proposed |
perl (5.32.1-6ubuntu1) jammy; urgency=medium * Merge with Debian; remaining changes: - Disable two porting/libperl.t tests, only run on x86*, and only testing the static libperl.a. - Disable the same porting/libperl.t tests on x86*, as on the other Linux architectures.
Available diffs
perl (5.32.1-6) unstable; urgency=medium * Add ARC cross build support files from Evgeniy Didin. (Closes: #990305) * Apply upstream patch fixing a regexp memory leak. (Closes: #994834) -- Niko Tyni <email address hidden> Fri, 24 Sep 2021 18:20:33 +0300
Superseded in jammy-release |
Obsolete in impish-release |
Deleted in impish-proposed (Reason: Moved to impish) |
perl (5.32.1-3ubuntu3) impish; urgency=medium * SECURITY UPDATE: Encode library can be made to run arbitrary Perl code from the current working directory - debian/patches/CVE-2021-36770.patch: mitigate @INC pollution when loading ConfigLocal in cpan/Encode/Encode.pm. - CVE-2021-36770 -- Marc Deslauriers <email address hidden> Mon, 02 Aug 2021 08:24:15 -0400
Available diffs
perl (5.32.1-3ubuntu2.1) hirsute-security; urgency=medium * SECURITY UPDATE: Encode library can be made to run arbitrary Perl code from the current working directory - debian/patches/CVE-2021-36770.patch: mitigate @INC pollution when loading ConfigLocal in cpan/Encode/Encode.pm. - CVE-2021-36770 -- Marc Deslauriers <email address hidden> Mon, 02 Aug 2021 08:24:15 -0400
Available diffs
Superseded in impish-release |
Obsolete in hirsute-release |
Deleted in hirsute-proposed (Reason: Moved to hirsute) |
perl (5.32.1-3ubuntu2) hirsute; urgency=medium * Disable two porting/libperl.t tests, only run on x86*, and only testing the static libperl.a. * Disable the same porting/libperl.t tests on x86*, as on the other Linux architectures. -- Matthias Klose <email address hidden> Tue, 23 Mar 2021 17:50:32 +0100
Available diffs
- diff from 5.32.1-2 (in Debian) to 5.32.1-3ubuntu2 (100.0 KiB)
- diff from 5.32.1-3ubuntu1 to 5.32.1-3ubuntu2 (735 bytes)
Superseded in hirsute-proposed |
perl (5.32.1-3ubuntu1) hirsute; urgency=medium * Disable two porting/libperl.t tests, only run on x86*, and only testing the static libperl.a. -- Matthias Klose <email address hidden> Tue, 23 Mar 2021 17:02:20 +0100
Available diffs
perl (5.32.1-3) unstable; urgency=medium * Refresh cross build support files for 5.32.1. (Closes: #983099) + Update source documentation (README.Source, debian/cross/README) with cross build support information. -- Niko Tyni <email address hidden> Thu, 25 Feb 2021 16:52:03 +0200
Available diffs
- diff from 5.32.1-2 to 5.32.1-3 (99.1 KiB)
perl (5.32.1-2) unstable; urgency=medium * Update relations with libmodule-corelist-perl to fix autopkgtest failures (Closes: #981409) * Add Breaks on earlier versions of libdevel-mat-dumper-perl built against earlier versions of perl (Closes: #981493) * Add 5.32.1 to debian/released-versions * Upload to unstable -- Dominic Hargreaves <email address hidden> Mon, 01 Feb 2021 22:44:54 +0000
Available diffs
- diff from 5.32.0-6 to 5.32.1-2 (92.1 KiB)
perl (5.32.0-6) unstable; urgency=medium [ Dominic Hargreaves ] * Update lintian overrides with various severity info and pedantic tags [ Niko Tyni ] * Add patch from Chris Lamb removing traces of the build directory from the binary packages. (Closes: #972559) * Refresh cross build support files. * Make perl Break the old perl-modules-5.24 package. (Closes: #976666) * Add a missing test dependency on dpkg-dev. -- Niko Tyni <email address hidden> Sun, 13 Dec 2020 20:58:36 +0200
