Change log for perl package in Ubuntu
| 76 → 150 of 247 results | First • Previous • Next • Last |
perl (5.22.1-9ubuntu0.5) xenial-security; urgency=medium
* SECURITY UPDATE: Directory traversal vulnerability
- debian/patches/fixes/CVE-2018-12015.patch: fix ing
cpan/Archive-Tar/lib/Archive/Tar.pm.
- CVE-2018-12015
-- <email address hidden> (Leonidas S. Barbosa) Tue, 12 Jun 2018 16:30:44 -0300
Available diffs
perl (5.26.2-6) unstable; urgency=high
* [SECURITY] CVE-2018-12015: fix directory traversal vulnerability
in Archive-Tar (Closes: #900834)
-- Dominic Hargreaves <email address hidden> Sat, 09 Jun 2018 13:38:44 +0100
Available diffs
- diff from 5.26.1-6 to 5.26.2-6 (241.7 KiB)
- diff from 5.26.2-5 to 5.26.2-6 (9.1 KiB)
perl (5.26.2-5) unstable; urgency=medium
[ Dominic Hargreaves ]
* Remove Breaks and Conflicts entries relating to packages which were
fixed in oldstable or before
[ Niko Tyni ]
* autopkgtest improvements:
+ add a missing Testsuite header
+ run a syntax check on (almost) all the Perl modules we ship
+ verify that perl-base stays self contained
* Move Provides entries from libperl5.26 and perl-modules-5.26 to perl.
(Closes: #899110)
-- Niko Tyni <email address hidden> Sat, 19 May 2018 19:05:17 +0300
Available diffs
- diff from 5.26.2-4 to 5.26.2-5 (3.1 KiB)
perl (5.26.2-4) unstable; urgency=medium * Add cross build support files for riscv64. * Add Breaks/Replaces/Provides for libb-debug-perl. * Add rudimentary autopkgtest regression checks. (Closes: #782760) -- Niko Tyni <email address hidden> Fri, 18 May 2018 17:13:34 +0300
Available diffs
- diff from 5.26.2-3 to 5.26.2-4 (15.9 KiB)
perl (5.26.2-3) unstable; urgency=medium
[ Dominic Hargreaves ]
* Update Vcs-* fields to point to salsa
[ Niko Tyni ]
* Refresh cross build support files for most Debian architectures.
(Closes: #895992)
* Increase test timeout of t/re/fold_grind.t on riscv64.
(Closes: #896827)
-- Niko Tyni <email address hidden> Wed, 25 Apr 2018 19:55:24 +0300
| Superseded in cosmic-release |
| Published in bionic-release |
| Deleted in bionic-proposed (Reason: moved to release) |
perl (5.26.1-6) unstable; urgency=high
* [SECURITY] CVE-2018-6797: buffer overflow related to regex
unicode semantics.
* [SECURITY] CVE-2018-6798: heap buffer overflow when matching
malformed UTF-8 characters.
* [SECURITY] CVE-2018-6913: heap buffer overflow with large data blocks.
-- Niko Tyni <email address hidden> Sat, 10 Mar 2018 20:40:42 +0200
Available diffs
- diff from 5.26.1-5 to 5.26.1-6 (7.5 KiB)
perl (5.26.0-8ubuntu1.1) artful-security; urgency=medium
* SECURITY UPDATE: heap write overflow bug
- debian/patches/fixes/CVE-2018-6797.patch: restart a node if we change
to uni rules within the node and encounter a sharp S in regcomp.c.
- CVE-2018-6797
* SECURITY UPDATE: heap read overflow bug
- debian/patches/fixes/CVE-2018-6798-1.patch: check lengths in
regexec.c, t/lib/warnings/regexec.
- debian/patches/fixes/CVE-2018-6798-2.patch: account for non-utf8
target in regexec.c, t/re/re_tests.
- debian/patches/fixes/CVE-2018-6798-3.patch: no longer warns in
t/lib/warnings/regexec.
- debian/patches/fixes/CVE-2018-6798-4.patch: don't dump malformation
past first NUL in utf8.c.
- CVE-2018-6798
* SECURITY UPDATE: heap buffer overflow bug
- debian/patches/fixes/CVE-2018-6913.patch: fix various space
calculation issues in pp_pack.c, t/op/pack.t.
- CVE-2018-6913
-- Marc Deslauriers <email address hidden> Thu, 05 Apr 2018 08:23:57 -0400
Available diffs
perl (5.22.1-9ubuntu0.3) xenial-security; urgency=medium
* SECURITY UPDATE: arbitrary code exec via library in cwd
- debian/patches/fixes/CVE-2016-6185.patch: properly handle paths in
dist/XSLoader/XSLoader_pm.PL, dist/XSLoader/t/XSLoader.t.
- CVE-2016-6185
* SECURITY UPDATE: race condition in rmtree and remove_tree
- debian/patches/fixes/CVE-2017-6512-pre.patch: correct the order of
tests of chmod() in cpan/ExtUtils-Command/t/eu_command.t.
- debian/patches/fixes/CVE-2017-6512.patch: prevent race in
cpan/File-Path/lib/File/Path.pm, cpan/File-Path/t/Path.t.
- CVE-2017-6512
* SECURITY UPDATE: heap write overflow bug
- debian/patches/fixes/CVE-2018-6797.patch: restart a node if we change
to uni rules within the node and encounter a sharp S in regcomp.c.
- CVE-2018-6797
* SECURITY UPDATE: heap read overflow bug
- debian/patches/fixes/CVE-2018-6798-1.patch: check lengths in
regexec.c, t/lib/warnings/regexec.
- debian/patches/fixes/CVE-2018-6798-2.patch: account for non-utf8
target in regexec.c, t/re/re_tests.
