Commit | Line | Data |
---|---|---|
c592f515 SH |
1 | =encoding utf8 |
2 | ||
3 | =head1 NAME | |
4 | ||
5 | perl5261delta - what is new for perl v5.26.1 | |
6 | ||
7 | =head1 DESCRIPTION | |
8 | ||
9 | This document describes differences between the 5.26.0 release and the 5.26.1 | |
10 | release. | |
11 | ||
12 | If you are upgrading from an earlier release such as 5.24.0, first read | |
13 | L<perl5260delta>, which describes differences between 5.24.0 and 5.26.0. | |
14 | ||
15 | =head1 Security | |
16 | ||
17 | =head2 [CVE-2017-12837] Heap buffer overflow in regular expression compiler | |
18 | ||
19 | Compiling certain regular expression patterns with the case-insensitive | |
20 | modifier could cause a heap buffer overflow and crash perl. This has now been | |
21 | fixed. | |
29c6c804 | 22 | L<[GH #16021]|https://github.com/Perl/perl5/issues/16021> |
c592f515 SH |
23 | |
24 | =head2 [CVE-2017-12883] Buffer over-read in regular expression parser | |
25 | ||
26 | For certain types of syntax error in a regular expression pattern, the error | |
27 | message could either contain the contents of a random, possibly large, chunk of | |
28 | memory, or could crash perl. This has now been fixed. | |
29c6c804 | 29 | L<[GH #16025]|https://github.com/Perl/perl5/issues/16025> |
c592f515 SH |
30 | |
31 | =head2 [CVE-2017-12814] C<$ENV{$key}> stack buffer overflow on Windows | |
32 | ||
33 | A possible stack buffer overflow in the C<%ENV> code on Windows has been fixed | |
34 | by removing the buffer completely since it was superfluous anyway. | |
29c6c804 | 35 | L<[GH #16051]|https://github.com/Perl/perl5/issues/16051> |
c592f515 SH |
36 | |
37 | =head1 Incompatible Changes | |
38 | ||
39 | There are no changes intentionally incompatible with 5.26.0. If any exist, | |
40 | they are bugs, and we request that you submit a report. See L</Reporting | |
41 | Bugs> below. | |
42 | ||
43 | =head1 Modules and Pragmata | |
44 | ||
45 | =head2 Updated Modules and Pragmata | |
46 | ||
47 | =over 4 | |
48 | ||
49 | =item * | |
50 | ||
51 | L<base> has been upgraded from version 2.25 to 2.26. | |
52 | ||
53 | The effects of dotless C<@INC> on this module have been limited by the | |
54 | introduction of a more refined and accurate solution for removing C<'.'> from | |
55 | C<@INC> while reducing the false positives. | |
56 | ||
57 | =item * | |
58 | ||
59 | L<charnames> has been upgraded from version 1.44 to 1.45. | |
60 | ||
61 | =item * | |
62 | ||
63 | L<Module::CoreList> has been upgraded from version 5.20170530 to 5.20170922_26. | |
64 | ||
65 | =back | |
66 | ||
67 | =head1 Platform Support | |
68 | ||
69 | =head2 Platform-Specific Notes | |
70 | ||
71 | =over 4 | |
72 | ||
73 | =item FreeBSD | |
74 | ||
75 | =over 4 | |
76 | ||
77 | =item * | |
78 | ||
79 | Building with B<g++> on FreeBSD-11.0 has been fixed. | |
29c6c804 | 80 | L<[GH #15984]|https://github.com/Perl/perl5/issues/15984> |
c592f515 SH |
81 | |
82 | =back | |
83 | ||
84 | =item Windows | |
85 | ||
86 | =over 4 | |
87 | ||
88 | =item * | |
89 | ||
90 | Support for compiling perl on Windows using Microsoft Visual Studio 2017 | |
91 | (containing Visual C++ 14.1) has been added. | |
92 | ||
93 | =item * | |
94 | ||
95 | Building XS modules with GCC 6 in a 64-bit build of Perl failed due to | |
96 | incorrect mapping of C<strtoll> and C<strtoull>. This has now been fixed. | |
