|
| 1 | +=encoding utf8 |
| 2 | + |
| 3 | +=head1 NAME |
| 4 | + |
| 5 | +perl5282cdelta - what is new for cperl v5.28.2 |
| 6 | + |
| 7 | +=head1 DESCRIPTION |
| 8 | + |
| 9 | +This document describes the differences between the cperl 5.28.1 |
| 10 | +and the cperl 5.28.2 release. |
| 11 | + |
| 12 | +If you are upgrading from an earlier release such as v5.26.0c, first |
| 13 | +read the L<perl526*cdelta> documentation, which describes differences |
| 14 | +between v5.26.0c and v5.26.3c |
| 15 | + |
| 16 | +=head1 Security |
| 17 | + |
| 18 | +=head2 [CVE-2018-18311] Integer overflow leading to buffer overflow and segmentation fault |
| 19 | + |
| 20 | +Integer arithmetic in C<Perl_my_setenv()> could wrap when the combined length |
| 21 | +of the environment variable name and value exceeded around 0x7fffffff. This |
| 22 | +could lead to writing beyond the end of an allocated buffer with attacker |
| 23 | +supplied data. |
| 24 | + |
| 25 | +L<[perl #133204]|https://rt.perl.org/Ticket/Display.html?id=133204> |
| 26 | + |
| 27 | +=head2 Restrict my_setenv to ARG_MAX |
| 28 | + |
| 29 | +perl5 fixed C<Perl_my_setenv()> by allowing C<%ENV> sizes larger than |
| 30 | +C<ARG_MAX> (typically 128Kb), up to 2GB. This is considered a security |
| 31 | +risk. It writes onto the kernel stack, even if often caught by MAXEXECARGS |
| 32 | +"Argument list too long" kernel errors on the next exec call. |
| 33 | +cperl disallows C<%ENV> larger than the sysconf(_SC_ARG_MAX)/MAX_ARG_STRLEN/ |
| 34 | +ARG_MAX/NCARGS size with a new L<perldiag/"Environment size %d larger than the allowed %d"> |
| 35 | +error. |
| 36 | + |
| 37 | +L<[cperl #329]|https://github.com/perl11/cperl/issues/390>. cperl-only. |
| 38 | + |
| 39 | +=head2 [CVE-2018-18312] Heap-buffer-overflow write in S_regatom (regcomp.c) |
| 40 | + |
| 41 | +A crafted regular expression could cause heap-buffer-overflow write during |
| 42 | +compilation, potentially allowing arbitrary code execution. |
| 43 | + |
| 44 | +L<[perl #133423]|https://rt.perl.org/Ticket/Display.html?id=133423> |
| 45 | + |
| 46 | +=head1 Modules and Pragmata |
| 47 | + |
| 48 | +=head2 Updated Modules and Pragmata |
| 49 | + |
| 50 | +=over 4 |
| 51 | + |
| 52 | +=item L<Cpanel::JSON::XS> 4.09 |
| 53 | + |
| 54 | +Silence Gconvert -Wunused-result. |
| 55 | + |
| 56 | +Add unblessed_bool property (PR #118 by Pali) |
| 57 | + |
| 58 | +Add seperate allow_dupkeys property, in relaxed (#122), |
| 59 | +Fixed allow_dupkeys for the XS slow path, |
| 60 | +Silence 2 -Wunused-value warnings, |
| 61 | +Fix ->unblessed_bool to produce modifiable perl structures (PR #121 by Pali). |
| 62 | + |
| 63 | +=item L<ExtUtils::MakeMaker> 8.35_08 |
| 64 | + |
| 65 | +Added C<-flto> support for static libs (need the lto plugin) and D for |
| 66 | +deterministic builds, using arflags for AR_STATIC_ARGS, not just 'cr'. |
| 67 | + |
| 68 | +fix FULLPERL for win32 cperl. |
| 69 | +cperl-only. |
| 70 | + |
| 71 | +=item L<Storable> 1.12_04 |
| 72 | + |
| 73 | +Fix stacklimit security issues introduced in the p5p release [cperl #393]. |
| 74 | +User limits must not be higher than the probed hard limits, when |
| 75 | +overridden by user code or data, via hooks or even pst data. |
| 76 | +cperl-only. |
| 77 | + |
| 78 | +=back |
| 79 | + |
| 80 | +=head1 Testing |
| 81 | + |
| 82 | +=over 4 |
| 83 | + |
| 84 | +=item * |
| 85 | + |
| 86 | +Added F<t/run/envsize.t> for L</Restrict my_setenv to ARG_MAX> |
| 87 | + |
| 88 | +=back |
| 89 | + |
| 90 | +=head1 Selected Bug Fixes |
| 91 | + |
| 92 | +=over 4 |
| 93 | + |
| 94 | +=item * |
| 95 | + |