- debian/patches/fixes/CVE-2018-6798-3.patch: no longer warns in
t/lib/warnings/regexec.
- CVE-2018-6798
* SECURITY UPDATE: heap buffer overflow bug
- debian/patches/fixes/CVE-2018-6913.patch: fix various space
calculation issues in pp_pack.c, t/op/pack.t.
- CVE-2018-6913
-- Marc Deslauriers <email address hidden> Thu, 05 Apr 2018 08:48:47 -0400
Available diffs
perl (5.18.2-2ubuntu1.4) trusty-security; urgency=medium
* SECURITY UPDATE: infinite loop via crafted utf-8 data
- debian/patches/fixes/CVE-2015-8853-1.patch: fix hangs in regexec.c,
t/re/pat.t.
- debian/patches/fixes/CVE-2015-8853-2.patch: use
Perl_croak_nocontext() in regexec.c.
- CVE-2015-8853
* SECURITY UPDATE: arbitrary code exec via library in cwd
- debian/patches/fixes/CVE-2016-6185.patch: properly handle paths in
dist/XSLoader/XSLoader_pm.PL, dist/XSLoader/t/XSLoader.t.
- CVE-2016-6185
* SECURITY UPDATE: race condition in rmtree and remove_tree
- debian/patches/fixes/CVE-2017-6512-pre.patch: correct the order of
tests of chmod() in cpan/ExtUtils-Command/t/eu_command.t.
- debian/patches/fixes/CVE-2017-6512.patch: prevent race in
cpan/File-Path/lib/File/Path.pm, cpan/File-Path/t/Path.t.
- CVE-2017-6512
* SECURITY UPDATE: heap buffer overflow bug
- debian/patches/fixes/CVE-2018-6913.patch: fix various space
calculation issues in pp_pack.c, t/op/pack.t.
- CVE-2018-6913
-- Marc Deslauriers <email address hidden> Thu, 05 Apr 2018 12:49:25 -0400
Available diffs
perl (5.26.1-5) unstable; urgency=medium
* Mark _LIB_VERSION as an optional symbol for glibc 2.27 compatibility.
Patch by Aurelien Jarno. (Closes: #890242)
* Refresh cross build support files.
* Apply an upstream patch by Yves Orton to fix a regexp related memory
leak, regressed in 5.26. (Closes: #891196)
* Build-Depend on libgdbm-compat-dev to restore the NDBM_File and
ODBM_File modules. (Closes: #891229)
-- Niko Tyni <email address hidden> Fri, 23 Feb 2018 17:23:43 +0200
Available diffs
- diff from 5.26.1-4build1 (in Ubuntu) to 5.26.1-5 (157.2 KiB)
perl (5.26.1-4build1) bionic; urgency=medium * Rebuild against new libgdbm5. -- Gianfranco Costamagna <email address hidden> Fri, 02 Feb 2018 15:26:29 +0100
Available diffs
- diff from 5.26.1-4 (in Debian) to 5.26.1-4build1 (313 bytes)
perl (5.26.1-4) unstable; urgency=medium
[ Dominic Hargreaves ]
* Use dpkg-vendor to configure perl with a vendor-specific
"configured by" string (Closes: #884924)
[ Niko Tyni ]
* Also look in <version>/<archname> subdirectories for binary compatible
modules built for older Perl versions. (Closes: #886494)
* Backport upstream Encode patch fixing find_encoding() infinite recursion.
(Closes: #880085)
-- Niko Tyni <email address hidden> Fri, 12 Jan 2018 21:31:09 +0200
Available diffs
- diff from 5.26.1-3 to 5.26.1-4 (8.0 KiB)
perl (5.26.1-3) unstable; urgency=medium
[ Dominic Hargreaves ]
* Include a note about debugging information in perl-debug in the package
description (Closes: #880117)
[ Niko Tyni ]
* Restore SIGUNUSED on glibc >= 2.26 to preserve ABI compatibility.
(Closes: #875927)
* No longer use xlocale.h, removed in glibc 2.26. (Closes: #882978)
-- Niko Tyni <email address hidden> Tue, 28 Nov 2017 19:44:14 +0200
Available diffs
perl (5.22.1-9ubuntu0.2) xenial-security; urgency=medium
* SECURITY UPDATE: Buffer overflow via crafted regular expressiion
- debian/patches/fixes/CVE-2017-12883.patch: fix crafted expression
with invalid '\N{U+...}' escape in regcomp.c
- CVE-2017-12883
* SECURITY UPDATE: heap-based buffer overflow in S_regatom
- debian/patches/fixes/CVE-2017-12837.patch: fix issue in regcomp.c
- CVE-2017-12837
-- <email address hidden> (Leonidas S. Barbosa) Fri, 10 Nov 2017 11:39:06 -0300
Available diffs
perl (5.24.1-2ubuntu1.1) zesty-security; urgency=medium
* SECURITY UPDATE: Buffer overflow via crafted regular expressiion
- debian/patches/fixes/CVE-2017-12883.patch: fix crafted expression
with invalid '\N{U+...}' escape in regcomp.c
- CVE-2017-12883
* SECURITY UPDATE: heap-based buffer overflow in S_regatom
- debian/patches/fixes/CVE-2017-12837.patch: fix issue in regcomp.c
- CVE-2017-12837
-- <email address hidden> (Leonidas S. Barbosa) Fri, 10 Nov 2017 11:07:03 -0300
Available diffs
perl (5.18.2-2ubuntu1.3) trusty-security; urgency=medium
* SECURITY UPDATE: Buffer overflow via crafted regular expressiion
- debian/patches/CVE-2017-12883.patch: fix crafted expression
with invalid '\N{U+...}' escape in regcomp.c
- CVE-2017-12883
* SECURITY UPDATE: heap-based buffer overflow in S_regatom
- debian/patches/CVE-2017-12837.patch: fix issue in regcomp.c
- CVE-2017-12837
-- <email address hidden> (Leonidas S. Barbosa) Fri, 10 Nov 2017 08:42:39 -0300
Available diffs
| Superseded in bionic-release |
| Deleted in bionic-proposed (Reason: moved to release) |
| Deleted in bionic-proposed (Reason: remove temporarily to let ocaml clear, as a lesser evil) |
perl (5.26.1-2ubuntu1) bionic; urgency=low
* Merge from Debian unstable. Remaining changes:
- Build-depend on libc6-dev (>= 2.26).