29c6c804 | 97 | L<[GH #16074]|https://github.com/Perl/perl5/issues/16074> |
c592f515 SH |
98 | L<[cpan #121683]|https://rt.cpan.org/Public/Bug/Display.html?id=121683> |
99 | L<[cpan #122353]|https://rt.cpan.org/Public/Bug/Display.html?id=122353> | |
100 | ||
101 | =back | |
102 | ||
103 | =back | |
104 | ||
105 | =head1 Selected Bug Fixes | |
106 | ||
107 | =over 4 | |
108 | ||
109 | =item * | |
110 | ||
111 | Several built-in functions previously had bugs that could cause them to write | |
112 | to the internal stack without allocating room for the item being written. In | |
113 | rare situations, this could have led to a crash. These bugs have now been | |
114 | fixed, and if any similar bugs are introduced in future, they will be detected | |
115 | automatically in debugging builds. | |
29c6c804 | 116 | L<[GH #16076]|https://github.com/Perl/perl5/issues/16076> |
c592f515 SH |
117 | |
118 | =item * | |
119 | ||
120 | Using a symbolic ref with postderef syntax as the key in a hash lookup was | |
121 | yielding an assertion failure on debugging builds. | |
29c6c804 | 122 | L<[GH #16029]|https://github.com/Perl/perl5/issues/16029> |
c592f515 SH |
123 | |
124 | =item * | |
125 | ||
126 | List assignment (C<aassign>) could in some rare cases allocate an entry on the | |
127 | mortal stack and leave the entry uninitialized. | |
29c6c804 | 128 | L<[GH #16017]|https://github.com/Perl/perl5/issues/16017> |
c592f515 SH |
129 | |
130 | =item * | |
131 | ||
132 | Attempting to apply an attribute to an C<our> variable where a function of that | |
133 | name already exists could result in a NULL pointer being supplied where an SV | |
134 | was expected, crashing perl. | |
135 | L<[perl #131597]|https://rt.perl.org/Public/Bug/Display.html?id=131597> | |
136 | ||
137 | =item * | |
138 | ||
139 | The code that vivifies a typeglob out of a code ref made some false assumptions | |
140 | that could lead to a crash in cases such as C<< $::{"A"} = sub {}; \&{"A"} >>. | |
141 | This has now been fixed. | |
29c6c804 | 142 | L<[GH #15937]|https://github.com/Perl/perl5/issues/15937> |
c592f515 SH |
143 | |
144 | =item * | |
145 | ||
146 | C<my_atof2> no longer reads beyond the terminating NUL, which previously | |
147 | occurred if the decimal point is immediately before the NUL. | |
29c6c804 | 148 | L<[GH #16002]|https://github.com/Perl/perl5/issues/16002> |
c592f515 SH |
149 | |
150 | =item * | |
151 | ||
152 | Occasional "Malformed UTF-8 character" crashes in C<s//> on utf8 strings have | |
153 | been fixed. | |
29c6c804 | 154 | L<[GH #16019]|https://github.com/Perl/perl5/issues/16019> |
c592f515 SH |
155 | |
156 | =item * | |
157 | ||
158 | C<perldoc -f s> now finds C<s///>. | |
29c6c804 | 159 | L<[GH #15989]|https://github.com/Perl/perl5/issues/15989> |
c592f515 SH |
160 | |
161 | =item * | |
162 | ||
163 | Some erroneous warnings after utf8 conversion have been fixed. | |
29c6c804 | 164 | L<[GH #15958]|https://github.com/Perl/perl5/issues/15958> |
c592f515 SH |
165 | |
166 | =item * | |
167 | ||
168 | The C<jmpenv> frame to catch Perl exceptions is set up lazily, and this used to | |
169 | be a bit too lazy. The catcher is now set up earlier, preventing some possible | |
170 | crashes. | |
29c6c804 | 171 | L<[GH #11804]|https://github.com/Perl/perl5/issues/11804> |
c592f515 SH |
172 | |
173 | =item * | |
174 | ||
175 | Spurious "Assuming NOT a POSIX class" warnings have been removed. | |
