Change log for perl package in Ubuntu
| 1 → 75 of 246 results | First • Previous • Next • Last |
perl (5.38.2-4) unstable; urgency=medium * Import t64 NMUs. * Fix autopkgtest regression caused by the NMUs. (Closes: #1068934) -- Niko Tyni <email address hidden> Sat, 27 Apr 2024 18:32:01 +0300
Available diffs
- diff from 5.38.2-3.2build2 (in Ubuntu) to 5.38.2-4 (1023 bytes)
| Superseded in oracular-release |
| Published in noble-release |
| Deleted in noble-proposed (Reason: Moved to noble) |
perl (5.38.2-3.2build2) noble; urgency=medium * No-change rebuild for time_t transition. -- Sergio Durigan Junior <email address hidden> Fri, 05 Apr 2024 15:57:12 -0400
Available diffs
- diff from 5.38.2-3.2build1 to 5.38.2-3.2build2 (321 bytes)
perl (5.38.2-3.2build1) noble; urgency=medium * No-change rebuild for CVE-2024-3094 -- Steve Langasek <email address hidden> Sun, 31 Mar 2024 08:13:57 +0000
Available diffs
perl (5.38.2-3.2) unstable; urgency=medium
* Non-maintainer upload.
* Fix check for i386 to avoid transitioning there. Closes: #1065483.
* Manually add perlapi-5.38.2t64 to Provides: on i386 to avoid another
difficult transition.
-- Steve Langasek <email address hidden> Wed, 06 Mar 2024 17:19:01 +0000
Available diffs
- diff from 5.38.2-3 to 5.38.2-3.2 (16.9 KiB)
- diff from 5.38.2-3ubuntu1 (in Ubuntu) to 5.38.2-3.2 (17.2 KiB)
| Superseded in noble-proposed |
perl (5.38.2-3ubuntu1) noble; urgency=medium * debian/rules: Use t64 perl ABI on 32-bit architectures -- Julian Andres Klode <email address hidden> Thu, 29 Feb 2024 10:06:01 +0100
Available diffs
| Deleted in noble-updates (Reason: superseded by release) |
| Superseded in noble-release |
| Deleted in noble-proposed (Reason: Moved to noble) |
perl (5.38.2-3) unstable; urgency=medium * Unbreak locale initialization when embedding perl. (Closes: #1060456) -- Niko Tyni <email address hidden> Fri, 12 Jan 2024 18:16:08 +0200
Available diffs
- diff from 5.36.0-10ubuntu1 (in Ubuntu) to 5.38.2-3 (3.2 MiB)
- diff from 5.38.2-2 to 5.38.2-3 (1.0 KiB)
perl (5.38.2-2) unstable; urgency=medium
* Update copyright file for the superfast hash algorithm removal.
Thanks to Milton Moura. (Closes: #1054457)
* Add 5.38.2 to debian/released-versions.
* Upload to unstable.
-- Niko Tyni <email address hidden> Tue, 09 Jan 2024 22:05:06 +0200
Available diffs
perl (5.36.0-10ubuntu1) noble; urgency=medium
* Merge with Debian; remaining changes:
- Fix for CVE-2023-31484.
Available diffs
perl (5.30.0-9ubuntu0.5) focal-security; urgency=medium
* SECURITY UPDATE: heap overflow via regular expression
- debian/patches/CVE-2023-47038.patch: fix read/write past buffer end
in regcomp.c, t/re/pat_advanced.t.
- CVE-2023-47038
-- Marc Deslauriers <email address hidden> Thu, 23 Nov 2023 10:02:19 -0500
Available diffs
perl (5.34.0-3ubuntu1.3) jammy-security; urgency=medium
* SECURITY UPDATE: heap overflow via regular expression
- debian/patches/CVE-2023-47038.patch: fix read/write past buffer end
in regcomp.c, t/re/pat_advanced.t.
- CVE-2023-47038
* SECURITY UPDATE: infinite recursion via warning message printing
- debian/patches/CVE-2022-48522.patch: fix warning handling in sv.c,
t/lib/warnings/sv.
- CVE-2022-48522
-- Marc Deslauriers <email address hidden> Thu, 23 Nov 2023 09:56:46 -0500
Available diffs
perl (5.36.0-7ubuntu0.23.04.2) lunar-security; urgency=medium
* SECURITY UPDATE: heap overflow via regular expression
- debian/patches/CVE-2023-47038.patch: fix read/write past buffer end
in regcomp.c, t/re/pat_advanced.t.
- CVE-2023-47038
-- Marc Deslauriers <email address hidden> Thu, 23 Nov 2023 09:55:20 -0500
perl (5.36.0-9ubuntu1.1) mantic-security; urgency=medium
* SECURITY UPDATE: heap overflow via regular expression
- debian/patches/CVE-2023-47038.patch: fix read/write past buffer end
in regcomp.c, t/re/pat_advanced.t.
- CVE-2023-47038
-- Marc Deslauriers <email address hidden> Thu, 23 Nov 2023 09:53:16 -0500
Available diffs
| Superseded in noble-release |
| Published in mantic-release |
| Deleted in mantic-proposed (Reason: Moved to mantic) |
perl (5.36.0-9ubuntu1) mantic; urgency=medium
* Merge with Debian; remaining changes:
- Fix for CVE-2023-31484.
Available diffs
- diff from 5.36.0-7ubuntu1 to 5.36.0-9ubuntu1 (14.6 KiB)
- diff from 5.36.0-7ubuntu3 to 5.36.0-9ubuntu1 (15.7 KiB)
| Superseded in mantic-proposed |
perl (5.36.0-7ubuntu3) mantic; urgency=medium
* Unconditionally use Perl_my_strlcat and Perl_my_strlcpy to avoid
an ABI break with glibc 2.38 (can be dropped with perl 5.38).