- Restore the SIGUNUSED signal. LP: #1717367.
- Changes can be dropped with the next perl ABI bump, or with a perl
upstream fix to restore ABI compatibility with glibc-2.26.
Available diffs
| Superseded in bionic-release |
| Obsolete in artful-release |
| Deleted in artful-proposed (Reason: moved to release) |
perl (5.26.0-8ubuntu1) artful; urgency=medium * Build-depend on libc6-dev (>= 2.26). * Restore the SIGUNUSED signal. LP: #1717367. * Changes can be dropped with the next perl ABI bump, or with a perl upstream fix to restore ABI compatibility with glibc-2.26.
Available diffs
perl (5.26.0-7) unstable; urgency=medium * Upload to unstable * Break older versions of slic3r-prusa (Closes: #873728) * Remove Recommends: rename according to announced deprecation plan -- Dominic Hargreaves <email address hidden> Tue, 05 Sep 2017 21:48:47 +0100
Available diffs
- diff from 5.26.0-5 to 5.26.0-7 (12.7 KiB)
perl (5.26.0-5) unstable; urgency=medium
* Make perl-base Break intltool (<< 0.51.0-4). (Closes: #869612)
* Amend debian/CVE-2016-1238/base-pm-amends-pt2.diff description based
on the final upstream commit information.
* Lower the optimization level of opmini.c on hppa. (Closes: #869122)
* Also lower the optimization level of op.c and opmini.c on sh4.
(Closes: #869373)
-- Niko Tyni <email address hidden> Sun, 30 Jul 2017 19:15:47 +0300
Available diffs
- diff from 5.24.1-7ubuntu1 (in Ubuntu) to 5.26.0-5 (3.5 MiB)
- diff from 5.26.0-4 to 5.26.0-5 (2.8 KiB)
perl (5.26.0-4) unstable; urgency=medium * Upload to unstable. -- Niko Tyni <email address hidden> Thu, 20 Jul 2017 22:23:29 +0300
Available diffs
perl (5.24.1-7ubuntu1) artful; urgency=low
* Merge from Debian unstable. Remaining changes:
- d/p/f/Compress-Raw-Zlib-2.071-Adapt-tests-to-zlib-1.2.11.patch,
- d/p/f/0001-Adapt-tests-to-zlib-1.2.11.patch:
- backport upstream patch to fix t/02zlib.t because of new zlib
-- Gianfranco Costamagna <email address hidden> Mon, 10 Jul 2017 23:39:14 +0200
Available diffs
| Superseded in artful-proposed |
perl (5.24.1-5ubuntu1) artful; urgency=low
* Merge from Debian unstable. Remaining changes:
- d/p/f/Compress-Raw-Zlib-2.071-Adapt-tests-to-zlib-1.2.11.patch,
- d/p/f/0001-Adapt-tests-to-zlib-1.2.11.patch:
- backport upstream patch to fix t/02zlib.t because of new zlib
-- Gianfranco Costamagna <email address hidden> Tue, 04 Jul 2017 12:26:07 +0200
Available diffs
perl (5.24.1-4ubuntu1) artful; urgency=low
* Merge from Debian unstable. Remaining changes:
- d/p/f/Compress-Raw-Zlib-2.071-Adapt-tests-to-zlib-1.2.11.patch,
- d/p/f/0001-Adapt-tests-to-zlib-1.2.11.patch:
- backport upstream patch to fix t/02zlib.t because of new zlib
-- Gianfranco Costamagna <email address hidden> Wed, 21 Jun 2017 09:40:13 +0200
Available diffs
- diff from 5.24.1-3ubuntu1 to 5.24.1-4ubuntu1 (56.7 KiB)
perl (5.24.1-3ubuntu1) artful; urgency=low
* Merge from Debian unstable. Remaining changes:
- d/p/f/Compress-Raw-Zlib-2.071-Adapt-tests-to-zlib-1.2.11.patch,
- d/p/f/0001-Adapt-tests-to-zlib-1.2.11.patch:
- backport upstream patch to fix t/02zlib.t because of new zlib
-- Gianfranco Costamagna <email address hidden> Sat, 03 Jun 2017 11:13:45 +0200
Available diffs
- diff from 5.24.1-2ubuntu1 to 5.24.1-3ubuntu1 (10.3 KiB)
| Superseded in artful-release |
| Obsolete in zesty-release |
| Deleted in zesty-proposed (Reason: moved to release) |
perl (5.24.1-2ubuntu1) zesty; urgency=medium
* d/p/f/Compress-Raw-Zlib-2.071-Adapt-tests-to-zlib-1.2.11.patch,
d/p/f/0001-Adapt-tests-to-zlib-1.2.11.patch:
- backport upstream patch to fix t/02zlib.t because of new zlib
-- Gianfranco Costamagna <email address hidden> Sat, 18 Mar 2017 18:00:39 +0100
Available diffs
perl (5.24.1-2) unstable; urgency=medium
* Apply patch from upstream fixing leak in list assignment
(Closes: #855064)
* Clarify documentation of 'do' in the face of '.' being removed
from @INC (Closes: #839536)
-- Dominic Hargreaves <email address hidden> Thu, 16 Mar 2017 11:11:46 +0000
Available diffs
- diff from 5.24.1-1 to 5.24.1-2 (2.9 KiB)
perl (5.24.1-1) unstable; urgency=medium
[ Dominic Hargreaves ]
* Break libexception-class-perl (<< 1.42) since this version fixes an
@INC related vulnerability potentially exposed by the reversion of the
base.pm changes below.