29c6c804 | 176 | L<[GH #16001]|https://github.com/Perl/perl5/issues/16001> |
c592f515 SH |
177 | |
178 | =back | |
179 | ||
180 | =head1 Acknowledgements | |
181 | ||
182 | Perl 5.26.1 represents approximately 4 months of development since Perl 5.26.0 | |
183 | and contains approximately 8,900 lines of changes across 85 files from 23 | |
184 | authors. | |
185 | ||
186 | Excluding auto-generated files, documentation and release tools, there were | |
187 | approximately 990 lines of changes to 38 .pm, .t, .c and .h files. | |
188 | ||
189 | Perl continues to flourish into its third decade thanks to a vibrant community | |
190 | of users and developers. The following people are known to have contributed | |
191 | the improvements that became Perl 5.26.1: | |
192 | ||
193 | Aaron Crane, Andy Dougherty, Aristotle Pagaltzis, Chris 'BinGOs' Williams, | |
194 | Craig A. Berry, Dagfinn Ilmari Mannsåker, David Mitchell, E. Choroba, Eric | |
195 | Herman, Father Chrysostomos, Jacques Germishuys, James E Keenan, John SJ | |
196 | Anderson, Karl Williamson, Ken Brown, Lukas Mai, Matthew Horsfall, Ricardo | |
197 | Signes, Sawyer X, Steve Hay, Tony Cook, Yves Orton, Zefram. | |
198 | ||
199 | The list above is almost certainly incomplete as it is automatically generated | |
200 | from version control history. In particular, it does not include the names of | |
201 | the (very much appreciated) contributors who reported issues to the Perl bug | |
202 | tracker. | |
203 | ||
204 | Many of the changes included in this version originated in the CPAN modules | |
205 | included in Perl's core. We're grateful to the entire CPAN community for | |
206 | helping Perl to flourish. | |
207 | ||
208 | For a more complete list of all of Perl's historical contributors, please see | |
209 | the F<AUTHORS> file in the Perl source distribution. | |
210 | ||
211 | =head1 Reporting Bugs | |
212 | ||
213 | If you find what you think is a bug, you might check the perl bug database | |
214 | at L<https://rt.perl.org/> . There may also be information at | |
215 | L<http://www.perl.org/> , the Perl Home Page. | |
216 | ||
217 | If you believe you have an unreported bug, please run the L<perlbug> program | |
218 | included with your release. Be sure to trim your bug down to a tiny but | |
219 | sufficient test case. Your bug report, along with the output of C<perl -V>, | |
220 | will be sent off to perlbug@perl.org to be analysed by the Perl porting team. | |
221 | ||
222 | If the bug you are reporting has security implications which make it | |
223 | inappropriate to send to a publicly archived mailing list, then see | |
224 | L<perlsec/SECURITY VULNERABILITY CONTACT INFORMATION> for details of how to | |
225 | report the issue. | |
226 | ||
227 | =head1 Give Thanks | |
228 | ||
229 | If you wish to thank the Perl 5 Porters for the work we had done in Perl 5, you | |
230 | can do so by running the C<perlthanks> program: | |
231 | ||
232 | perlthanks | |
233 | ||
234 | This will send an email to the Perl 5 Porters list with your show of thanks. | |
235 | ||
236 | =head1 SEE ALSO | |
237 | ||
238 | The F<Changes> file for an explanation of how to view exhaustive details on | |
239 | what changed. | |
240 | ||
241 | The F<INSTALL> file for how to build Perl. | |
242 | ||
243 | The F<README> file for general stuff. | |
244 | ||
245 | The F<Artistic> and F<Copying> files for copyright information. | |
246 | ||
247 | =cut |