-
perl (5.10.1-17ubuntu4.1) natty-security; urgency=low
* SECURITY UPDATE: multiple intended restriction bypasses in Safe.pm
- debian/patches/fixes/CVE-2010-1447.diff: update Safe.pm to version
2.29 to fix multiple issues.
- debian/patches/series: disable superseded fixes/safe-upgrade.diff.
- CVE-2010-1447
* SECURITY UPDATE: taint protection bypass via missing taint attributes
- debian/patches/fixes/CVE-2011-1487.diff: put taint logic at the end
of pp_* functions.
- CVE-2011-1487
-- Marc Deslauriers <email address hidden> Tue, 26 Apr 2011 09:32:28 -0400
-
perl (5.10.1-17ubuntu4) natty; urgency=low
* debian/config.debian: pass multiarch paths to the build (if
available) so that we're able to find libraries needed to build.
LP: #739693.
-- Steve Langasek <email address hidden> Wed, 30 Mar 2011 13:44:06 -0700
-
perl (5.10.1-17ubuntu3) natty; urgency=low
* debian/config.over: Set i_libutil='undef', just in case libbsd-dev is
installed at build time.
-- Colin Watson <email address hidden> Tue, 15 Feb 2011 15:28:15 +0000
-
perl (5.10.1-17ubuntu2) natty; urgency=low
* Backport fix from threads 1.35 to conditionally compile tmps stack
cleanup code, fixing threads tests on ppc64.
-- Colin Watson <email address hidden> Fri, 11 Feb 2011 19:30:53 +0000
-
perl (5.10.1-17ubuntu1) natty; urgency=low
* Merge from debian unstable. Remaining changes: (LP: #704391)
- debian/control: Change build dependency from libdb4.7-dev
to libdb-dev, to minimize the db versions on the CDs.
- debian/patches/fixes/h2ph-gcc-4.5.diff:
+ Fix h2ph header generation with GCC 4.5. (Closes: #599933)
perl (5.10.1-17) unstable; urgency=medium
* [SECURITY] CVE-2010-2761 CVE-2010-4410 CVE-2010-4411:
fix CGI.pm MIME boundary and multiline header vulnerabilities.
(Closes: #606995)
-- Artur Rona <email address hidden> Tue, 18 Jan 2011 13:17:37 +0100
-
perl (5.10.1-16ubuntu1) natty; urgency=low
* Resynchronise with Debian. Remaining changes:
- Change build dependency from libdb4.7-dev to libdb-dev, to minimize
the db versions on the CDs.
- Fix h2ph header generation with GCC 4.5.
perl (5.10.1-16) unstable; urgency=low
* Improve LC_NUMERIC documentation. (Closes: #379329)
* Fix sprintf not to ignore LC_NUMERIC with constants. (Closes: #601549)
* Fix stack pointer corruption in pp_concat() with "use encoding".
(Closes: #596105)
-- Colin Watson <email address hidden> Wed, 03 Nov 2010 16:03:31 +0000
-
perl (5.10.1-15ubuntu2) natty; urgency=low
* Apply upstream patch from Robin Barker
(http://perl5.git.perl.org/perl.git/commit/8d66b3f930dc6d88b524d103e304308ae73a46e7)
to fix h2ph header generation with GCC 4.5.
-- Colin Watson <email address hidden> Tue, 12 Oct 2010 15:11:13 +0100
-
perl (5.10.1-15ubuntu1) natty; urgency=low
* Resynchronise with Debian. Remaining changes:
- Change build dependency from libdb4.7-dev to libdb-dev, to minimize
the db versions on the CDs.
* Drop sparc optimisation change; Ubuntu no longer builds for sparc.
perl (5.10.1-15) unstable; urgency=low
* Include the Text::Tabs license in debian/copyright. Thanks to "v.nix.is".
(Closes: #596844)
* Downgrade the 'make' recommendation to a suggestion to avoid pulling
it in by default after all. (Closes: #596734) (Reopens: #293908)
* Put the libfile-spec-perl conflict version in line with the separate
package, which uses four digits. (Closes: #595121)
* Squelch useless locale warnings during package maintainer scripts.
(Closes: #508764)
perl (5.10.1-14) unstable; urgency=medium
* Don't override -DDEBIAN on GNU/Hurd, fixing @INC breakage and other
things. Thanks to Samuel Thibault. (Closes: #587901)
* Fix builds on gcc 4.5 by passing PERL_PATCHLEVEL_H_IMPLICIT to cpp.
Thanks to Loïc Minier and Paul Brook. (Closes: #588799)
* Fix builds when the name of the current directory contains regexp
metacharacters, particularly binNMUs with current sbuild versions.
Thanks to Kyle Moffett and Ansgar Burchardt. (Closes: #585678)
* Releasing with 'medium' urgency due to an RC bug fix.
perl (5.10.1-13) unstable; urgency=low
* [SECURITY] CVE-2010-1974: Update to Safe-2.25, fixing code injection
and execution vulnerabilities. (Closes: #582978)
* Add conflicts/replaces/provides for the new libswitch-perl,
libclass-isa-perl, and libpod-plainer-perl packages. (See #580034)
* Fix a tell() crash on bad arguments. (Closes: #578577)
* Fix a format/write crash. (Closes: #579537)
* Prevent gcc from optimizing the u32align check away, finally fixing
MD5 on armel. Thanks to Marc Pignat. (Closes: #289884)
* Fix a test failure in CGI/t/fast.t when FCGI is available.
-- Colin Watson <email address hidden> Tue, 12 Oct 2010 10:29:51 +0100
-
perl (5.10.1-12ubuntu2) maverick; urgency=low
* debian/config.debian: merge fix from Paul Brook to make configure define
PERL_PATCHLEVEL_H_IMPLICIT so that patchlevel.h does not require
git_version; fixes the build with recent GCCs where gcc -E fails on
missing includes; LP: #600951.
-- Loic Minier <email address hidden> Mon, 12 Jul 2010 12:31:10 +0200