* Remove <nocheck> profile flag for build dependency on file, as it
is needed outside the test suite (Closes: #850296)
[ Niko Tyni ]
* Use https for URLs in the patchlevel list.
* Refresh cross build support files.
[ Dominic Hargreaves ]
* New upstream release
-- Dominic Hargreaves <email address hidden> Sun, 15 Jan 2017 23:35:20 +0000
Available diffs
- diff from 5.24.1~rc4-1 to 5.24.1-1 (107.0 KiB)
perl (5.24.1~rc4-1) unstable; urgency=medium
[ Dominic Hargreaves ]
* Fix Vcs-Git header. Thanks to Axel Beckert (Closes: #839057)
* Add Breaks on dh-haskell (<< 0.3) (Closes: #839018)
* Add workaround for optimization test failure on HPPA (Closes: #838613)
[ Niko Tyni ]
* Import new upstream release candidate with improved @INC localizing
in base.pm.
* Patch Test::Builder to fix a 'used only once' warning. (Closes: #840968)
* Sort the binary package conffile lists for reproducibility.
* Break amanda-common versions built against perlapi-5.22. (See #843700)
* Patch Configure to filter longdblinfbytes randomness for
build reproducibility. (Closes: #844752)
* Patch installman to generate man pages with UTF-8 characters.
(Closes: #840211)
-- Niko Tyni <email address hidden> Sat, 26 Nov 2016 23:12:44 +0200
Available diffs
- diff from 5.24.1~rc3-3 to 5.24.1~rc4-1 (19.6 KiB)
perl (5.24.1~rc3-3) unstable; urgency=medium * Reinstate perl-modules virtual package (Closes: #838855) -- Niko Tyni <email address hidden> Sun, 25 Sep 2016 23:22:41 +0300
Available diffs
- diff from 5.22.2-3 to 5.24.1~rc3-3 (3.2 MiB)
| Superseded in zesty-release |
| Obsolete in yakkety-release |
| Deleted in yakkety-proposed (Reason: moved to release) |
perl (5.22.2-3) unstable; urgency=high
* [SECURITY] CVE-2016-1238: opportunistic loading of optional
modules can make many programs unintentionally load code
from the current working directory (which might be changed to
another directory without the user realising).
+ allow user configurable removal of "." from @INC in
/etc/perl/sitecustomize.pl for a transitional period. (See: #588017)
+ backport patches from [perl #127834] to fix known vulnerabilities
even if the user does not configure "." to be removed from @INC
+ backport patches from [perl #127810] to fix various classes of
build failures in perl and CPAN modules if "." is removed from
@INC
-- Dominic Hargreaves <email address hidden> Mon, 25 Jul 2016 16:00:43 +0100
Available diffs
- diff from 5.22.2-2 to 5.22.2-3 (15.3 KiB)
perl (5.22.2-2) unstable; urgency=medium
[ Niko Tyni ]
* Make XSLoader skip relative paths not on @INC. (Closes: #829578)
* Add patch from Chris Lamb making the output of ExtUtils::ParseXS
reproducible. (Closes: #829296)
* Refresh cross build support files for all architectures.
[ Dominic Hargreaves ]
* Update wrong-path-for-interpreter override for 5.22.2, fixing
Lintian error introduced in previous upload
* Switch Vcs-Browser from gitweb to cgit and Vcs-Git to https
-- Niko Tyni <email address hidden> Thu, 07 Jul 2016 20:40:41 +0200
Available diffs
- diff from 5.22.2-1 to 5.22.2-2 (47.0 KiB)
perl (5.22.2-1) unstable; urgency=medium
[ Niko Tyni ]
* Refresh cross build support files for alpha, amd64, arm64, i386
kfreebsd-amd64, kfreebsd-i386, powerpc, ppc64el and s390x.
* Add cross build support files for ppc64.
* Merge 5.22.1-10 from unstable.
* Fix libperl5.22.triggers permissions.
* Work around t/op/stat.t problems on GNU/Hurd. (Closes: #822735)
[ Dominic Hargreaves ]
* New upstream release
+ update version of libmodule-corelist-perl Breaks and Replaces
for 5.22.2
* Upload to unstable
-- Dominic Hargreaves <email address hidden> Sat, 30 Apr 2016 13:20:51 +0100
Available diffs
- diff from 5.22.1-10 to 5.22.2-1 (104.6 KiB)
perl (5.22.1-10) unstable; urgency=medium
* Replace libperl5.22 manual ldconfig calls with an explicit trigger.
(Closes: #820500)
* Only conflict with versioned (i.e. non-virtual) perl-modules packages.
(Closes: #821161)
* Emulate 'uname -m' output for reproducibility regardless of kernel arch.
(Closes: #821182)
* Add cross build support files for m68k, powerpcspe and sh4.
