1PERL5142DELTA(1) Perl Programmers Reference Guide PERL5142DELTA(1)
2
3
4
6 perl5142delta - what is new for perl v5.14.2
7
9 This document describes differences between the 5.14.1 release and the
10 5.14.2 release.
11
12 If you are upgrading from an earlier release such as 5.14.0, first read
13 perl5141delta, which describes differences between 5.14.0 and 5.14.1.
14
16 No changes since 5.14.0.
17
19 File::Glob::bsd_glob() memory error with GLOB_ALTDIRFUNC (CVE-2011-2728).
20 Calling "File::Glob::bsd_glob" with the unsupported flag
21 GLOB_ALTDIRFUNC would cause an access violation / segfault. A Perl
22 program that accepts a flags value from an external source could expose
23 itself to denial of service or arbitrary code execution attacks. There
24 are no known exploits in the wild. The problem has been corrected by
25 explicitly disabling all unsupported flags and setting unused function
26 pointers to null. Bug reported by Clément Lecigne.
27
28 "Encode" decode_xs n-byte heap-overflow (CVE-2011-2939)
29 A bug in "Encode" could, on certain inputs, cause the heap to overflow.
30 This problem has been corrected. Bug reported by Robert Zacek.
31
33 There are no changes intentionally incompatible with 5.14.0. If any
34 exist, they are bugs and reports are welcome.
35
37 There have been no deprecations since 5.14.0.
38
40 New Modules and Pragmata
41 None
42
43 Updated Modules and Pragmata
44 • CPAN has been upgraded from version 1.9600 to version 1.9600_01.
45
46 CPAN::Distribution has been upgraded from version 1.9602 to
47 1.9602_01.
48
49 Backported bugfixes from CPAN version 1.9800. Ensures proper
50 detection of "configure_requires" prerequisites from CPAN Meta
51 files in the case where "dynamic_config" is true. [rt.cpan.org
52 #68835]
53
54 Also ensures that "configure_requires" is only checked in META
55 files, not MYMETA files, so protect against MYMETA generation that
56 drops "configure_requires".
57
58 • Encode has been upgraded from version 2.42 to 2.42_01.
59
60 See "Security".
61
62 • File::Glob has been upgraded from version 1.12 to version 1.13.
63
64 See "Security".
65
66 • PerlIO::scalar has been upgraded from version 0.11 to 0.11_01.
67
68 It fixes a problem with "open my $fh, ">", \$scalar" not working if
69 $scalar is a copy-on-write scalar.
70
71 Removed Modules and Pragmata
72 None
73
75 New Platforms
76 None
77
78 Discontinued Platforms
79 None
80
81 Platform-Specific Notes
82 HP-UX PA-RISC/64 now supports gcc-4.x
83 A fix to correct the socketsize now makes the test suite pass on
84 HP-UX PA-RISC for 64bitall builds.
85
86 Building on OS X 10.7 Lion and Xcode 4 works again
87 The build system has been updated to work with the build tools
88 under Mac OS X 10.7.
89
91 • In @INC filters (subroutines returned by subroutines in @INC), $_
92 used to misbehave: If returned from a subroutine, it would not be
93 copied, but the variable itself would be returned; and freeing $_
94 (e.g., with "undef *_") would cause perl to crash. This has been
95 fixed [perl #91880].
96
97 • Perl 5.10.0 introduced some faulty logic that made "U*" in the
98 middle of a pack template equivalent to "U0" if the input string
99 was empty. This has been fixed [perl #90160].
100
101 • "caller" no longer leaks memory when called from the DB package if
102 @DB::args was assigned to after the first call to "caller". Carp
103 was triggering this bug [perl #97010].
104
105 • "utf8::decode" had a nasty bug that would modify copy-on-write
106 scalars' string buffers in place (i.e., skipping the copy). This
107 could result in hashes having two elements with the same key [perl
108 #91834].
109
110 • Localising a tied variable used to make it read-only if it
111 contained a copy-on-write string.
112
113 • Elements of restricted hashes (see the fields pragma) containing
114 copy-on-write values couldn't be deleted, nor could such hashes be
115 cleared ("%hash = ()").
116
117 • Locking a hash element that is a glob copy no longer causes
118 subsequent assignment to it to corrupt the glob.
119
120 • A panic involving the combination of the regular expression
121 modifiers "/aa" introduced in 5.14.0 and the "\b" escape sequence
122 has been fixed [perl #95964].
123
125 This is a list of some significant unfixed bugs, which are regressions
126 from 5.12.0.
127
128 • "PERL_GLOBAL_STRUCT" is broken.
129
130 Since perl 5.14.0, building with "-DPERL_GLOBAL_STRUCT" hasn't been
131 possible. This means that perl currently doesn't work on any
132 platforms that require it to be built this way, including Symbian.
133
134 While "PERL_GLOBAL_STRUCT" now works again on recent development
135 versions of perl, it actually working on Symbian again hasn't been
136 verified.
137
138 We'd be very interested in hearing from anyone working with Perl on
139 Symbian.
140
142 Perl 5.14.2 represents approximately three months of development since
143 Perl 5.14.1 and contains approximately 1200 lines of changes across 61
144 files from 9 authors.
145
146 Perl continues to flourish into its third decade thanks to a vibrant
147 community of users and developers. The following people are known to
148 have contributed the improvements that became Perl 5.14.2:
149
150 Craig A. Berry, David Golden, Father Chrysostomos, Florian Ragwitz,
151 H.Merijn Brand, Karl Williamson, Nicholas Clark, Pau Amma and Ricardo
152 Signes.
153
155 If you find what you think is a bug, you might check the articles
156 recently posted to the comp.lang.perl.misc newsgroup and the perl bug
157 database at http://rt.perl.org/perlbug/ . There may also be
158 information at http://www.perl.org/ , the Perl Home Page.
159
160 If you believe you have an unreported bug, please run the perlbug
161 program included with your release. Be sure to trim your bug down to a
162 tiny but sufficient test case. Your bug report, along with the output
163 of "perl -V", will be sent off to perlbug@perl.org to be analysed by
164 the Perl porting team.
165
166 If the bug you are reporting has security implications, which make it
167 inappropriate to send to a publicly archived mailing list, then please
168 send it to perl5-security-report@perl.org. This points to a closed
169 subscription unarchived mailing list, which includes all the core
170 committers, who be able to help assess the impact of issues, figure out
171 a resolution, and help co-ordinate the release of patches to mitigate
172 or fix the problem across all platforms on which Perl is supported.
173 Please only use this address for security issues in the Perl core, not
174 for modules independently distributed on CPAN.
175
177 The Changes file for an explanation of how to view exhaustive details
178 on what changed.
179
180 The INSTALL file for how to build Perl.
181
182 The README file for general stuff.
183
184 The Artistic and Copying files for copyright information.
185
186
187
188perl v5.38.2 2023-11-30 PERL5142DELTA(1)