1PERL5262DELTA(1) Perl Programmers Reference Guide PERL5262DELTA(1)
2
3
4
6 perl5262delta - what is new for perl v5.26.2
7
9 This document describes differences between the 5.26.1 release and the
10 5.26.2 release.
11
12 If you are upgrading from an earlier release such as 5.26.0, first read
13 perl5261delta, which describes differences between 5.26.0 and 5.26.1.
14
16 [CVE-2018-6797] heap-buffer-overflow (WRITE of size 1) in S_regatom
17 (regcomp.c)
18 A crafted regular expression could cause a heap buffer write overflow,
19 with control over the bytes written. [perl #132227]
20 <https://rt.perl.org/Public/Bug/Display.html?id=132227>
21
22 [CVE-2018-6798] Heap-buffer-overflow in Perl__byte_dump_string (utf8.c)
23 Matching a crafted locale dependent regular expression could cause a
24 heap buffer read overflow and potentially information disclosure.
25 [perl #132063] <https://rt.perl.org/Public/Bug/Display.html?id=132063>
26
27 [CVE-2018-6913] heap-buffer-overflow in S_pack_rec
28 "pack()" could cause a heap buffer write overflow with a large item
29 count. [perl #131844]
30 <https://rt.perl.org/Public/Bug/Display.html?id=131844>
31
32 Assertion failure in Perl__core_swash_init (utf8.c)
33 Control characters in a supposed Unicode property name could cause perl
34 to crash. This has been fixed. [perl #132055]
35 <https://rt.perl.org/Public/Bug/Display.html?id=132055> [perl #132553]
36 <https://rt.perl.org/Public/Bug/Display.html?id=132553> [perl #132658]
37 <https://rt.perl.org/Public/Bug/Display.html?id=132658>
38
40 There are no changes intentionally incompatible with 5.26.1. If any
41 exist, they are bugs, and we request that you submit a report. See
42 "Reporting Bugs" below.
43
45 Updated Modules and Pragmata
46 · Module::CoreList has been upgraded from version 5.20170922_26 to
47 5.20180414_26.
48
49 · PerlIO::via has been upgraded from version 0.16 to 0.17.
50
51 · Term::ReadLine has been upgraded from version 1.16 to 1.17.
52
53 · Unicode::UCD has been upgraded from version 0.68 to 0.69.
54
56 Changes to Existing Documentation
57 perluniprops
58
59 · This has been updated to note that "\p{Word}" now includes code
60 points matching the "\p{Join_Control}" property. The change to the
61 property was made in Perl 5.18, but not documented until now.
62 There are currently only two code points that match this property:
63 U+200C (ZERO WIDTH NON-JOINER) and U+200D (ZERO WIDTH JOINER).
64
66 Platform-Specific Notes
67 Windows
68 Visual C++ compiler version detection has been improved to work on
69 non-English language systems. [perl #132421]
70 <https://rt.perl.org/Public/Bug/Display.html?id=132421>
71
72 We now set $Config{libpth} correctly for 64-bit builds using Visual
73 C++ versions earlier than 14.1. [perl #132484]
74 <https://rt.perl.org/Public/Bug/Display.html?id=132484>
75
77 · The "readpipe()" built-in function now checks at compile time that
78 it has only one parameter expression, and puts it in scalar
79 context, thus ensuring that it doesn't corrupt the stack at
80 runtime. [perl #4574]
81 <https://rt.perl.org/Public/Bug/Display.html?id=4574>
82
83 · Fixed a use after free bug in "pp_list" introduced in Perl 5.27.1.