-- Niko Tyni <email address hidden> Sun, 17 Apr 2016 22:08:08 +0300
Available diffs
- diff from 5.22.1-9 to 5.22.1-10 (37.5 KiB)
| Superseded in yakkety-release |
| Published in xenial-release |
| Deleted in xenial-proposed (Reason: moved to release) |
perl (5.22.1-9) unstable; urgency=medium
* Add cross build support files for alpha, hppa, sparc64, x32, mips,
and hurd-i386. (Closes: #816217)
* Use the standard library from the build tree, fixing non-cross
bootstrapping. (Closes: #817948)
-- Niko Tyni <email address hidden> Sun, 13 Mar 2016 13:54:18 +0200
Available diffs
- diff from 5.22.1-8 to 5.22.1-9 (73.0 KiB)
perl (5.22.1-8) unstable; urgency=high
* [SECURITY] CVE-2016-2381 fix duplicate environment variable taint
checking issue
-- Dominic Hargreaves <email address hidden> Fri, 26 Feb 2016 21:59:01 +0000
Available diffs
- diff from 5.22.1-7 to 5.22.1-8 (1.9 KiB)
perl (5.14.2-6ubuntu2.5) precise-security; urgency=medium
* SECURITY UPDATE: denial of service via regular expression invalid
backreference
- debian/patches/CVE-2013-7422.patch: properly handle big
backreferences in regcomp.c.
- CVE-2013-7422
* SECURITY UPDATE: denial of service in Data::Dumper
- debian/patches/CVE-2014-4330.patch: limit recursion in MANIFEST,
dist/Data-Dumper/Dumper.pm, dist/Data-Dumper/Dumper.xs,
dist/Data-Dumper/t/recurse.t.
- CVE-2014-4330
* SECURITY UPDATE: environment variable confusion issue
- debian/patches/CVE-2016-2381.patch: remove duplicate environment
variables from environ in perl.c.
- CVE-2016-2381
-- Marc Deslauriers <email address hidden> Tue, 01 Mar 2016 11:02:10 -0500
Available diffs
perl (5.18.2-2ubuntu1.1) trusty-security; urgency=medium
* SECURITY UPDATE: denial of service via regular expression invalid
backreference
- debian/patches/fixes/CVE-2013-7422.patch: properly handle big
backreferences in regcomp.c.
- CVE-2013-7422
* SECURITY UPDATE: denial of service in Data::Dumper
- debian/patches/fixes/CVE-2014-4330.patch: limit recursion in
MANIFEST, dist/Data-Dumper/Dumper.pm, dist/Data-Dumper/Dumper.xs,
dist/Data-Dumper/t/recurse.t.
- CVE-2014-4330
* SECURITY UPDATE: environment variable confusion issue
- debian/patches/fixes/CVE-2016-2381.patch: remove duplicate
environment variables from environ in perl.c.
- CVE-2016-2381
-- Marc Deslauriers <email address hidden> Tue, 01 Mar 2016 07:32:17 -0500
Available diffs
perl (5.20.2-6ubuntu0.2) wily-security; urgency=medium
* SECURITY UPDATE: environment variable confusion issue
- debian/patches/fixes/CVE-2016-2381.patch: remove duplicate
environment variables from environ in perl.c.
- CVE-2016-2381
-- Marc Deslauriers <email address hidden> Tue, 01 Mar 2016 08:48:24 -0500
Available diffs
perl (5.22.1-7) unstable; urgency=medium
* small tweaks to cross support file import infrastructure
* debian/copyright: include CC0-1.0 License for Test-Simple
* Changes prompted by lintian:
+ debian/copyright: move license grants into Comment sections
+ Bump build dependency on dpkg-dev to 1.17.14 for build profile support
(Closes: #813811)
+ Call ldconfig in libperl5.22 postrm script.
+ Override lintian warning about file conflict over /usr/bin/perldoc.
+ Install manual pages for perl5.22-<arch> and cpan5.22-<arch>.
+ Fix POD errors in Memoize, Encode-Unicode and ok.
* Remove libperl-dev dependency on perl. (Closes: #813384)
+ this enables experimental support for cross building applications
linking against libperl; see /usr/share/doc/libperl-dev/README.cross
for more information.
* Add cross build support files for amd64, i386, powerpc, ppc64el, armel,
armhf, arm64, s390x, mipsel, mips64el, kfreebsd-amd64 and kfreebsd-i386.
(Closes: #285559)
* Upload to unstable.
-- Niko Tyni <email address hidden> Mon, 08 Feb 2016 22:09:56 +0200
Available diffs
- diff from 5.22.1-5 to 5.22.1-7 (174.3 KiB)
perl (5.22.1-5) unstable; urgency=medium
[ Dominic Hargreaves ]
* Add Breaks entry for versions of mailagent not compatible with
perl 5.22
[ Niko Tyni ]
* Make perl-modules-5.22 Conflict with perl-modules rather than Break it.
Thanks to Adam Conrad. (Closes: #810164)
* Fix umask in mkstemp(3) calls. (Closes: #810924)
-- Niko Tyni <email address hidden> Sat, 30 Jan 2016 11:41:34 +0200
Available diffs
- diff from 5.22.1-4 to 5.22.1-5 (1.9 KiB)
perl (5.20.2-2ubuntu0.1) vivid-security; urgency=medium
* SECURITY UPDATE: canonpath function doesn't preserve taint
- debian/patches/fixes/CVE-2015-8607_file_spec_taint_fix.diff: ensure
File::Spec::canonpath() preserves taint in dist/PathTools/Cwd.xs,
added tests to dist/PathTools/t/taint.t.
- CVE-2015-8607
-- Marc Deslauriers <email address hidden> Wed, 20 Jan 2016 09:08:09 -0500
Available diffs
perl (5.20.2-6ubuntu0.1) wily-security; urgency=medium
* SECURITY UPDATE: canonpath function doesn't preserve taint
- debian/patches/fixes/CVE-2015-8607_file_spec_taint_fix.diff: ensure
File::Spec::canonpath() preserves taint in dist/PathTools/Cwd.xs,
added tests to dist/PathTools/t/taint.t.