Available diffs
- diff from 5.32.0-5 to 5.32.0-6 (110.1 KiB)
perl (5.32.0-5) unstable; urgency=medium [ Dominic Hargreaves ] * Add Breaks on versions of pod2pdf, bucardo, latexml, kio-perldoc which didn't depend on libpod-parser-perl (Closes: #974029) * Add Breaks on libencode-arabic-perl which had an autopkgtest regression with perl 5.32 (Closes: #974170) [ Niko Tyni ] * Update debian/copyright for 5.32.0 proper * Add test dependency on libdpkg-perl * Add Breaks on older versions of libmp3-tag-perl (see #947756) -- Dominic Hargreaves <email address hidden> Sat, 14 Nov 2020 11:19:57 +0000
Available diffs
- diff from 5.30.3-4 to 5.32.0-5 (2.5 MiB)
- diff from 5.32.0-4 to 5.32.0-5 (955 bytes)
perl (5.32.0-4) unstable; urgency=medium * Upload to unstable -- Dominic Hargreaves <email address hidden> Sun, 08 Nov 2020 16:57:57 +0000
perl (5.14.2-6ubuntu2.11) precise-security; urgency=medium [ Marc Deslauriers ] * SECURITY UPDATE: heap buffer overflow in regex compiler - debian/patches/CVE-2020-10543.patch: prevent integer overflow from nested regex quantifiers in regcomp.c. - CVE-2020-10543 * SECURITY UPDATE: regex intermediate language state corruption - debian/patches/CVE-2020-10878.patch: extract rck_elide_nothing in embed.fnc, embed.h, proto.h, regcomp.c. - CVE-2020-10878 * SECURITY UPDATE: regex intermediate language state corruption - debian/patches/CVE-2020-12723.patch: avoid mutating regexp program within GOSUB in embed.fnc, embed.h, proto.h, regcomp.c, t/re/pat.t. - CVE-2020-12723 * debian/patches/fix_test_2020.patch: fix FTBFS caused by test failing in the year 2020 in cpan/Time-Local/t/Local.t. -- <email address hidden> (Leonidas S. Barbosa) Mon, 26 Oct 2020 09:21:23 -0300
Available diffs
perl (5.22.1-9ubuntu0.9) xenial-security; urgency=medium * SECURITY UPDATE: heap buffer overflow in regex compiler - debian/patches/fixes/CVE-2020-10543.patch: prevent integer overflow from nested regex quantifiers in regcomp.c. - CVE-2020-10543 * SECURITY UPDATE: regex intermediate language state corruption - debian/patches/fixes/CVE-2020-10878.patch: extract rck_elide_nothing in embed.fnc, embed.h, proto.h, regcomp.c. - CVE-2020-10878 * SECURITY UPDATE: regex intermediate language state corruption - debian/patches/fixes/CVE-2020-12723.patch: avoid mutating regexp program within GOSUB in embed.fnc, embed.h, proto.h, regcomp.c, t/re/pat.t. - CVE-2020-12723 * debian/patches/fixes/fix_test_2020.patch: fix FTBFS caused by test failing in the year 2020 in cpan/Time-Local/t/Local.t. -- Marc Deslauriers <email address hidden> Mon, 19 Oct 2020 06:57:56 -0400
perl (5.26.1-6ubuntu0.5) bionic-security; urgency=medium * SECURITY UPDATE: heap buffer overflow in regex compiler - debian/patches/fixes/CVE-2020-10543.patch: prevent integer overflow from nested regex quantifiers in regcomp.c. - CVE-2020-10543 * SECURITY UPDATE: regex intermediate language state corruption - debian/patches/fixes/CVE-2020-10878.patch: extract rck_elide_nothing in embed.fnc, embed.h, proto.h, regcomp.c. - CVE-2020-10878 * SECURITY UPDATE: regex intermediate language state corruption - debian/patches/fixes/CVE-2020-12723.patch: avoid mutating regexp program within GOSUB in embed.fnc, embed.h, proto.h, regcomp.c, t/re/pat.t. - CVE-2020-12723 * debian/patches/fixes/fix_test_2020.patch: fix FTBFS caused by test failing in the year 2020 in cpan/Time-Local/t/Local.t. -- Marc Deslauriers <email address hidden> Mon, 19 Oct 2020 06:57:24 -0400