-- Matthias Klose <email address hidden> Thu, 07 Sep 2023 08:58:55 +0200
Available diffs
- diff from 5.36.0-7ubuntu2 to 5.36.0-7ubuntu3 (913 bytes)
| Superseded in mantic-proposed |
perl (5.36.0-7ubuntu2) mantic; urgency=medium
* Unconditionally use Perl_my_strlcat and Perl_my_strlcpy to avoid
an ABI break with glibc 2.38 (can be dropped with perl 5.38).
-- Matthias Klose <email address hidden> Thu, 07 Sep 2023 08:58:55 +0200
Available diffs
perl (5.36.0-7ubuntu1) mantic; urgency=medium
* SECURITY UPDATE: insecure default TLS configuration in HTTP::Tiny module
- debian/patches/CVE-2023-31484.patch: add verify_SSL=>1 to HTTP::Tiny to
verify https server identity.
- CVE-2023-31484
-- Camila Camargo de Matos <email address hidden> Tue, 23 May 2023 14:20:48 -0300
Available diffs
perl (5.36.0-7ubuntu0.23.04.1) lunar-security; urgency=medium
* SECURITY UPDATE: insecure default TLS configuration in HTTP::Tiny module
- debian/patches/CVE-2023-31484.patch: add verify_SSL=>1 to HTTP::Tiny to
verify https server identity.
- CVE-2023-31484
-- Camila Camargo de Matos <email address hidden> Tue, 23 May 2023 14:19:09 -0300
Available diffs
perl (5.34.0-5ubuntu1.2) kinetic-security; urgency=medium
* SECURITY UPDATE: insecure default TLS configuration in HTTP::Tiny module
- debian/patches/CVE-2023-31484.patch: add verify_SSL=>1 to HTTP::Tiny to
verify https server identity.
- CVE-2023-31484
-- Camila Camargo de Matos <email address hidden> Tue, 23 May 2023 14:18:57 -0300
Available diffs
- diff from 5.34.0-5ubuntu1.1 to 5.34.0-5ubuntu1.2 (882 bytes)
perl (5.34.0-3ubuntu1.2) jammy-security; urgency=medium
* SECURITY UPDATE: insecure default TLS configuration in HTTP::Tiny module
- debian/patches/CVE-2023-31484.patch: add verify_SSL=>1 to HTTP::Tiny to
verify https server identity.
- CVE-2023-31484
-- Camila Camargo de Matos <email address hidden> Tue, 23 May 2023 14:18:13 -0300
Available diffs
- diff from 5.34.0-3ubuntu1.1 to 5.34.0-3ubuntu1.2 (884 bytes)
perl (5.30.0-9ubuntu0.4) focal-security; urgency=medium
* SECURITY UPDATE: insecure default TLS configuration in HTTP::Tiny module
- debian/patches/CVE-2023-31484.patch: add verify_SSL=>1 to HTTP::Tiny to
verify https server identity.
- CVE-2023-31484
* debian/patches/fix-ext-POSIX-t-mb-test.patch: fix edge case test failure
in ext/POSIX/t/mb.t.
-- Camila Camargo de Matos <email address hidden> Tue, 23 May 2023 14:17:48 -0300
Available diffs
perl (5.26.1-6ubuntu0.7) bionic-security; urgency=medium
* SECURITY UPDATE: insecure default TLS configuration in HTTP::Tiny module
- debian/patches/CVE-2023-31484.patch: add verify_SSL=>1 to HTTP::Tiny to
verify https server identity.
- CVE-2023-31484
-- Camila Camargo de Matos <email address hidden> Tue, 23 May 2023 14:17:19 -0300
Available diffs
- diff from 5.26.1-6ubuntu0.6 to 5.26.1-6ubuntu0.7 (881 bytes)
| Superseded in mantic-release |
| Published in lunar-release |
| Deleted in lunar-proposed (Reason: Moved to lunar) |
perl (5.36.0-7) unstable; urgency=medium
* Break backuppc (<< 4.4.0-7~) due to Data::Dumper changes in 5.36
(Closes: #1026270)
-- Niko Tyni <email address hidden> Sun, 08 Jan 2023 23:28:47 +0200
Available diffs
- diff from 5.36.0-4ubuntu2 (in Ubuntu) to 5.36.0-7 (56.4 KiB)
- diff from 5.36.0-6 to 5.36.0-7 (476 bytes)
perl (5.36.0-6) unstable; urgency=medium * Break duck (<< 0.14.1) due to #1025722 -- Niko Tyni <email address hidden> Sat, 10 Dec 2022 10:15:23 +0200
Available diffs
perl (5.34.0-5ubuntu1.1) kinetic-security; urgency=medium
* SECURITY UPDATE: Signature verification bypass
- debian/patches/CVE-2020-16156-1.patch: signature
verification type CANNOT_VERIFY was not recognized
in cpan/CPAN/lib/CPAN/Distribution.pm.
- debia/patches/CVE-2020-16156-2.patch: add two new failure modes
in cpan/CPAN/lib/CPAN/Distribution.pm.
- debian/patches/CVE-2020-16156-3.patch: use gpg
to disentangle data and signature in cpan/CPAN/lib/CPAN/Distribution.pm.
- debian/patches/CVE-2020-16156-4.patch: replacing die with mydie in
three spots in cpan/CPAN/lib/CPAN/Distribution.pm.
- debian/patches/CVE-2020-16156-5.patch: disambiguate the call
to gpg --output by adding --verify in
cpan/CPAN/lib/CPAN/Distribution.pm.
- debian/patches/CVE-2020-16156-6.patch: corrects typo
in cpan/CPAN/lib/CPAN/Distribution.pm.
- debian/patches/CVE-2020-16156-7.patch: corrects typo
in cpan/CPAN/lib/CPAN/Distribution.pm.