- CVE-2015-8607
-- Marc Deslauriers <email address hidden> Wed, 20 Jan 2016 09:04:44 -0500
Available diffs
perl (5.22.1-4) unstable; urgency=high
* Add Breaks entry for versions of libsbuild-perl, maildirsync,
and backuppc not compatible with perl 5.22
(Closes: #808805, #809562, #810118)
* Apply patch from Niko Tyni restoring debugperl functionality
(Closes: #810326)
* [SECURITY] CVE-2015-8607 fix untaint issue with File::Spec::canonpath()
(Closes: #810719)
-- Dominic Hargreaves <email address hidden> Mon, 11 Jan 2016 22:29:23 +0000
Available diffs
- diff from 5.22.1-3 to 5.22.1-4 (2.2 KiB)
perl (5.22.1-3) unstable; urgency=medium
[ Dominic Hargreaves ]
* psed was removed in 5.22, so remove the (broken) manpage symlink
too (Closes: #808683)
[ Niko Tyni ]
* Fix an autodie scoping issue with "no autodie" and the "system" sub.
(Closes: #808629)
+ break libautodie-perl (<< 2.29-2) to make sure it won't override the fix
-- Niko Tyni <email address hidden> Sat, 26 Dec 2015 09:28:43 +0200
Available diffs
- diff from 5.20.2-6 to 5.22.1-3 (4.7 MiB)
- diff from 5.22.1-2 to 5.22.1-3 (2.5 KiB)
perl (5.22.1-2) unstable; urgency=low
* Work around a t/op/stat.t failure on GNU/kFreeBSD, possibly related
to softupdates. Fix by Steven Chamberlain. (Closes: #796798)
-- Niko Tyni <email address hidden> Fri, 18 Dec 2015 14:31:00 +0200
Available diffs
- diff from 5.22.1-1 to 5.22.1-2 (990 bytes)
perl (5.22.1-1) unstable; urgency=low
* New upstream release.
* Backport Encode::Unicode BOM fix from Encode-2.77.
(Closes: #798727)
+ break+replace libencode-perl (<< 2.77) accordingly
* Upload to unstable.
+ drop perlapi-5.22.0 for transition purposes
-- Niko Tyni <email address hidden> Wed, 16 Dec 2015 20:13:17 +0200
| Superseded in xenial-release |
| Obsolete in wily-release |
| Deleted in wily-proposed (Reason: moved to release) |
perl (5.20.2-6) unstable; urgency=low
* Remove two obsolete lintian overrides.
* Make libperl5.20 Break older perl-base versions to ensure perl-base
is upgraded first.
* Upload to unstable.
-- Niko Tyni <email address hidden> Thu, 14 May 2015 13:38:21 +0300
Available diffs
- diff from 5.20.2-2 to 5.20.2-6 (16.0 KiB)
- diff from 5.20.2-4 to 5.20.2-6 (1.6 KiB)
perl (5.20.2-4) unstable; urgency=medium
* Make the perl debugger work with threaded programs again.
Thanks to James McCoy. (Closes: #779357)
* Make t/run/locale more robust against subtly broken locale settings
common in pbuilder chroot builds. (Closes: #782068)
* Backport upstream patches for gcc-5 compatibility. (Closes: #778060)
* Replace a few ancient and incorrect DEB_BUILD_{GNU_TYPE,ARCH_CPU}
occurrences with the corresponding DEB_HOST_* ones. (Closes: #782803)
* Make perl-doc suggest groff-base instead of the full groff.
(Closes: #206211)
* Backport podlators patches to base the Pod::Man footer date
on UTC instead of the local time zone. (Closes: #780259)
* Backport podlators patch to make Pod::Man support an empty
POD_MAN_DATE variable. (See #780259)
* Backport podlators patch to improve error handling with standard
input. (Closes: #777405)
* Minor improvements to the package maintainer test framework.
+ remove the obsolete debian/check-control script
-- Niko Tyni <email address hidden> Sun, 26 Apr 2015 13:00:50 +0300
| Superseded in wily-release |
| Obsolete in vivid-release |
| Deleted in vivid-proposed (Reason: moved to release) |
perl (5.20.2-2) unstable; urgency=medium
[ Dominic Hargreaves ]
* Make perl-modules Recommend perl
[ Niko Tyni ]
* Fix the Broken libfile-spec-perl versions.
* Backport upstream fix for a regexp performance regression
from 5.14. (Closes: #777556)
* Make perl-modules Break older versions of perl. (Closes: #779433)
* Make perl-modules Depend on a matching perl-base. (Closes: #779455)
-- Niko Tyni <email address hidden> Sun, 01 Mar 2015 19:58:59 +0200
Available diffs
- diff from 5.20.1-5 to 5.20.2-2 (131.6 KiB)
perl (5.20.1-5) unstable; urgency=medium
* Make perl-base and perl-modules Break perl (<< 5.20.0~)
to fix trigger related upgrade paths from wheezy. (Closes: #774844)
+ also make perl-base, perl-modules, and perl Pre-Depend
on dpkg (>= 1.17.17) to get reliable trigger dependency
guarantees. (See #671711)
-- Niko Tyni <email address hidden> Sun, 25 Jan 2015 18:26:53 +0200
Available diffs
- diff from 5.20.1-4 to 5.20.1-5 (918 bytes)
perl (5.20.1-4) unstable; urgency=medium
* Make perl-base and perl-modules Break pdl (<< 1:2.007-4)
to fix upgrade failures with dpkg triggers. (Closes: #773323)
-- Niko Tyni <email address hidden> Fri, 19 Dec 2014 18:55:26 +0200
Available diffs
- diff from 5.20.1-3 to 5.20.1-4 (693 bytes)
perl (5.20.1-3) unstable; urgency=low
* Move File::Temp and its dependencies (File::Path, File::Basename,
and parent) to perl-base.