perl (5.30.0-9ubuntu0.2) focal-security; urgency=medium * SECURITY UPDATE: heap buffer overflow in regex compiler - debian/patches/fixes/CVE-2020-10543.patch: prevent integer overflow from nested regex quantifiers in regcomp.c. - CVE-2020-10543 * SECURITY UPDATE: regex intermediate language state corruption - debian/patches/fixes/CVE-2020-10878-1.patch: extract rck_elide_nothing in embed.fnc, embed.h, proto.h, regcomp.c. - debian/patches/fixes/CVE-2020-10878-2.patch: use long jumps if there is any possibility of overflow in regcomp.c. - CVE-2020-10878 * SECURITY UPDATE: regex intermediate language state corruption - debian/patches/fixes/CVE-2020-12723.patch: avoid mutating regexp program within GOSUB in embed.fnc, embed.h, proto.h, regcomp.c, t/re/pat.t. - CVE-2020-12723 -- Marc Deslauriers <email address hidden> Mon, 19 Oct 2020 06:56:54 -0400
Available diffs
Superseded in hirsute-release |
Obsolete in groovy-release |
Deleted in groovy-proposed (Reason: moved to Release) |
perl (5.30.3-4) unstable; urgency=medium * Restore earlier behaviour where the shared version of Config.pm had precedence on @INC. This makes perl -V:useshrplib lie again, so that it can be used to check whether a shared libperl is available. Thanks to the PostgreSQL project for early testing. (See #798626) * Refresh cross support files and add support for ia64. -- Niko Tyni <email address hidden> Sun, 07 Jun 2020 10:56:32 +0300
Available diffs
- diff from 5.30.2-1 to 5.30.3-4 (147.6 KiB)
- diff from 5.30.3-3 to 5.30.3-4 (115.8 KiB)
perl (5.30.3-3) unstable; urgency=medium * Move the perl-base specific library path between vendor and core so that the separate libscalar-list-utils-perl package can override the version in perl-base. (See #962138) * Suppress an ExtUtils::MakeMaker warning about our new @INC arrangement. -- Niko Tyni <email address hidden> Sat, 06 Jun 2020 13:33:31 +0300
Available diffs
- diff from 5.30.3-2 to 5.30.3-3 (2.0 KiB)
perl (5.30.3-2) unstable; urgency=medium [ Niko Tyni ] * Fix version parsing logic in a maintainer test. * Move perl-base specific library up on @INC. This eliminates the chance of incompatible libperl5.xx modules overriding the perl-base ones during upgrades and the like. (Closes: #962138) [ Dominic Hargreaves ] * Remove lingering references to old deprecated modules (Closes: #961928) * Fix FTBFS with IPv6-only host (Closes: #962019) -- Dominic Hargreaves <email address hidden> Fri, 05 Jun 2020 00:21:01 +0100
Available diffs
- diff from 5.30.3-1 to 5.30.3-2 (5.1 KiB)
perl (5.30.3-1) unstable; urgency=medium [ Dominic Hargreaves ] * Update perlbug to no longer email deprecated bug address (Closes: #958721) [ Niko Tyni ] * Update the build system to debhelper compatibility level 13. [ Dominic Hargreaves ] * Update to new upstream version (Closes: #962005) + [SECURITY] CVE-2020-10543: Buffer overflow caused by a crafted regular expression + [SECURITY] CVE-2020-10878: Integer overflow via malformed bytecode produced by a crafted regular expression + [SECURITY] CVE-2020-12723: Buffer overflow caused by a crafted regular expression -- Dominic Hargreaves <email address hidden> Mon, 01 Jun 2020 22:23:43 +0100