- CVE-2020-16156
-- Leonidas Da Silva Barbosa <email address hidden> Tue, 04 Oct 2022 09:36:22 -0300
Available diffs
perl (5.36.0-4ubuntu2) lunar; urgency=medium * Rebuild against new perlapi-5.36. -- Gianfranco Costamagna <email address hidden> Fri, 04 Nov 2022 12:18:03 +0100
Available diffs
| Superseded in lunar-proposed |
perl (5.36.0-4ubuntu1) lunar; urgency=low
* Merge from Debian unstable. Remaining changes:
- Disable two porting/libperl.t tests, only run on x86*, and only
testing the static libperl.a.
- Disable the same porting/libperl.t tests on x86*, as on the other
Linux architectures.
Available diffs
perl (5.30.0-9ubuntu0.3) focal-security; urgency=medium
* SECURITY UPDATE: Signature verification bypass
- debian/patches/CVE-2020-16156-1.patch: signature
verification type CANNOT_VERIFY was not recognized
in cpan/CPAN/lib/CPAN/Distribution.pm.
- debia/patches/CVE-2020-16156-2.patch: add two new failure modes
in cpan/CPAN/lib/CPAN/Distribution.pm.
- debian/patches/CVE-2020-16156-3.patch: use gpg
to disentangle data and signature in cpan/CPAN/lib/CPAN/Distribution.pm.
- debian/patches/CVE-2020-16156-4.patch: replacing die with mydie in
three spots in cpan/CPAN/lib/CPAN/Distribution.pm.
- debian/patches/CVE-2020-16156-5.patch: disambiguate the call
to gpg --output by adding --verify in
cpan/CPAN/lib/CPAN/Distribution.pm.
- debian/patches/CVE-2020-16156-6.patch: corrects typo
in cpan/CPAN/lib/CPAN/Distribution.pm.
- debian/patches/CVE-2020-16156-7.patch: corrects typo
in cpan/CPAN/lib/CPAN/Distribution.pm.
- CVE-2020-16156
-- Leonidas Da Silva Barbosa <email address hidden> Wed, 05 Oct 2022 07:27:25 -0300
Available diffs
perl (5.26.1-6ubuntu0.6) bionic-security; urgency=medium
* SECURITY UPDATE: Signature verification bypass
- debian/patches/CVE-2020-16156-1.patch: signature
verification type CANNOT_VERIFY was not recognized
in cpan/CPAN/lib/CPAN/Distribution.pm.
- debia/patches/CVE-2020-16156-2.patch: add two new failure modes
in cpan/CPAN/lib/CPAN/Distribution.pm.
- debian/patches/CVE-2020-16156-3.patch: use gpg
to disentangle data and signature in cpan/CPAN/lib/CPAN/Distribution.pm.
- debian/patches/CVE-2020-16156-4.patch: replacing die with mydie in
three spots in cpan/CPAN/lib/CPAN/Distribution.pm.
- debian/patches/CVE-2020-16156-5.patch: disambiguate the call
to gpg --output by adding --verify in
cpan/CPAN/lib/CPAN/Distribution.pm.
- debian/patches/CVE-2020-16156-6.patch: corrects typo
in cpan/CPAN/lib/CPAN/Distribution.pm.
- debian/patches/CVE-2020-16156-7.patch: corrects typo
in cpan/CPAN/lib/CPAN/Distribution.pm.
- CVE-2020-16156
-- Leonidas Da Silva Barbosa <email address hidden> Wed, 05 Oct 2022 07:49:22 -0300
Available diffs
perl (5.34.0-3ubuntu1.1) jammy-security; urgency=medium
* SECURITY UPDATE: Signature verification bypass
- debian/patches/CVE-2020-16156-1.patch: signature
verification type CANNOT_VERIFY was not recognized
in cpan/CPAN/lib/CPAN/Distribution.pm.
- debia/patches/CVE-2020-16156-2.patch: add two new failure modes
in cpan/CPAN/lib/CPAN/Distribution.pm.
- debian/patches/CVE-2020-16156-3.patch: use gpg
to disentangle data and signature in cpan/CPAN/lib/CPAN/Distribution.pm.
- debian/patches/CVE-2020-16156-4.patch: replacing die with mydie in
three spots in cpan/CPAN/lib/CPAN/Distribution.pm.
- debian/patches/CVE-2020-16156-5.patch: disambiguate the call
to gpg --output by adding --verify in
cpan/CPAN/lib/CPAN/Distribution.pm.
- debian/patches/CVE-2020-16156-6.patch: corrects typo
in cpan/CPAN/lib/CPAN/Distribution.pm.
- debian/patches/CVE-2020-16156-7.patch: corrects typo
in cpan/CPAN/lib/CPAN/Distribution.pm.
- CVE-2020-16156
-- Leonidas Da Silva Barbosa <email address hidden> Tue, 04 Oct 2022 15:16:23 -0300
Available diffs
| Superseded in lunar-release |
| Obsolete in kinetic-release |
| Deleted in kinetic-proposed (Reason: Moved to kinetic) |
perl (5.34.0-5ubuntu1) kinetic; urgency=medium
* Merge with Debian; remaining changes:
- Disable two porting/libperl.t tests, only run on x86*, and only
testing the static libperl.a.
- Disable the same porting/libperl.t tests on x86*, as on the other
Linux architectures.
Available diffs
- diff from 5.34.0-3ubuntu1 to 5.34.0-5ubuntu1 (61.3 KiB)
| Superseded in kinetic-release |
| Published in jammy-release |
| Deleted in jammy-proposed (Reason: Moved to jammy) |
perl (5.34.0-3ubuntu1) jammy; urgency=medium
* Merge with Debian; remaining changes:
- Disable two porting/libperl.t tests, only run on x86*, and only
testing the static libperl.a.
- Disable the same porting/libperl.t tests on x86*, as on the other
Linux architectures.
