1PERL5143DELTA(1)       Perl Programmers Reference Guide       PERL5143DELTA(1)
2
3
4

NAME

6       perl5143delta - what is new for perl v5.14.3
7

DESCRIPTION

9       This document describes differences between the 5.14.2 release and the
10       5.14.3 release.
11
12       If you are upgrading from an earlier release such as 5.12.0, first read
13       perl5140delta, which describes differences between 5.12.0 and 5.14.0.
14

Core Enhancements

16       No changes since 5.14.0.
17

Security

19   "Digest" unsafe use of eval (CVE-2011-3597)
20       The "Digest->new()" function did not properly sanitize input before
21       using it in an eval() call, which could lead to the injection of
22       arbitrary Perl code.
23
24       In order to exploit this flaw, the attacker would need to be able to
25       set the algorithm name used, or be able to execute arbitrary Perl code
26       already.
27
28       This problem has been fixed.
29
30   Heap buffer overrun in 'x' string repeat operator (CVE-2012-5195)
31       Poorly written perl code that allows an attacker to specify the count
32       to perl's 'x' string repeat operator can already cause a memory
33       exhaustion denial-of-service attack. A flaw in versions of perl before
34       5.15.5 can escalate that into a heap buffer overrun; coupled with
35       versions of glibc before 2.16, it possibly allows the execution of
36       arbitrary code.
37
38       This problem has been fixed.
39

Incompatible Changes

41       There are no changes intentionally incompatible with 5.14.0. If any
42       exist, they are bugs and reports are welcome.
43

Deprecations

45       There have been no deprecations since 5.14.0.
46

Modules and Pragmata

48   New Modules and Pragmata
49       None
50
51   Updated Modules and Pragmata
52       •   PerlIO::scalar was updated to fix a bug in which opening a
53           filehandle to a glob copy caused assertion failures (under
54           debugging) or hangs or other erratic behaviour without debugging.
55
56       •   ODBM_File and NDBM_File were updated to allow building on GNU/Hurd.
57
58       •   IPC::Open3 has been updated to fix a regression introduced in perl
59           5.12, which broke "IPC::Open3::open3($in, $out, $err, '-')".  [perl
60           #95748]
61
62       •   Digest has been upgraded from version 1.16 to 1.16_01.
63
64           See "Security".
65
66       •   Module::CoreList has been updated to version 2.49_04 to add data
67           for this release.
68
69   Removed Modules and Pragmata
70       None
71

Documentation

73   New Documentation
74       None
75
76   Changes to Existing Documentation
77       perlcheat
78
79       •   perlcheat was updated to 5.14.
80

Configuration and Compilation

82       •   h2ph was updated to search correctly gcc include directories on
83           platforms such as Debian with multi-architecture support.
84
85       •   In Configure, the test for procselfexe was refactored into a loop.
86

Platform Support

88   New Platforms
89       None
90
91   Discontinued Platforms
92       None
93
94   Platform-Specific Notes
95       FreeBSD
96           The FreeBSD hints file was corrected to be compatible with FreeBSD
97           10.0.
98
99       Solaris and NetBSD
100           Configure was updated for "procselfexe" support on Solaris and
101           NetBSD.
102
103       HP-UX
104           README.hpux was updated to note the existence of a broken header in
105           HP-UX 11.00.
106
107       Linux
108           libutil is no longer used when compiling on Linux platforms, which
109           avoids warnings being emitted.
110
111           The system gcc (rather than any other gcc which might be in the
112           compiling user's path) is now used when searching for libraries
113           such as "-lm".
114
115       Mac OS X
116           The locale tests were updated to reflect the behaviour of locales
117           in Mountain Lion.
118
119       GNU/Hurd
120           Various build and test fixes were included for GNU/Hurd.
121
122           LFS support was enabled in GNU/Hurd.
123
124       NetBSD
125           The NetBSD hints file was corrected to be compatible with NetBSD
126           6.*
127

