-
perl (5.10.1-12ubuntu2.1) maverick-security; urgency=low
* SECURITY UPDATE: multiple intended restriction bypasses in Safe.pm
- debian/patches/debian/CVE-2010-1168.diff: update Safe.pm to version
2.29 to fix multiple issues.
- CVE-2010-1168
- CVE-2010-1447
* SECURITY UPDATE: multiple issues in CGI.pm: hardcoded MIME boundary,
and CRLF injections.
- debian/patches/fixes/cgi-multiline-header.diff: fix issues with
patch obtained from (5.10.1-17).
- CVE-2010-2716
- CVE-2010-4410
- CVE-2010-4411
* SECURITY UPDATE: taint protection bypass via missing taint attributes
- debian/patches/fixes/CVE-2011-1487.diff: put taint logic at the end
of pp_* functions.
- CVE-2011-1487
-- Marc Deslauriers <email address hidden> Thu, 21 Apr 2011 11:24:47 -0400
-
perl (5.10.1-12ubuntu2) maverick; urgency=low
* debian/config.debian: merge fix from Paul Brook to make configure define
PERL_PATCHLEVEL_H_IMPLICIT so that patchlevel.h does not require
git_version; fixes the build with recent GCCs where gcc -E fails on
missing includes; LP: #600951.
-- Loic Minier <email address hidden> Mon, 12 Jul 2010 12:31:10 +0200
-
perl (5.10.1-12ubuntu1) maverick; urgency=low
* Resynchronise with Debian. Remaining changes:
- Change build dependency from libdb4.7-dev to libdb-dev, to minimize
the db versions on the CDs.
- On sparc, build with -O1 instead of -O2. See #438876.
* Drop Breaks against doc-base. We no longer need to upgrade directly
from hardy.
perl (5.10.1-12) unstable; urgency=low
* Fix the location of an Archive::Tar test file.
* Update conflict versions on libscalar-list-utils-perl, libxsloader-perl,
and libnet-perl.
* Properly include the 5.10.0 site directories on @INC as per Perl policy.
(Closes: #575030)
* Fix an errno stringification bug in taint mode. (Closes: #574129)
* Move Config_heavy.pl into perl-base and unapply the DynaLoader
changes introduced in 5.10.1-5. (Closes: #575308)
* Remove B and B::Deparse from perl-base, they haven't worked without
the perl package for a long time if ever. (Closes: #576153)
* Upgrade to Standards-Version 3.8.4 with no changes.
perl (5.10.1-11) unstable; urgency=low
* Unapply obsolete Debian patches:
- Object::Accessor POD patch (fixed in 5.10.1)
- "missing /etc/hosts" (fixed in 5.10.1)
- "arm fp non-IEEE rounding" (fixed in armel)
- "ppc/ia64 optimization upgrade" (no-op since 5.10.0-5)
- "arm optimization downgrade" (fixed sometime after gcc 4.0)
* Make perl-base conflict with older versions of safe-rm to unbreak
maintainer scripts on partial upgrades. (Closes: #566080)
* Update debian/README.source to recommend using quilt in NMUs.
* Include upstream commit information in patchlevel.h.
* Upload to unstable.
perl (5.10.1-10) experimental; urgency=low
* Add conflicts/replaces/provides for libtime-local-perl. (Closes: #567188)
* Really add the new perl-modules README.Debian. (Closes: #565721)
* Make libcgi-fast-perl depend on perl (<< 5.10.2~) because
it's now in the core directory. (Closes: #567092)
* Switch to dpkg v3 source format.
+ remove the obsoleted quilt-series-but-no-build-dep lintian override.
* Describe the applied Debian patches in patchlevel.h (and therefore
`perl -V' output too.) (Closes: #567489)
* Include minimal copyright and license information on the Debian
packaging in debian/copyright.
* Don't try to ship Changes5.* or patching.pod in perl-doc anymore,
they have been removed upstream for 5.10.1.
* Upload to experimental to verify that the source format changes work
perl (5.10.1-9) unstable; urgency=low
* Move CGI/Fast.pm back to the core directory so that libcgi-pm-perl
can override it. (Closes: #563713)
* Add a README.Debian file to perl-modules.
* Other packages should not depend on perl-modules but perl;
clarify this in the perl-modules long description and the new
README.Debian file. (Closes: #552052)
* Fix a NULL pointer dereference when looking for a DESTROY method.
(Closes: #564074)
* Add conflicts/replaces/provides for libfile-spec-perl. (Closes: #556789)
+ note that perl-base contains part of libfile-spec-perl, so it has
a conflicts entry for earlier versions but does not provide and
replace it. The rest of the functionality is in perl-modules.
-- Colin Watson <email address hidden> Tue, 04 May 2010 16:32:38 +0100
-
perl (5.10.1-8ubuntu2) lucid; urgency=low
* Make perl-base conflict with older versions of safe-rm to unbreak
maintainer scripts on partial upgrades. (LP: #568670)
-- Andrew Mitchell <email address hidden> Fri, 23 Apr 2010 16:42:52 +1200