Available diffs
| Superseded in jammy-proposed |
perl (5.32.1-6ubuntu1) jammy; urgency=medium
* Merge with Debian; remaining changes:
- Disable two porting/libperl.t tests, only run on x86*, and only
testing the static libperl.a.
- Disable the same porting/libperl.t tests on x86*, as on the other
Linux architectures.
Available diffs
perl (5.32.1-6) unstable; urgency=medium * Add ARC cross build support files from Evgeniy Didin. (Closes: #990305) * Apply upstream patch fixing a regexp memory leak. (Closes: #994834) -- Niko Tyni <email address hidden> Fri, 24 Sep 2021 18:20:33 +0300
| Superseded in jammy-release |
| Obsolete in impish-release |
| Deleted in impish-proposed (Reason: Moved to impish) |
perl (5.32.1-3ubuntu3) impish; urgency=medium
* SECURITY UPDATE: Encode library can be made to run arbitrary Perl code
from the current working directory
- debian/patches/CVE-2021-36770.patch: mitigate @INC pollution when
loading ConfigLocal in cpan/Encode/Encode.pm.
- CVE-2021-36770
-- Marc Deslauriers <email address hidden> Mon, 02 Aug 2021 08:24:15 -0400
Available diffs
perl (5.32.1-3ubuntu2.1) hirsute-security; urgency=medium
* SECURITY UPDATE: Encode library can be made to run arbitrary Perl code
from the current working directory
- debian/patches/CVE-2021-36770.patch: mitigate @INC pollution when
loading ConfigLocal in cpan/Encode/Encode.pm.
- CVE-2021-36770
-- Marc Deslauriers <email address hidden> Mon, 02 Aug 2021 08:24:15 -0400
Available diffs
| Superseded in impish-release |
| Obsolete in hirsute-release |
| Deleted in hirsute-proposed (Reason: Moved to hirsute) |
perl (5.32.1-3ubuntu2) hirsute; urgency=medium
* Disable two porting/libperl.t tests, only run on x86*, and only
testing the static libperl.a.
* Disable the same porting/libperl.t tests on x86*, as on the other
Linux architectures.
-- Matthias Klose <email address hidden> Tue, 23 Mar 2021 17:50:32 +0100
Available diffs
- diff from 5.32.1-2 (in Debian) to 5.32.1-3ubuntu2 (100.0 KiB)
- diff from 5.32.1-3ubuntu1 to 5.32.1-3ubuntu2 (735 bytes)
| Superseded in hirsute-proposed |
perl (5.32.1-3ubuntu1) hirsute; urgency=medium
* Disable two porting/libperl.t tests, only run on x86*, and only
testing the static libperl.a.
-- Matthias Klose <email address hidden> Tue, 23 Mar 2021 17:02:20 +0100
Available diffs
perl (5.32.1-3) unstable; urgency=medium
* Refresh cross build support files for 5.32.1. (Closes: #983099)
+ Update source documentation (README.Source, debian/cross/README)
with cross build support information.
-- Niko Tyni <email address hidden> Thu, 25 Feb 2021 16:52:03 +0200
Available diffs
- diff from 5.32.1-2 to 5.32.1-3 (99.1 KiB)
perl (5.32.1-2) unstable; urgency=medium
* Update relations with libmodule-corelist-perl to fix autopkgtest
failures (Closes: #981409)
* Add Breaks on earlier versions of libdevel-mat-dumper-perl built
against earlier versions of perl (Closes: #981493)
* Add 5.32.1 to debian/released-versions
* Upload to unstable
-- Dominic Hargreaves <email address hidden> Mon, 01 Feb 2021 22:44:54 +0000
Available diffs
- diff from 5.32.0-6 to 5.32.1-2 (92.1 KiB)
perl (5.32.0-6) unstable; urgency=medium
[ Dominic Hargreaves ]
* Update lintian overrides with various severity info and pedantic
tags
[ Niko Tyni ]
* Add patch from Chris Lamb removing traces of the build directory from
the binary packages. (Closes: #972559)
* Refresh cross build support files.
* Make perl Break the old perl-modules-5.24 package. (Closes: #976666)
* Add a missing test dependency on dpkg-dev.
-- Niko Tyni <email address hidden> Sun, 13 Dec 2020 20:58:36 +0200
Available diffs
- diff from 5.32.0-5 to 5.32.0-6 (110.1 KiB)
perl (5.32.0-5) unstable; urgency=medium
[ Dominic Hargreaves ]
* Add Breaks on versions of pod2pdf, bucardo, latexml, kio-perldoc
which didn't depend on libpod-parser-perl (Closes: #974029)
* Add Breaks on libencode-arabic-perl which had an autopkgtest
regression with perl 5.32 (Closes: #974170)
[ Niko Tyni ]
* Update debian/copyright for 5.32.0 proper
* Add test dependency on libdpkg-perl
* Add Breaks on older versions of libmp3-tag-perl (see #947756)
-- Dominic Hargreaves <email address hidden> Sat, 14 Nov 2020 11:19:57 +0000
Available diffs
- diff from 5.30.3-4 to 5.32.0-5 (2.5 MiB)
- diff from 5.32.0-4 to 5.32.0-5 (955 bytes)
perl (5.32.0-4) unstable; urgency=medium * Upload to unstable -- Dominic Hargreaves <email address hidden> Sun, 08 Nov 2020 16:57:57 +0000
perl (5.14.2-6ubuntu2.11) precise-security; urgency=medium
[ Marc Deslauriers ]
* SECURITY UPDATE: heap buffer overflow in regex compiler
- debian/patches/CVE-2020-10543.patch: prevent integer overflow
from nested regex quantifiers in regcomp.c.
- CVE-2020-10543
* SECURITY UPDATE: regex intermediate language state corruption
- debian/patches/CVE-2020-10878.patch: extract
rck_elide_nothing in embed.fnc, embed.h, proto.h, regcomp.c.