Available diffs
- diff from 5.30.2-1 to 5.30.3-1 (28.2 KiB)
perl (5.30.2-1) unstable; urgency=medium [ Niko Tyni ] * Convert rt.perl.org links to GitHub issues in patch descriptions. [ Dominic Hargreaves ] * Update to new upstream version 5.30.2. * Fix test failure with certain sbuild configurations (Closes: #930095) -- Dominic Hargreaves <email address hidden> Sun, 17 May 2020 00:19:12 +0100
Available diffs
- diff from 5.30.0-10 to 5.30.2-1 (100.8 KiB)
perl (5.30.0-10) unstable; urgency=medium [ Dominic Hargreaves ] * Suggest libtap-harness-archive-perl for prove --archive (Closes: #947797) [ Niko Tyni ] * Apply upstream patches fixing Configure on GCC 10. (Closes: #957675) * Include commit hashes from upstream GitHub repo in patch descriptions. -- Niko Tyni <email address hidden> Fri, 17 Apr 2020 22:18:51 +0300
Available diffs
Superseded in groovy-release |
Published in focal-release |
Deleted in focal-proposed (Reason: moved to Release) |
perl (5.30.0-9build1) focal; urgency=medium * No-change rebuild to pick up dependency on libcrypt1. -- Matthias Klose <email address hidden> Fri, 06 Mar 2020 22:15:57 +0100
Available diffs
- diff from 5.30.0-9 (in Debian) to 5.30.0-9build1 (344 bytes)
perl (5.30.0-9) unstable; urgency=medium * Improve debian/t/control.t robustness fixing spurious failures when packages are missing from the current archive suite. (Closes: #943380) * Build with TZ=UTC again for reproducibility. (See #791362) * Fix cross builds harder, still due to -Dmksymlinks in 5.30.0-2. * Refresh cross build support files for most architectures. -- Niko Tyni <email address hidden> Sun, 27 Oct 2019 18:52:24 +0200
Available diffs
- diff from 5.30.0-7 to 5.30.0-9 (86.0 KiB)
- diff from 5.30.0-8 to 5.30.0-9 (82.8 KiB)
perl (5.30.0-8) unstable; urgency=medium * Minor fixes prompted by lintian: + remove outdated lintian overrides + outsource parsing debian/changelog to pkg-info.mk in dpkg-dev + move debian/source.lintian-overrides under debian/source + add Build-Depends-Package: libperl-dev to the libperl5.30 symbols file + reorganize debian/copyright a bit to ensure correct file globbing * Move perl-xs-dev Provides to libperl-dev, mark that Multi-Arch: same, and add an unversioned cross-config symlink to the versioned directory in libperl5.30 for easier consumption in depending packages. . Making perl-xs-dev not coinstallable between Perl major versions should keep build dependencies unambiguous. -- Niko Tyni <email address hidden> Sun, 20 Oct 2019 14:51:34 +0300
Available diffs
- diff from 5.30.0-7 to 5.30.0-8 (3.6 KiB)
perl (5.30.0-7) unstable; urgency=medium * Move perl-modules-5.30 to section "libs" to ease future Perl transitions (Closes: #942220) * Make libperl5.30 Provide perl-xs-dev and retire the perl-cross-config virtual package. See the thread around https://lists.debian.org/debian-perl/2019/10/msg00015.html -- Niko Tyni <email address hidden> Tue, 15 Oct 2019 16:35:07 +0300
Available diffs
Superseded in focal-release |
Obsolete in eoan-release |
Deleted in eoan-proposed (Reason: moved to Release) |
perl (5.28.1-6build1) eoan; urgency=medium * No-change rebuild. -- Matthias Klose <email address hidden> Wed, 11 Sep 2019 09:02:52 +0200