84 [perl #131954]
85 <https://rt.perl.org/Public/Bug/Display.html?id=131954>
86
87 · Parsing a "sub" definition could cause a use after free if the
88 "sub" keyword was followed by whitespace including newlines (and
89 comments). [perl #131836]
90 <https://rt.perl.org/Public/Bug/Display.html?id=131836>
91
92 · The tokenizer now correctly adjusts a parse pointer when skipping
93 whitespace in an " ${identifier} " construct. [perl #131949]
94 <https://rt.perl.org/Public/Bug/Display.html?id=131949>
95
96 · Accesses to "${^LAST_FH}" no longer assert after using any of a
97 variety of I/O operations on a non-glob. [perl #128263]
98 <https://rt.perl.org/Public/Bug/Display.html?id=128263>
99
100 · "sort" now performs correct reference counting when aliasing $a and
101 $b, thus avoiding premature destruction and leakage of scalars if
102 they are re-aliased during execution of the sort comparator. [perl
103 #92264] <https://rt.perl.org/Public/Bug/Display.html?id=92264>
104
105 · Some convoluted kinds of regexp no longer cause an arithmetic
106 overflow when compiled. [perl #131893]
107 <https://rt.perl.org/Public/Bug/Display.html?id=131893>
108
109 · Fixed a duplicate symbol failure with -flto -mieee-fp builds. pp.c
110 defined "_LIB_VERSION" which -lieee already defines. [perl
111 #131786] <https://rt.perl.org/Public/Bug/Display.html?id=131786>
112
113 · A NULL pointer dereference in the "S_regmatch()" function has been
114 fixed. [perl #132017]
115 <https://rt.perl.org/Public/Bug/Display.html?id=132017>
116
117 · Failures while compiling code within other constructs, such as with
118 string interpolation and the right part of "s///e" now cause
119 compilation to abort earlier.
120
121 Previously compilation could continue in order to report other
122 errors, but the failed sub-parse could leave partly parsed
123 constructs on the parser shift-reduce stack, confusing the parser,
124 leading to perl crashes. [perl #125351]
125 <https://rt.perl.org/Public/Bug/Display.html?id=125351>
126
128 Perl 5.26.2 represents approximately 7 months of development since Perl
129 5.26.1 and contains approximately 3,300 lines of changes across 82
130 files from 17 authors.
131
132 Excluding auto-generated files, documentation and release tools, there
133 were approximately 1,800 lines of changes to 36 .pm, .t, .c and .h
134 files.
135
136 Perl continues to flourish into its third decade thanks to a vibrant
137 community of users and developers. The following people are known to
138 have contributed the improvements that became Perl 5.26.2:
139
140 Aaron Crane, Abigail, Chris 'BinGOs' Williams, H.Merijn Brand, James E
141 Keenan, Jarkko Hietaniemi, John SJ Anderson, Karen Etheridge, Karl
142 Williamson, Lukas Mai, Renee Baecker, Sawyer X, Steve Hay, Todd
143 Rinaldo, Tony Cook, Yves Orton, Zefram.
144
145 The list above is almost certainly incomplete as it is automatically
146 generated from version control history. In particular, it does not
147 include the names of the (very much appreciated) contributors who
148 reported issues to the Perl bug tracker.
149
150 Many of the changes included in this version originated in the CPAN
151 modules included in Perl's core. We're grateful to the entire CPAN
152 community for helping Perl to flourish.
153
154 For a more complete list of all of Perl's historical contributors,
155 please see the AUTHORS file in the Perl source distribution.
156
158 If you find what you think is a bug, you might check the perl bug
159 database at <https://rt.perl.org/> . There may also be information at
160 <http://www.perl.org/> , the Perl Home Page.
161
162 If you believe you have an unreported bug, please run the perlbug
163 program included with your release. Be sure to trim your bug down to a
164 tiny but sufficient test case. Your bug report, along with the output
165 of "perl -V", will be sent off to perlbug@perl.org to be analysed by
166 the Perl porting team.
167
168 If the bug you are reporting has security implications which make it
169 inappropriate to send to a publicly archived mailing list, then see
170 "SECURITY VULNERABILITY CONTACT INFORMATION" in perlsec for details of
171 how to report the issue.
172
174 If you wish to thank the Perl 5 Porters for the work we had done in
175 Perl 5, you can do so by running the "perlthanks" program:
176
177 perlthanks
178
179 This will send an email to the Perl 5 Porters list with your show of
180 thanks.
181
183 The Changes file for an explanation of how to view exhaustive details
184 on what changed.
185
186 The INSTALL file for how to build Perl.
187
188 The README file for general stuff.
189
190 The Artistic and Copying files for copyright information.
191
192
193
194perl v5.30.1 2019-11-29 PERL5262DELTA(1)