- CVE-2020-10878
* SECURITY UPDATE: regex intermediate language state corruption
- debian/patches/CVE-2020-12723.patch: avoid mutating regexp
program within GOSUB in embed.fnc, embed.h, proto.h, regcomp.c,
t/re/pat.t.
- CVE-2020-12723
* debian/patches/fix_test_2020.patch: fix FTBFS caused by test
failing in the year 2020 in cpan/Time-Local/t/Local.t.
-- <email address hidden> (Leonidas S. Barbosa) Mon, 26 Oct 2020 09:21:23 -0300
Available diffs
perl (5.22.1-9ubuntu0.9) xenial-security; urgency=medium
* SECURITY UPDATE: heap buffer overflow in regex compiler
- debian/patches/fixes/CVE-2020-10543.patch: prevent integer overflow
from nested regex quantifiers in regcomp.c.
- CVE-2020-10543
* SECURITY UPDATE: regex intermediate language state corruption
- debian/patches/fixes/CVE-2020-10878.patch: extract
rck_elide_nothing in embed.fnc, embed.h, proto.h, regcomp.c.
- CVE-2020-10878
* SECURITY UPDATE: regex intermediate language state corruption
- debian/patches/fixes/CVE-2020-12723.patch: avoid mutating regexp
program within GOSUB in embed.fnc, embed.h, proto.h, regcomp.c,
t/re/pat.t.
- CVE-2020-12723
* debian/patches/fixes/fix_test_2020.patch: fix FTBFS caused by test
failing in the year 2020 in cpan/Time-Local/t/Local.t.
-- Marc Deslauriers <email address hidden> Mon, 19 Oct 2020 06:57:56 -0400
perl (5.26.1-6ubuntu0.5) bionic-security; urgency=medium
* SECURITY UPDATE: heap buffer overflow in regex compiler
- debian/patches/fixes/CVE-2020-10543.patch: prevent integer overflow
from nested regex quantifiers in regcomp.c.
- CVE-2020-10543
* SECURITY UPDATE: regex intermediate language state corruption
- debian/patches/fixes/CVE-2020-10878.patch: extract
rck_elide_nothing in embed.fnc, embed.h, proto.h, regcomp.c.
- CVE-2020-10878
* SECURITY UPDATE: regex intermediate language state corruption
- debian/patches/fixes/CVE-2020-12723.patch: avoid mutating regexp
program within GOSUB in embed.fnc, embed.h, proto.h, regcomp.c,
t/re/pat.t.
- CVE-2020-12723
* debian/patches/fixes/fix_test_2020.patch: fix FTBFS caused by test
failing in the year 2020 in cpan/Time-Local/t/Local.t.
-- Marc Deslauriers <email address hidden> Mon, 19 Oct 2020 06:57:24 -0400
perl (5.30.0-9ubuntu0.2) focal-security; urgency=medium
* SECURITY UPDATE: heap buffer overflow in regex compiler
- debian/patches/fixes/CVE-2020-10543.patch: prevent integer overflow
from nested regex quantifiers in regcomp.c.
- CVE-2020-10543
* SECURITY UPDATE: regex intermediate language state corruption
- debian/patches/fixes/CVE-2020-10878-1.patch: extract
rck_elide_nothing in embed.fnc, embed.h, proto.h, regcomp.c.
- debian/patches/fixes/CVE-2020-10878-2.patch: use long jumps if there
is any possibility of overflow in regcomp.c.
- CVE-2020-10878
* SECURITY UPDATE: regex intermediate language state corruption
- debian/patches/fixes/CVE-2020-12723.patch: avoid mutating regexp
program within GOSUB in embed.fnc, embed.h, proto.h, regcomp.c,
t/re/pat.t.
- CVE-2020-12723
-- Marc Deslauriers <email address hidden> Mon, 19 Oct 2020 06:56:54 -0400
Available diffs
| Superseded in hirsute-release |
| Obsolete in groovy-release |
| Deleted in groovy-proposed (Reason: moved to Release) |
perl (5.30.3-4) unstable; urgency=medium
* Restore earlier behaviour where the shared version of Config.pm
had precedence on @INC. This makes perl -V:useshrplib lie again,
so that it can be used to check whether a shared libperl is
available. Thanks to the PostgreSQL project for early testing.
(See #798626)
* Refresh cross support files and add support for ia64.
-- Niko Tyni <email address hidden> Sun, 07 Jun 2020 10:56:32 +0300
Available diffs
- diff from 5.30.2-1 to 5.30.3-4 (147.6 KiB)
- diff from 5.30.3-3 to 5.30.3-4 (115.8 KiB)
perl (5.30.3-3) unstable; urgency=medium
* Move the perl-base specific library path between vendor and core so
that the separate libscalar-list-utils-perl package can override the
version in perl-base. (See #962138)
* Suppress an ExtUtils::MakeMaker warning about our new @INC arrangement.
-- Niko Tyni <email address hidden> Sat, 06 Jun 2020 13:33:31 +0300
Available diffs
- diff from 5.30.3-2 to 5.30.3-3 (2.0 KiB)
perl (5.30.3-2) unstable; urgency=medium
[ Niko Tyni ]
* Fix version parsing logic in a maintainer test.
* Move perl-base specific library up on @INC. This eliminates the
chance of incompatible libperl5.xx modules overriding the perl-base
ones during upgrades and the like. (Closes: #962138)
[ Dominic Hargreaves ]
* Remove lingering references to old deprecated modules (Closes: #961928)
* Fix FTBFS with IPv6-only host (Closes: #962019)
-- Dominic Hargreaves <email address hidden> Fri, 05 Jun 2020 00:21:01 +0100
Available diffs
- diff from 5.30.3-1 to 5.30.3-2 (5.1 KiB)
perl (5.30.3-1) unstable; urgency=medium
[ Dominic Hargreaves ]
* Update perlbug to no longer email deprecated bug address
(Closes: #958721)
[ Niko Tyni ]
* Update the build system to debhelper compatibility level 13.