Available diffs
- diff from 5.28.1-6 (in Debian) to 5.28.1-6build1 (325 bytes)
Superseded in eoan-release |
Obsolete in disco-release |
Deleted in disco-proposed (Reason: moved to release) |
perl (5.28.1-6) unstable; urgency=medium * Fix NDBM autopkgtests by recreating necessary hardlinks at test time (Closes: #925179) * Update patch metadata for the POSIX::mblen() fix. -- Niko Tyni <email address hidden> Sun, 31 Mar 2019 14:51:22 +0300
Available diffs
- diff from 5.28.1-4 to 5.28.1-6 (5.3 KiB)
- diff from 5.28.1-5 to 5.28.1-6 (1.5 KiB)
perl (5.28.1-5) unstable; urgency=medium * Patch perlbug to use "editor" as the default editor. (Closes: #922609) * Add a Breaks entry for older versions of libdist-inkt-perl. (Closes: #924506) * Add a README.Debian note about overriding the default perldoc formatter. (See: #917530) * Include arch-specific data for NDBM and GDBM autopkgtests. (Closes: #923409) * Break older versions of libmarc-charset-perl, broken by libgdbm changes. (Closes: #924719) + Build-Depend on a current libgdbm-dev to guarantee compatibility with the new LFS-enabled database binary format. * Fix crashing POSIX::mblen(). (Closes: #924517) -- Niko Tyni <email address hidden> Sat, 16 Mar 2019 16:02:28 +0200
Available diffs
- diff from 5.28.1-4 to 5.28.1-5 (5.0 KiB)
perl (5.28.1-4) unstable; urgency=medium [ Dominic Hargreaves ] * Include upstream patches fixing piped open (Closes: #916313) [ Niko Tyni ] * Revert to upstream changes for disabling Storable probing. -- Niko Tyni <email address hidden> Sat, 02 Feb 2019 18:30:38 +0200
Available diffs
- diff from 5.28.1-3 to 5.28.1-4 (17.2 KiB)
perl (5.28.1-3) unstable; urgency=low [ Dominic Hargreaves ] * Include upstream patches fixing perl -i (Closes: #914651) [ Niko Tyni ] * Re-adopt versioned Provides for the dual lived modules. (Closes: #758100) + upload with low urgency in the unlikely case that this hits new Debian infrastructure issues like it did in 2017 -- Niko Tyni <email address hidden> Fri, 07 Dec 2018 15:23:05 +0200
Available diffs
- diff from 5.28.0-3 to 5.28.1-3 (223.8 KiB)
- diff from 5.28.1-2 to 5.28.1-3 (14.5 KiB)
perl (5.28.1-2) unstable; urgency=medium [ Dominic Hargreaves ] * Add 5.28.1 to debian/released-versions * Drop incorrect libversion-requirements-perl Provides (Closes: #914809) [ Niko Tyni ] * Add a maintainer / autopkgtest check for debian/released-versions contents. * Apply patch by Bernhard M. Wiedemann fixing Time-Local tests in the year 2020 and onwards. (Closes: #915209) * Fix t/porting/manifest.t failures when run in a git checkout. (Closes: #914962) * Add current data for database and compression autopkgtest checks. * Update cross build support files. * Slightly improve maintainer test stderr handling. * Disable Storable stacksize probing at build time. (Closes: #914133) + apply upstream patches that disable the probing when cross-compiling + amend the cross-compling fix to also look at PERL_STORABLE_DONT_PROBE in the environment, and set that in debian/rules -- Niko Tyni <email address hidden> Mon, 03 Dec 2018 20:24:24 +0200
Available diffs
- diff from 5.28.1-1 to 5.28.1-2 (129.5 KiB)
