-
perl (5.14.2-13ubuntu0.3) quantal-security; urgency=medium
* SECURITY UPDATE: arbitrary command execution via _compile function in
Maketext.pm
- debian/patches/CVE-2012-6329.patch: escape backslashes and reject
method names with colons or apostrophes in
dist/Locale-Maketext/lib/Locale/Maketext.pm.
- CVE-2012-6329
-- Marc Deslauriers <email address hidden> Tue, 04 Feb 2014 15:54:36 -0500
-
perl (5.14.2-13ubuntu0.2) quantal-security; urgency=low
* SECURITY UPDATE: algorithmic complexity attack on hash keys
- debian/patches/CVE-2013-1667.patch: fix hsplit() in hv.c, fix tests
in ext/Hash-Util-FieldHash/t/10_hash.t, t/op/hash.t.
- CVE-2013-1667
-- Marc Deslauriers <email address hidden> Mon, 18 Mar 2013 10:45:31 -0400
-
perl (5.14.2-13ubuntu0.1) quantal-security; urgency=low
* SECURITY UPDATE: Heap overflow in "x" operator (LP: #1069034)
- CVE-2012-5195
* SECURITY UPDATE: CGI.pm improper cookie and p3p CRLF escaping
- CVE-2012-5526
-- Seth Arnold <email address hidden> Mon, 26 Nov 2012 11:28:12 -0800
-
perl (5.14.2-13) unstable; urgency=low
* Apply patch fixing IPC::Open3 when command is '-' (Closes: #683894)
* Add Breaks/Replaces/Provides for new dual-lived libsocket-perl
(Closes: #679154)
-- Dominic Hargreaves <email address hidden> Thu, 06 Sep 2012 23:24:28 +0100
-
perl (5.14.2-12) unstable; urgency=low
* Re-enable thread tests on kFreeBSD now that libc breakage has been
resolved (Closes: #672152, #677045)
* Update Standards-Version (no changes)
* Add minimal Copyright fields to debian/copyright paragraphs that
were missing them, to fix Lintian warnings about missing required
fields
-- Dominic Hargreaves <email address hidden> Mon, 18 Jun 2012 22:44:56 +0100
-
perl (5.14.2-11) unstable; urgency=low
[ Dominic Hargreaves ]
* Add patch from Daniel Kahn Gillmor fixing propagation of socket
type information (Closes: #659075)
[ Niko Tyni ]
* Temporarily disable thread tests on kFreeBSD to work around libc breakage.
(See #672152 and #673711)
* Remove empty Copyright lines from debian/copyright to appease
Config::Model.
-- Niko Tyni <email address hidden> Fri, 25 May 2012 10:14:00 +0300
-
perl (5.14.2-10) unstable; urgency=low
* Properly propagate tainted errors (Closes: #663158)
* Invoke x-terminal-emulator rather than xterm in perl5db.pl
(Closes: #668490)
* Add Conflicts with mono-gac (<< 2.10.8.1-3) to perl-base and
perl-modules (Closes: #665384)
-- Dominic Hargreaves <email address hidden> Mon, 07 May 2012 20:33:52 +0100
-
perl (5.14.2-9) unstable; urgency=low
[ Dominic Hargreaves ]
* Add Breaks on various packages which had 5.12/5.14 compatibility
bugs fixed since squeeze, to help with partial upgrades
* Add Breaks on ftpmirror for the same reason (Closes: #659799)
[ Niko Tyni ]
* No longer disable the 'pie' build flags: the implementation was
overwriting DEB_BUILD_MAINT_OPTIONS altogether.
* Modify Config_heavy.pl after the build to remove dpkg-buildflags
effects on ccflags and lddlflags; we don't want to force them on
all XS modules at this stage. (See #657853)
* Update the DEP-5 URL in debian/copyright now that it is finally stabilized.
* Make EU::MM pass LD through to recursive Makefile.PL invocations.
(Closes: #660195)
-- Niko Tyni <email address hidden> Sat, 03 Mar 2012 16:23:02 +0200
-
perl (5.14.2-6ubuntu2) precise; urgency=low
* Have perl, perl-modules, and perl-base conflict with versions of
mono-gac requiring File::Basename, to ensure a smooth upgrade from lucid.
LP: #948848.
-- Steve Langasek <email address hidden> Fri, 23 Mar 2012 07:59:20 -0700