[ Dominic Hargreaves ]
* Update to new upstream version (Closes: #962005)
+ [SECURITY] CVE-2020-10543: Buffer overflow caused by a crafted
regular expression
+ [SECURITY] CVE-2020-10878: Integer overflow via malformed bytecode
produced by a crafted regular expression
+ [SECURITY] CVE-2020-12723: Buffer overflow caused by a crafted
regular expression
-- Dominic Hargreaves <email address hidden> Mon, 01 Jun 2020 22:23:43 +0100
Available diffs
- diff from 5.30.2-1 to 5.30.3-1 (28.2 KiB)
perl (5.30.2-1) unstable; urgency=medium [ Niko Tyni ] * Convert rt.perl.org links to GitHub issues in patch descriptions. [ Dominic Hargreaves ] * Update to new upstream version 5.30.2. * Fix test failure with certain sbuild configurations (Closes: #930095) -- Dominic Hargreaves <email address hidden> Sun, 17 May 2020 00:19:12 +0100
Available diffs
- diff from 5.30.0-10 to 5.30.2-1 (100.8 KiB)
perl (5.30.0-10) unstable; urgency=medium
[ Dominic Hargreaves ]
* Suggest libtap-harness-archive-perl for prove --archive
(Closes: #947797)
[ Niko Tyni ]
* Apply upstream patches fixing Configure on GCC 10. (Closes: #957675)
* Include commit hashes from upstream GitHub repo in patch descriptions.
-- Niko Tyni <email address hidden> Fri, 17 Apr 2020 22:18:51 +0300
Available diffs
| Superseded in groovy-release |
| Published in focal-release |
| Deleted in focal-proposed (Reason: moved to Release) |
perl (5.30.0-9build1) focal; urgency=medium * No-change rebuild to pick up dependency on libcrypt1. -- Matthias Klose <email address hidden> Fri, 06 Mar 2020 22:15:57 +0100
Available diffs
- diff from 5.30.0-9 (in Debian) to 5.30.0-9build1 (344 bytes)
perl (5.30.0-9) unstable; urgency=medium
* Improve debian/t/control.t robustness fixing spurious failures
when packages are missing from the current archive suite.
(Closes: #943380)
* Build with TZ=UTC again for reproducibility. (See #791362)
* Fix cross builds harder, still due to -Dmksymlinks in 5.30.0-2.
* Refresh cross build support files for most architectures.
-- Niko Tyni <email address hidden> Sun, 27 Oct 2019 18:52:24 +0200
Available diffs
- diff from 5.30.0-7 to 5.30.0-9 (86.0 KiB)
- diff from 5.30.0-8 to 5.30.0-9 (82.8 KiB)
perl (5.30.0-8) unstable; urgency=medium
* Minor fixes prompted by lintian:
+ remove outdated lintian overrides
+ outsource parsing debian/changelog to pkg-info.mk in dpkg-dev
+ move debian/source.lintian-overrides under debian/source
+ add Build-Depends-Package: libperl-dev to the libperl5.30 symbols file
+ reorganize debian/copyright a bit to ensure correct file globbing
* Move perl-xs-dev Provides to libperl-dev, mark that Multi-Arch:
same, and add an unversioned cross-config symlink to the versioned
directory in libperl5.30 for easier consumption in depending packages.
.
Making perl-xs-dev not coinstallable between Perl major versions
should keep build dependencies unambiguous.
-- Niko Tyni <email address hidden> Sun, 20 Oct 2019 14:51:34 +0300
Available diffs
- diff from 5.30.0-7 to 5.30.0-8 (3.6 KiB)
perl (5.30.0-7) unstable; urgency=medium
* Move perl-modules-5.30 to section "libs" to ease future Perl
transitions (Closes: #942220)
* Make libperl5.30 Provide perl-xs-dev and retire the
perl-cross-config virtual package. See the thread around
https://lists.debian.org/debian-perl/2019/10/msg00015.html
-- Niko Tyni <email address hidden> Tue, 15 Oct 2019 16:35:07 +0300
Available diffs
| Superseded in focal-release |
| Obsolete in eoan-release |
| Deleted in eoan-proposed (Reason: moved to Release) |
perl (5.28.1-6build1) eoan; urgency=medium * No-change rebuild. -- Matthias Klose <email address hidden> Wed, 11 Sep 2019 09:02:52 +0200
Available diffs
- diff from 5.28.1-6 (in Debian) to 5.28.1-6build1 (325 bytes)
| Superseded in eoan-release |
| Obsolete in disco-release |
| Deleted in disco-proposed (Reason: moved to release) |
perl (5.28.1-6) unstable; urgency=medium
* Fix NDBM autopkgtests by recreating necessary hardlinks at test time
(Closes: #925179)
* Update patch metadata for the POSIX::mblen() fix.
-- Niko Tyni <email address hidden> Sun, 31 Mar 2019 14:51:22 +0300
Available diffs
- diff from 5.28.1-4 to 5.28.1-6 (5.3 KiB)
- diff from 5.28.1-5 to 5.28.1-6 (1.5 KiB)
perl (5.28.1-5) unstable; urgency=medium
* Patch perlbug to use "editor" as the default editor. (Closes: #922609)
* Add a Breaks entry for older versions of libdist-inkt-perl.
(Closes: #924506)
* Add a README.Debian note about overriding the default perldoc formatter.
(See: #917530)
* Include arch-specific data for NDBM and GDBM autopkgtests.
(Closes: #923409)
* Break older versions of libmarc-charset-perl, broken by libgdbm changes.