perl (5.28.1-1) unstable; urgency=high [ Niko Tyni ] * Special case libextutils-parsexs-perl in maintainer / autopkgtest checks (Closes: #914222) * Update patch metadata for patches applied upstream. [ Dominic Hargreaves ] * Include note in README.source about importing new upstream releases. * New upstream release - [SECURITY] CVE-2018-18311: Integer overflow leading to buffer overflow and segmentation fault - [SECURITY] CVE-2018-18312: Heap-buffer-overflow write in S_regatom (regcomp.c) -- Dominic Hargreaves <email address hidden> Thu, 29 Nov 2018 19:17:43 +0000
Available diffs
- diff from 5.28.0-4 to 5.28.1-1 (82.2 KiB)
perl (5.18.2-2ubuntu1.7) trusty-security; urgency=medium * SECURITY UPDATE: Integer overflow leading to buffer overflow - debian/patches/fixes/CVE-2018-18311.patch: handle integer wrap in util.c. - CVE-2018-18311 * SECURITY UPDATE: Heap-buffer-overflow read - debian/patches/fixes/CVE-2018-18313.patch: convert some strchr to memchr in regcomp.c. - CVE-2018-18313 -- Marc Deslauriers <email address hidden> Tue, 20 Nov 2018 09:27:15 -0500
Available diffs
perl (5.22.1-9ubuntu0.6) xenial-security; urgency=medium * SECURITY UPDATE: Integer overflow leading to buffer overflow - debian/patches/fixes/CVE-2018-18311.patch: handle integer wrap in util.c. - CVE-2018-18311 * SECURITY UPDATE: Heap-buffer-overflow write / reg_node overrun - debian/patches/fixes/CVE-2018-18312.patch: fix logic in regcomp.c. - CVE-2018-18312 * SECURITY UPDATE: Heap-buffer-overflow read - debian/patches/fixes/CVE-2018-18313.patch: convert some strchr to memchr in regcomp.c. - CVE-2018-18313 * SECURITY UPDATE: Heap-based buffer overflow - debian/patches/fixes/CVE-2018-18314.patch: fix extended charclass in pod/perldiag.pod, pod/perlrecharclass.pod, regcomp.c, t/re/reg_mesg.t, t/re/regex_sets.t. - CVE-2018-18314 -- Marc Deslauriers <email address hidden> Mon, 19 Nov 2018 13:29:35 -0500
Available diffs
perl (5.28.0-4) unstable; urgency=medium [ Dominic Hargreaves ] * Add missing test dependency for 'prove' test (Closes: #913096) [ Niko Tyni ] * Make perl Break apt-show-versions (<< 0.22.10) due to Storable changes. (Closes: #913349) * Cherry-pick several upstream fixes: + improve Storable recursion checks (Closes: #912900) + fix $^X when /proc is not mounted (Closes: #913347) + avoid mangling /bin non-perl shebangs on merged-/usr systems (Closes: #913637) * Apply patch from Helmut Grohne making Errno_pm.PL compatible with /usr/include/<ARCH>/errno.h . (Closes: #875921) * Apply patch from James Clarke fixing 'perl -i' functionality on kfreebsd. (See #912521) * Change perl-debug package priority from extra to optional. * Remove unused outdated lintian overrides. * Make perl-base and libperl5.28 Suggest sensible-utils for sensible-pager. (Closes: #914013) -- Niko Tyni <email address hidden> Mon, 19 Nov 2018 20:01:39 +0200
Available diffs
- diff from 5.28.0-3 to 5.28.0-4 (9.4 KiB)
perl (5.26.1-6ubuntu0.3) bionic-security; urgency=medium * SECURITY UPDATE: Integer overflow leading to buffer overflow - debian/patches/fixes/CVE-2018-18311.patch: handle integer wrap in util.c. - CVE-2018-18311 * SECURITY UPDATE: Heap-buffer-overflow write / reg_node overrun - debian/patches/fixes/CVE-2018-18312.patch: fix logic in regcomp.c. - CVE-2018-18312 * SECURITY UPDATE: Heap-buffer-overflow read - debian/patches/fixes/CVE-2018-18313.patch: convert some strchr to memchr in regcomp.c. - CVE-2018-18313 * SECURITY UPDATE: Heap-based buffer overflow - debian/patches/fixes/CVE-2018-18314.patch: fix extended charclass in pod/perldiag.pod, pod/perlrecharclass.pod, regcomp.c, t/lib/warnings/regcomp, t/re/reg_mesg.t, t/re/regex_sets.t. - CVE-2018-18314 -- Marc Deslauriers <email address hidden> Mon, 19 Nov 2018 10:54:44 -0500