| 96 | +Perl 5.28 introduced an C<index()> optimization when comparing to -1 (or |
| 97 | +indirectly, e.g. >= 0). When this optimization was triggered inside a C<when> |
| 98 | +clause it caused a warning ("Argument %s isn't numeric in smart match"). This |
| 99 | +has now been fixed. |
| 100 | +L<[perl #133368]|https://rt.perl.org/Ticket/Display.html?id=133368> |
| 101 | + |
| 102 | +=item * |
| 103 | + |
| 104 | +Matching of decimal digits in script runs, introduced in Perl 5.28, had a bug |
| 105 | +that led to C<"1\N{THAI DIGIT FIVE}"> matching C</^(*sr:\d+)$/> when it should |
| 106 | +not. This has now been fixed. |
| 107 | + |
| 108 | +=item * |
| 109 | + |
| 110 | +The new in-place editing code no longer leaks directory handles. |
| 111 | +L<[perl #133314]|https://rt.perl.org/Ticket/Display.html?id=133314> |
| 112 | + |
| 113 | +=back |
| 114 | + |
| 115 | +=head1 Acknowledgements |
| 116 | + |
| 117 | +cperl 5.28.2 represents approximately 5 months of development since cperl |
| 118 | +5.28.1c and contains approximately 4,100 lines of changes across 80 files |
| 119 | +from 3 authors. |
| 120 | + |
| 121 | +Excluding auto-generated files, documentation and release tools, there were |
| 122 | +approximately 1,100 lines of changes to 24 .pm, .t, .c and .h files. |
| 123 | + |
| 124 | +The following people are known to have contributed the improvements that |
| 125 | +became cperl 5.28.2: |
| 126 | + |
| 127 | +Reini Urban, David Mitchell, Karl Williamson. |
| 128 | + |
| 129 | +Many of the changes included in this version originated in the CPAN modules |
| 130 | +included in Perl's core. We're grateful to the entire CPAN community for |
| 131 | +helping Perl to flourish. |
| 132 | + |
| 133 | +For a more complete list of all of Perl's historical contributors, please |
| 134 | +see the F<AUTHORS> file in the Perl source distribution. |
| 135 | + |
| 136 | +Generated with: |
| 137 | + |
| 138 | + cperl Porting/acknowledgements.pl cperl-5.28.1..HEAD -c |
| 139 | + |
| 140 | +=head1 Reporting Bugs |
| 141 | + |
| 142 | +If you find what you think is a bug, you might check the articles recently |
| 143 | +posted to the comp.lang.perl.misc newsgroup and the perl bug database at |
| 144 | +L<https://rt.perl.org/> . There may also be information at |
| 145 | +L<http://www.perl.org/> , the Perl Home Page. |
| 146 | + |
| 147 | +If you believe you have an unreported bug, please run the L<cperlbug> program |
| 148 | +included with your release. Be sure to trim your bug down to a tiny but |
| 149 | +sufficient test case. Your bug report, along with the output of C<perl -V>, |
| 150 | +will be sent off to perlbug@perl.org to be analysed by the Perl porting team. |
| 151 | + |
| 152 | +If you think it's a cperl specific bug or trust the cperl developers more |
| 153 | +please file an issue at L<https://github.com/perl11/cperl/issues>. |
| 154 | + |
| 155 | +If the bug you are reporting has security implications which make it |
| 156 | +inappropriate to send to a publicly archived mailing list, then see |
| 157 | +L<perlsec/SECURITY VULNERABILITY CONTACT INFORMATION> |
| 158 | +For details of how to report the issue. |
| 159 | + |
| 160 | +=head1 SEE ALSO |
| 161 | + |
| 162 | +The F<Changes> file for an explanation of how to view exhaustive details on |
| 163 | +what changed. |
| 164 | + |
| 165 | +The F<INSTALL> file for how to build Perl. |
| 166 | + |
| 167 | +The F<README> file for general stuff. |
| 168 | + |
| 169 | +The F<Artistic> and F<Copying> files for copyright information. |
| 170 | + |
| 171 | +=cut |
0 commit comments