Bug Fixes

129       •   A regression has been fixed that was introduced in 5.14, in "/i"
130           regular expression matching, in which a match improperly fails if
131           the pattern is in UTF-8, the target string is not, and a Latin-1
132           character precedes a character in the string that should match the
133           pattern.  [perl #101710]
134
135       •   In case-insensitive regular expression pattern matching, no longer
136           on UTF-8 encoded strings does the scan for the start of match only
137           look at the first possible position.  This caused matches such as
138           ""f\x{FB00}" =~ /ff/i" to fail.
139
140       •   The sitecustomize support was made relocatableinc aware, so that
141           -Dusesitecustomize and -Duserelocatableinc may be used together.
142
143       •   The smartmatch operator ("~~") was changed so that the right-hand
144           side takes precedence during "Any ~~ Object" operations.
145
146       •   A bug has been fixed in the tainting support, in which an "index()"
147           operation on a tainted constant would cause all other constants to
148           become tainted.  [perl #64804]
149
150       •   A regression has been fixed that was introduced in perl 5.12,
151           whereby tainting errors were not correctly propagated through
152           "die()".  [perl #111654]
153
154       •   A regression has been fixed that was introduced in perl 5.14, in
155           which "/[[:lower:]]/i" and "/[[:upper:]]/i" no longer matched the
156           opposite case.  [perl #101970]
157

Acknowledgements

159       Perl 5.14.3 represents approximately 12 months of development since
160       Perl 5.14.2 and contains approximately 2,300 lines of changes across 64
161       files from 22 authors.
162
163       Perl continues to flourish into its third decade thanks to a vibrant
164       community of users and developers. The following people are known to
165       have contributed the improvements that became Perl 5.14.3:
166
167       Abigail, Andy Dougherty, Carl Hayter, Chris 'BinGOs' Williams, Dave
168       Rolsky, David Mitchell, Dominic Hargreaves, Father Chrysostomos,
169       Florian Ragwitz, H.Merijn Brand, Jilles Tjoelker, Karl Williamson, Leon
170       Timmermans, Michael G Schwern, Nicholas Clark, Niko Tyni, Pino Toscano,
171       Ricardo Signes, Salvador Fandin~o, Samuel Thibault, Steve Hay, Tony
172       Cook.
173
174       The list above is almost certainly incomplete as it is automatically
175       generated from version control history. In particular, it does not
176       include the names of the (very much appreciated) contributors who
177       reported issues to the Perl bug tracker.
178
179       Many of the changes included in this version originated in the CPAN
180       modules included in Perl's core. We're grateful to the entire CPAN
181       community for helping Perl to flourish.
182
183       For a more complete list of all of Perl's historical contributors,
184       please see the AUTHORS file in the Perl source distribution.
185

Reporting Bugs

187       If you find what you think is a bug, you might check the articles
188       recently posted to the comp.lang.perl.misc newsgroup and the perl bug
189       database at http://rt.perl.org/perlbug/ .  There may also be
190       information at http://www.perl.org/ , the Perl Home Page.
191
192       If you believe you have an unreported bug, please run the perlbug
193       program included with your release.  Be sure to trim your bug down to a
194       tiny but sufficient test case.  Your bug report, along with the output
195       of "perl -V", will be sent off to perlbug@perl.org to be analysed by
196       the Perl porting team.
197
198       If the bug you are reporting has security implications, which make it
199       inappropriate to send to a publicly archived mailing list, then please
200       send it to perl5-security-report@perl.org. This points to a closed
201       subscription unarchived mailing list, which includes all the core
202       committers, who be able to help assess the impact of issues, figure out
203       a resolution, and help co-ordinate the release of patches to mitigate
204       or fix the problem across all platforms on which Perl is supported.
205       Please only use this address for security issues in the Perl core, not
206       for modules independently distributed on CPAN.
207

SEE ALSO

209       The Changes file for an explanation of how to view exhaustive details
210       on what changed.
211
212       The INSTALL file for how to build Perl.
213
214       The README file for general stuff.
215
216       The Artistic and Copying files for copyright information.
217
218
219
220perl v5.36.0                      2022-08-30                  PERL5143DELTA(1)
Impressum