Available diffs
perl (5.26.2-7ubuntu0.1) cosmic-security; urgency=medium * SECURITY UPDATE: Integer overflow leading to buffer overflow - debian/patches/fixes/CVE-2018-18311.patch: handle integer wrap in util.c. - CVE-2018-18311 * SECURITY UPDATE: Heap-buffer-overflow write / reg_node overrun - debian/patches/fixes/CVE-2018-18312.patch: fix logic in regcomp.c. - CVE-2018-18312 * SECURITY UPDATE: Heap-buffer-overflow read - debian/patches/fixes/CVE-2018-18313.patch: convert some strchr to memchr in regcomp.c. - CVE-2018-18313 * SECURITY UPDATE: Heap-based buffer overflow - debian/patches/fixes/CVE-2018-18314.patch: fix extended charclass in pod/perldiag.pod, pod/perlrecharclass.pod, regcomp.c, t/lib/warnings/regcomp, t/re/reg_mesg.t, t/re/regex_sets.t. - CVE-2018-18314 -- Marc Deslauriers <email address hidden> Mon, 19 Nov 2018 10:05:42 -0500
Available diffs
perl (5.28.0-3) unstable; urgency=medium * Temporarily patch GDBM_File fatal.t for gdbm >= 1.16 compatibility. (Closes: #904005) * Merge 5.26.2-7 from unstable. * Update debian/released-versions to include 5.28.0. * Remove 5.26 specific SIGUNUSED related config.sh fiddling. * Upload to unstable. -- Niko Tyni <email address hidden> Wed, 31 Oct 2018 17:45:10 +0200
Available diffs
- diff from 5.26.2-7 to 5.28.0-3 (4.3 MiB)
Superseded in disco-release |
Obsolete in cosmic-release |
Deleted in cosmic-proposed (Reason: moved to release) |
perl (5.26.2-7) unstable; urgency=medium * Temporarily skip GDBM_File fatal.t for gdbm >= 1.15 compatibility. (Closes: #904005) -- Niko Tyni <email address hidden> Sun, 12 Aug 2018 11:26:41 +0300
Available diffs
- diff from 5.26.2-6 to 5.26.2-7 (8.9 KiB)
perl (5.26.1-6ubuntu0.2) bionic; urgency=high * No change rebuild to fix LP: #1574351 -- Balint Reczey <email address hidden> Wed, 18 Jul 2018 16:21:03 +0200
Available diffs
perl (5.26.1-6ubuntu0.1) bionic-security; urgency=medium * SECURITY UPDATE: Directory traversal vulnerability - debian/patches/fixes/CVE-2018-12015.patch: fix ing cpan/Archive-Tar/lib/Archive/Tar.pm. - CVE-2018-12015 -- <email address hidden> (Leonidas S. Barbosa) Tue, 12 Jun 2018 16:32:02 -0300
Available diffs
perl (5.26.0-8ubuntu1.2) artful-security; urgency=medium * SECURITY UPDATE: Directory traversal vulnerability - debian/patches/fixes/CVE-2018-12015.patch: fix ing cpan/Archive-Tar/lib/Archive/Tar.pm. - CVE-2018-12015 -- <email address hidden> (Leonidas S. Barbosa) Tue, 12 Jun 2018 16:28:18 -0300
Available diffs
perl (5.18.2-2ubuntu1.6) trusty-security; urgency=medium * SECURITY UPDATE: Directory traversal vulnerability - debian/patches/fixes/CVE-2018-12015.patch: fix ing cpan/Archive-Tar/lib/Archive/Tar.pm. - CVE-2018-12015 -- <email address hidden> (Leonidas S. Barbosa) Tue, 12 Jun 2018 17:00:53 -0300
Available diffs
perl (5.22.1-9ubuntu0.5) xenial-security; urgency=medium * SECURITY UPDATE: Directory traversal vulnerability - debian/patches/fixes/CVE-2018-12015.patch: fix ing cpan/Archive-Tar/lib/Archive/Tar.pm. - CVE-2018-12015 -- <email address hidden> (Leonidas S. Barbosa) Tue, 12 Jun 2018 16:30:44 -0300
Available diffs
1 → 75 of 246 results | First • Previous • Next • Last |