(Closes: #924719)
+ Build-Depend on a current libgdbm-dev to guarantee compatibility
with the new LFS-enabled database binary format.
* Fix crashing POSIX::mblen(). (Closes: #924517)
-- Niko Tyni <email address hidden> Sat, 16 Mar 2019 16:02:28 +0200
Available diffs
- diff from 5.28.1-4 to 5.28.1-5 (5.0 KiB)
perl (5.28.1-4) unstable; urgency=medium [ Dominic Hargreaves ] * Include upstream patches fixing piped open (Closes: #916313) [ Niko Tyni ] * Revert to upstream changes for disabling Storable probing. -- Niko Tyni <email address hidden> Sat, 02 Feb 2019 18:30:38 +0200
Available diffs
- diff from 5.28.1-3 to 5.28.1-4 (17.2 KiB)
perl (5.28.1-3) unstable; urgency=low
[ Dominic Hargreaves ]
* Include upstream patches fixing perl -i (Closes: #914651)
[ Niko Tyni ]
* Re-adopt versioned Provides for the dual lived modules.
(Closes: #758100)
+ upload with low urgency in the unlikely case that this hits
new Debian infrastructure issues like it did in 2017
-- Niko Tyni <email address hidden> Fri, 07 Dec 2018 15:23:05 +0200
Available diffs
- diff from 5.28.0-3 to 5.28.1-3 (223.8 KiB)
- diff from 5.28.1-2 to 5.28.1-3 (14.5 KiB)
perl (5.28.1-2) unstable; urgency=medium
[ Dominic Hargreaves ]
* Add 5.28.1 to debian/released-versions
* Drop incorrect libversion-requirements-perl Provides (Closes: #914809)
[ Niko Tyni ]
* Add a maintainer / autopkgtest check for debian/released-versions
contents.
* Apply patch by Bernhard M. Wiedemann fixing Time-Local tests in the
year 2020 and onwards. (Closes: #915209)
* Fix t/porting/manifest.t failures when run in a git checkout.
(Closes: #914962)
* Add current data for database and compression autopkgtest checks.
* Update cross build support files.
* Slightly improve maintainer test stderr handling.
* Disable Storable stacksize probing at build time. (Closes: #914133)
+ apply upstream patches that disable the probing when cross-compiling
+ amend the cross-compling fix to also look at PERL_STORABLE_DONT_PROBE
in the environment, and set that in debian/rules
-- Niko Tyni <email address hidden> Mon, 03 Dec 2018 20:24:24 +0200
Available diffs
- diff from 5.28.1-1 to 5.28.1-2 (129.5 KiB)
perl (5.28.1-1) unstable; urgency=high
[ Niko Tyni ]
* Special case libextutils-parsexs-perl in maintainer / autopkgtest
checks (Closes: #914222)
* Update patch metadata for patches applied upstream.
[ Dominic Hargreaves ]
* Include note in README.source about importing new upstream releases.
* New upstream release
- [SECURITY] CVE-2018-18311: Integer overflow leading to buffer
overflow and segmentation fault
- [SECURITY] CVE-2018-18312: Heap-buffer-overflow write in S_regatom
(regcomp.c)
-- Dominic Hargreaves <email address hidden> Thu, 29 Nov 2018 19:17:43 +0000
Available diffs
- diff from 5.28.0-4 to 5.28.1-1 (82.2 KiB)
perl (5.18.2-2ubuntu1.7) trusty-security; urgency=medium
* SECURITY UPDATE: Integer overflow leading to buffer overflow
- debian/patches/fixes/CVE-2018-18311.patch: handle integer wrap in
util.c.
- CVE-2018-18311
* SECURITY UPDATE: Heap-buffer-overflow read
- debian/patches/fixes/CVE-2018-18313.patch: convert some strchr to
memchr in regcomp.c.
- CVE-2018-18313
-- Marc Deslauriers <email address hidden> Tue, 20 Nov 2018 09:27:15 -0500
Available diffs
perl (5.22.1-9ubuntu0.6) xenial-security; urgency=medium
* SECURITY UPDATE: Integer overflow leading to buffer overflow
- debian/patches/fixes/CVE-2018-18311.patch: handle integer wrap in
util.c.
- CVE-2018-18311
* SECURITY UPDATE: Heap-buffer-overflow write / reg_node overrun
- debian/patches/fixes/CVE-2018-18312.patch: fix logic in regcomp.c.
- CVE-2018-18312
* SECURITY UPDATE: Heap-buffer-overflow read
- debian/patches/fixes/CVE-2018-18313.patch: convert some strchr to
memchr in regcomp.c.
- CVE-2018-18313
* SECURITY UPDATE: Heap-based buffer overflow
- debian/patches/fixes/CVE-2018-18314.patch: fix extended charclass in
pod/perldiag.pod, pod/perlrecharclass.pod, regcomp.c,
t/re/reg_mesg.t, t/re/regex_sets.t.
- CVE-2018-18314
-- Marc Deslauriers <email address hidden> Mon, 19 Nov 2018 13:29:35 -0500
Available diffs
perl (5.28.0-4) unstable; urgency=medium
[ Dominic Hargreaves ]
* Add missing test dependency for 'prove' test (Closes: #913096)
[ Niko Tyni ]
* Make perl Break apt-show-versions (<< 0.22.10) due to Storable
changes. (Closes: #913349)
* Cherry-pick several upstream fixes:
+ improve Storable recursion checks (Closes: #912900)
+ fix $^X when /proc is not mounted (Closes: #913347)
+ avoid mangling /bin non-perl shebangs on merged-/usr systems
(Closes: #913637)
* Apply patch from Helmut Grohne making Errno_pm.PL compatible with
/usr/include/<ARCH>/errno.h . (Closes: #875921)
* Apply patch from James Clarke fixing 'perl -i' functionality
on kfreebsd. (See #912521)
* Change perl-debug package priority from extra to optional.