See https://lists.debian.org/debian-devel/2014/11/msg00216.html
-- Niko Tyni <email address hidden> Sun, 16 Nov 2014 18:54:17 +0200
Available diffs
- diff from 5.20.1-2 to 5.20.1-3 (1.2 KiB)
perl (5.20.1-2) unstable; urgency=medium
* Fix IO::Uncompress::Gunzip gunzip to in-memory file handle
(Closes: #747363)
* Fix t/io/socket.t on Hurd: include upstream fixes (Closes: #758718)
-- Dominic Hargreaves <email address hidden> Sun, 19 Oct 2014 22:02:58 +0100
Available diffs
- diff from 5.20.1-1 to 5.20.1-2 (3.2 KiB)
| Superseded in vivid-release |
| Obsolete in utopic-release |
| Deleted in utopic-proposed (Reason: moved to release) |
perl (5.20.1-1) unstable; urgency=medium
* New upstream release
* [SECURITY] CVE-2014-4330: don't recurse infinitely in Data::Dumper
(Closes: #762256)
* Update Standards-Version (no changes)
* Update maintainer tests to reflect the fact that libcgi-fast-perl
is not being shipped
* Update Breaks versions for libfile-spec-perl, libmodule-corelist-perl,
libversion-perl
* Update patch metadata to reflect upstream status
(Closes: #762270, #762269)
* Upload to unstable
-- Dominic Hargreaves <email address hidden> Sat, 20 Sep 2014 14:11:36 +0100
Available diffs
- diff from 5.20.0-6 to 5.20.1-1 (169.5 KiB)
- diff from 5.20.0-4 to 5.20.1-1 (171.7 KiB)
perl (5.20.0-6) unstable; urgency=medium
* Explicitly set mode of DEBIAN/conffiles to fix a Lintian error
in certain build environments
-- Dominic Hargreaves <email address hidden> Fri, 29 Aug 2014 21:32:22 -0700
Available diffs
- diff from 5.20.0-4 to 5.20.0-6 (5.7 KiB)
perl (5.20.0-4) unstable; urgency=medium
* Drop the -exp1 suffix from perlapi-5.20.0: no further changes
to @INC are planned in this cycle.
* Build-depend on libc6-dev (>= 2.19-9) on s390x to make sure we
build against the "new" reverted jmp_buf ABI. (Closes: #753444)
* Upload to unstable.
-- Niko Tyni <email address hidden> Thu, 14 Aug 2014 21:47:11 +0300
Available diffs
- diff from 5.18.2-7 to 5.20.0-4 (4.6 MiB)
perl (5.18.2-7) unstable; urgency=medium
* No longer Provide perlapi-5.18.1 and .2 on s390x. This completes
the jmp_buf transition. (Closes: #753444)
* Only disable the -ftree-vrp optimization on mips.
Thanks to Aurelien Jarno. (See: #754054)
-- Niko Tyni <email address hidden> Mon, 14 Jul 2014 23:13:55 +0300
Available diffs
- diff from 5.18.2-6 to 5.18.2-7 (1.1 KiB)
perl (5.18.2-6) unstable; urgency=medium
* Downgrade the optimization of regcomp.c on mips due to a gcc-4.9 bug.
(Closes: #754054)
-- Niko Tyni <email address hidden> Tue, 08 Jul 2014 23:08:24 +0300
Available diffs
- diff from 5.18.2-5 to 5.18.2-6 (973 bytes)
perl (5.18.2-5) unstable; urgency=medium
* Additionally provide perlapi-5.18.2d on s390x as preparation for
fixing partial upgrades due to jmp_buf ABI changes in glibc 2.19.
(See: #753444)
-- Niko Tyni <email address hidden> Sat, 05 Jul 2014 21:06:13 +0300
Available diffs
- diff from 5.18.2-4 to 5.18.2-5 (1.5 KiB)
perl (5.18.2-4) unstable; urgency=medium
* Build with -fwrapv to fix build failures with GCC 4.9
(Closes: #746890)
* Add Provides/Breaks/Replaces for libpackage-constants-perl which
will be deprecated in 5.20 (see #747628)
-- Dominic Hargreaves <email address hidden> Mon, 12 May 2014 23:53:26 +0100
Available diffs
| Superseded in utopic-release |
| Published in trusty-release |
| Deleted in trusty-proposed (Reason: moved to release) |
perl (5.18.2-2ubuntu1) trusty; urgency=medium
* Fix undefined behaviour in sv.c, resulting in test failures when
built with GCC 4.9. Patch by Marek Polacek.
-- Matthias Klose <email address hidden> Tue, 25 Mar 2014 17:52:36 +0100
Available diffs
perl (5.14.2-13ubuntu0.3) quantal-security; urgency=medium
* SECURITY UPDATE: arbitrary command execution via _compile function in
Maketext.pm
- debian/patches/CVE-2012-6329.patch: escape backslashes and reject
method names with colons or apostrophes in
dist/Locale-Maketext/lib/Locale/Maketext.pm.
- CVE-2012-6329
-- Marc Deslauriers <email address hidden> Tue, 04 Feb 2014 15:54:36 -0500
Available diffs
perl (5.14.2-6ubuntu2.4) precise-security; urgency=medium
* SECURITY UPDATE: arbitrary command execution via _compile function in
Maketext.pm
- debian/patches/CVE-2012-6329.patch: escape backslashes and reject
method names with colons or apostrophes in
dist/Locale-Maketext/lib/Locale/Maketext.pm.
