| 1 | =encoding utf8 |
| 2 | |
| 3 | =head1 NAME |
| 4 | |
| 5 | perl5242delta - what is new for perl v5.24.2 |
| 6 | |
| 7 | =head1 DESCRIPTION |
| 8 | |
| 9 | This document describes differences between the 5.24.1 release and the 5.24.2 |
| 10 | release. |
| 11 | |
| 12 | If you are upgrading from an earlier release such as 5.24.0, first read |
| 13 | L<perl5241delta>, which describes differences between 5.24.0 and 5.24.1. |
| 14 | |
| 15 | =head1 Security |
| 16 | |
| 17 | =head2 Improved handling of '.' in @INC in base.pm |
| 18 | |
| 19 | The handling of (the removal of) C<'.'> in C<@INC> in L<base> has been |
| 20 | improved. This resolves some problematic behaviour in the approach taken in |
| 21 | Perl 5.24.1, which is probably best described in the following two threads on |
| 22 | the Perl 5 Porters mailing list: |
| 23 | L<http://www.nntp.perl.org/group/perl.perl5.porters/2016/08/msg238991.html>, |
| 24 | L<http://www.nntp.perl.org/group/perl.perl5.porters/2016/10/msg240297.html>. |
| 25 | |
| 26 | =head2 "Escaped" colons and relative paths in PATH |
| 27 | |
| 28 | On Unix systems, Perl treats any relative paths in the PATH environment |
| 29 | variable as tainted when starting a new process. Previously, it was allowing a |
| 30 | backslash to escape a colon (unlike the OS), consequently allowing relative |
| 31 | paths to be considered safe if the PATH was set to something like C</\:.>. The |
| 32 | check has been fixed to treat C<.> as tainted in that example. |
| 33 | |
| 34 | =head1 Modules and Pragmata |
| 35 | |
| 36 | =head2 Updated Modules and Pragmata |
| 37 | |
| 38 | =over 4 |
| 39 | |
| 40 | =item * |
| 41 | |
| 42 | L<base> has been upgraded from version 2.23 to 2.23_01. |
| 43 | |
| 44 | =item * |
| 45 | |
| 46 | L<Module::CoreList> has been upgraded from version 5.20170114_24 to 5.20170715_24. |
| 47 | |
| 48 | =back |
| 49 | |
| 50 | =head1 Selected Bug Fixes |
| 51 | |
| 52 | =over 4 |
| 53 | |
| 54 | =item * |
| 55 | |
| 56 | Fixed a crash with C<s///l> where it thought it was dealing with UTF-8 when it |
| 57 | wasn't. |
| 58 | L<[perl #129038]|https://rt.perl.org/Ticket/Display.html?id=129038> |
| 59 | |
| 60 | =back |
| 61 | |
| 62 | =head1 Acknowledgements |
| 63 | |
| 64 | Perl 5.24.2 represents approximately 6 months of development since Perl 5.24.1 |
| 65 | and contains approximately 2,500 lines of changes across 53 files from 18 |
| 66 | authors. |
| 67 | |
| 68 | Excluding auto-generated files, documentation and release tools, there were |
| 69 | approximately 960 lines of changes to 17 .pm, .t, .c and .h files. |
| 70 | |
| 71 | Perl continues to flourish into its third decade thanks to a vibrant community |
| 72 | of users and developers. The following people are known to have contributed |
| 73 | the improvements that became Perl 5.24.2: |
| 74 | |
| 75 | Aaron Crane, Abigail, Aristotle Pagaltzis, Chris 'BinGOs' Williams, Dan |
| 76 | Collins, David Mitchell, Eric Herman, Father Chrysostomos, James E Keenan, Karl |
| 77 | Williamson, Lukas Mai, Renee Baecker, Ricardo Signes, Sawyer X, Stevan Little, |
| 78 | Steve Hay, Tony Cook, Yves Orton. |
| 79 | |
| 80 | The list above is almost certainly incomplete as it is automatically generated |
| 81 | from version control history. In particular, it does not include the names of |
| 82 | the (very much appreciated) contributors who reported issues to the Perl bug |
| 83 | tracker. |
| 84 | |
| 85 | Many of the changes included in this version originated in the CPAN modules |
| 86 | included in Perl's core. We're grateful to the entire CPAN community for |
| 87 | helping Perl to flourish. |
| 88 | |
| 89 | For a more complete list of all of Perl's historical contributors, please see |
| 90 | the F<AUTHORS> file in the Perl source distribution. |
| 91 | |
| 92 | =head1 Reporting Bugs |
| 93 | |
| 94 | If you find what you think is a bug, you might check the articles recently |
| 95 | posted to the comp.lang.perl.misc newsgroup and the perl bug database at |
| 96 | L<https://rt.perl.org/> . There may also be information at |
| 97 | L<http://www.perl.org/> , the Perl Home Page. |
| 98 | |
| 99 | If you believe you have an unreported bug, please run the L<perlbug> program |
| 100 | included with your release. Be sure to trim your bug down to a tiny but |
| 101 | sufficient test case. Your bug report, along with the output of C<perl -V>, |
| 102 | will be sent off to perlbug@perl.org to be analysed by the Perl porting team. |
| 103 | |
| 104 | If the bug you are reporting has security implications which make it |
| 105 | inappropriate to send to a publicly archived mailing list, then see |
| 106 | L<perlsec/SECURITY VULNERABILITY CONTACT INFORMATION> |
| 107 | for details of how to report the issue. |
| 108 | |
| 109 | =head1 SEE ALSO |
| 110 | |
| 111 | The F<Changes> file for an explanation of how to view exhaustive details on |
| 112 | what changed. |
| 113 | |
| 114 | The F<INSTALL> file for how to build Perl. |
| 115 | |
| 116 | The F<README> file for general stuff. |
| 117 | |
| 118 | The F<Artistic> and F<Copying> files for copyright information. |
| 119 | |
| 120 | =cut |