* Remove unused outdated lintian overrides.
* Make perl-base and libperl5.28 Suggest sensible-utils for
sensible-pager. (Closes: #914013)
-- Niko Tyni <email address hidden> Mon, 19 Nov 2018 20:01:39 +0200
Available diffs
- diff from 5.28.0-3 to 5.28.0-4 (9.4 KiB)
perl (5.26.1-6ubuntu0.3) bionic-security; urgency=medium
* SECURITY UPDATE: Integer overflow leading to buffer overflow
- debian/patches/fixes/CVE-2018-18311.patch: handle integer wrap in
util.c.
- CVE-2018-18311
* SECURITY UPDATE: Heap-buffer-overflow write / reg_node overrun
- debian/patches/fixes/CVE-2018-18312.patch: fix logic in regcomp.c.
- CVE-2018-18312
* SECURITY UPDATE: Heap-buffer-overflow read
- debian/patches/fixes/CVE-2018-18313.patch: convert some strchr to
memchr in regcomp.c.
- CVE-2018-18313
* SECURITY UPDATE: Heap-based buffer overflow
- debian/patches/fixes/CVE-2018-18314.patch: fix extended charclass in
pod/perldiag.pod, pod/perlrecharclass.pod, regcomp.c,
t/lib/warnings/regcomp, t/re/reg_mesg.t, t/re/regex_sets.t.
- CVE-2018-18314
-- Marc Deslauriers <email address hidden> Mon, 19 Nov 2018 10:54:44 -0500
Available diffs
perl (5.26.2-7ubuntu0.1) cosmic-security; urgency=medium
* SECURITY UPDATE: Integer overflow leading to buffer overflow
- debian/patches/fixes/CVE-2018-18311.patch: handle integer wrap in
util.c.
- CVE-2018-18311
* SECURITY UPDATE: Heap-buffer-overflow write / reg_node overrun
- debian/patches/fixes/CVE-2018-18312.patch: fix logic in regcomp.c.
- CVE-2018-18312
* SECURITY UPDATE: Heap-buffer-overflow read
- debian/patches/fixes/CVE-2018-18313.patch: convert some strchr to
memchr in regcomp.c.
- CVE-2018-18313
* SECURITY UPDATE: Heap-based buffer overflow
- debian/patches/fixes/CVE-2018-18314.patch: fix extended charclass in
pod/perldiag.pod, pod/perlrecharclass.pod, regcomp.c,
t/lib/warnings/regcomp, t/re/reg_mesg.t, t/re/regex_sets.t.
- CVE-2018-18314
-- Marc Deslauriers <email address hidden> Mon, 19 Nov 2018 10:05:42 -0500
Available diffs
perl (5.28.0-3) unstable; urgency=medium
* Temporarily patch GDBM_File fatal.t for gdbm >= 1.16 compatibility.
(Closes: #904005)
* Merge 5.26.2-7 from unstable.
* Update debian/released-versions to include 5.28.0.
* Remove 5.26 specific SIGUNUSED related config.sh fiddling.
* Upload to unstable.
-- Niko Tyni <email address hidden> Wed, 31 Oct 2018 17:45:10 +0200
Available diffs
- diff from 5.26.2-7 to 5.28.0-3 (4.3 MiB)
| Superseded in disco-release |
| Obsolete in cosmic-release |
| Deleted in cosmic-proposed (Reason: moved to release) |
perl (5.26.2-7) unstable; urgency=medium
* Temporarily skip GDBM_File fatal.t for gdbm >= 1.15 compatibility.
(Closes: #904005)
-- Niko Tyni <email address hidden> Sun, 12 Aug 2018 11:26:41 +0300
Available diffs
- diff from 5.26.2-6 to 5.26.2-7 (8.9 KiB)
perl (5.26.1-6ubuntu0.2) bionic; urgency=high * No change rebuild to fix LP: #1574351 -- Balint Reczey <email address hidden> Wed, 18 Jul 2018 16:21:03 +0200
Available diffs
perl (5.26.1-6ubuntu0.1) bionic-security; urgency=medium
* SECURITY UPDATE: Directory traversal vulnerability
- debian/patches/fixes/CVE-2018-12015.patch: fix ing
cpan/Archive-Tar/lib/Archive/Tar.pm.
- CVE-2018-12015
-- <email address hidden> (Leonidas S. Barbosa) Tue, 12 Jun 2018 16:32:02 -0300
Available diffs
perl (5.26.0-8ubuntu1.2) artful-security; urgency=medium
* SECURITY UPDATE: Directory traversal vulnerability
- debian/patches/fixes/CVE-2018-12015.patch: fix ing
cpan/Archive-Tar/lib/Archive/Tar.pm.
- CVE-2018-12015
-- <email address hidden> (Leonidas S. Barbosa) Tue, 12 Jun 2018 16:28:18 -0300
Available diffs
perl (5.18.2-2ubuntu1.6) trusty-security; urgency=medium
* SECURITY UPDATE: Directory traversal vulnerability
- debian/patches/fixes/CVE-2018-12015.patch: fix ing
cpan/Archive-Tar/lib/Archive/Tar.pm.
- CVE-2018-12015
-- <email address hidden> (Leonidas S. Barbosa) Tue, 12 Jun 2018 17:00:53 -0300
Available diffs
perl (5.22.1-9ubuntu0.5) xenial-security; urgency=medium
* SECURITY UPDATE: Directory traversal vulnerability
- debian/patches/fixes/CVE-2018-12015.patch: fix ing
cpan/Archive-Tar/lib/Archive/Tar.pm.
- CVE-2018-12015
-- <email address hidden> (Leonidas S. Barbosa) Tue, 12 Jun 2018 16:30:44 -0300
Available diffs
| 1 → 75 of 246 results | First • Previous • Next • Last |