- CVE-2012-6329
-- Marc Deslauriers <email address hidden> Tue, 04 Feb 2014 16:02:26 -0500
Available diffs
perl (5.10.1-8ubuntu2.4) lucid-security; urgency=medium
* SECURITY UPDATE: arbitrary command execution via _compile function in
Maketext.pm
- debian/patches/fixes/CVE-2012-6329.patch: escape backslashes and
reject method names with colons or apostrophes in
dist/Locale-Maketext/lib/Locale/Maketext.pm.
- CVE-2012-6329
-- Marc Deslauriers <email address hidden> Tue, 04 Feb 2014 16:12:30 -0500
Available diffs
perl (5.18.2-2) unstable; urgency=medium [ Niko Tyni ] * Update debian/copyright to include the year 2013. [ Dominic Hargreaves ] * Upload to unstable -- Dominic Hargreaves <email address hidden> Tue, 14 Jan 2014 19:47:33 +0000
Available diffs
- diff from 5.18.1-5 to 5.18.2-2 (59.9 KiB)
perl (5.18.1-5) unstable; urgency=medium
[ Dominic Hargreaves ]
* Revert patches disabling GNU/Hurd tests which now succeed:
- debian/hurd_net_ping_disable_test.diff (Closes: #709385)
- debian/hurd_test_skip_io_pipe.diff (Closes: #650096)
- debian/hurd_test_skip_pipe.diff (Closes: #650187)
- debian/hurd_test_skip_sigdispatch.diff (Closes: #650188)
- debian/hurd_test_todo_syslog.diff (Closes: #650093)
* Various tidying of Copyright file in line with Lintian's suggestions
* Override Lintian tag spelling-error-in-copyright for an upstream error
* Override Lintian tag empty-binary-package for libperl5.18 as it
is a dummy package on some architectures
[ Niko Tyni ]
* Include upstream fix for regex \8 and \9 after literals.
(Closes: #731365)
* Fix spelling of IPC_CREAT in IPC-SysV documentation. (Closes: #730558)
-- Niko Tyni <email address hidden> Fri, 06 Dec 2013 20:05:55 +0200
Available diffs
perl (5.18.1-4build1) trusty; urgency=low * No change rebuild against db 5.3. -- Dmitrijs Ledkovs <email address hidden> Fri, 01 Nov 2013 23:52:36 +0000
Available diffs
- diff from 5.18.1-4 (in Debian) to 5.18.1-4build1 (548 bytes)
| Superseded in trusty-release |
| Deleted in trusty-proposed (Reason: moved to release) |
| Deleted in trusty-release (Reason: accidentally copied to release rather than proposed) |
perl (5.18.1-4) unstable; urgency=low
* Add Breaks on versions of libcommon-sense-perl which were built
with earlier version of perl (Closes: #722460)
* Add Module::Metadata fix for use in taint mode (Closes: #722210)
* Update Lintian override for wrong-path-for-interpreter false
positive
-- Dominic Hargreaves <email address hidden> Wed, 11 Sep 2013 23:30:25 +0100
Available diffs
| Superseded in trusty-release |
| Superseded in trusty-release |
| Obsolete in saucy-release |
| Deleted in saucy-proposed (Reason: moved to release) |
perl (5.14.2-21build1) saucy; urgency=low * No change rebuild. -- Matthias Klose <email address hidden> Thu, 18 Jul 2013 23:41:05 +0200
Available diffs
| Superseded in saucy-release |
| Obsolete in raring-release |
| Deleted in raring-proposed (Reason: moved to release) |
perl (5.14.2-21) unstable; urgency=low
[ Dominic Hargreaves ]
* Update the Locale::Maketext fix by importing 1.23, to avoid
double-escaping problems (see: #695224)
-- Niko Tyni <email address hidden> Wed, 10 Apr 2013 19:11:35 +0300
Available diffs
- diff from 5.14.2-20 to 5.14.2-21 (4.5 KiB)
perl (5.14.2-13ubuntu0.2) quantal-security; urgency=low
* SECURITY UPDATE: algorithmic complexity attack on hash keys
- debian/patches/CVE-2013-1667.patch: fix hsplit() in hv.c, fix tests
in ext/Hash-Util-FieldHash/t/10_hash.t, t/op/hash.t.
- CVE-2013-1667
-- Marc Deslauriers <email address hidden> Mon, 18 Mar 2013 10:45:31 -0400
Available diffs
perl (5.14.2-6ubuntu2.3) precise-security; urgency=low
* SECURITY UPDATE: algorithmic complexity attack on hash keys
- debian/patches/CVE-2013-1667.patch: fix hsplit() in hv.c, fix tests
in ext/Hash-Util-FieldHash/t/10_hash.t, t/op/hash.t.
- CVE-2013-1667
-- Marc Deslauriers <email address hidden> Mon, 18 Mar 2013 10:48:33 -0400
Available diffs
perl (5.12.4-4ubuntu0.2) oneiric-security; urgency=low
* SECURITY UPDATE: algorithmic complexity attack on hash keys
- debian/patches/CVE-2013-1667.patch: fix hsplit() in hv.c, fix tests
in ext/Hash-Util-FieldHash/t/10_hash.t, t/op/hash.t.
- CVE-2013-1667
-- Marc Deslauriers <email address hidden> Mon, 18 Mar 2013 10:49:35 -0400
Available diffs
perl (5.8.8-12ubuntu0.8) hardy-security; urgency=low
* SECURITY UPDATE: algorithmic complexity attack on hash keys
- debian/patches/79_CVE-2013-1667: fix hsplit() in hv.c, fix tests in
t/op/hash.t.
- CVE-2013-1667
-- Marc Deslauriers <email address hidden> Mon, 18 Mar 2013 12:32:01 -0400
Available diffs
| 76 → 150 of 247 results | First • Previous • Next • Last |
