[ this is a template for a new perldelta file. Any text flagged as XXX needs
to be processed before release. ]
-perldelta - what is new for perl v5.23.6
+perldelta - what is new for perl v5.23.7
=head1 DESCRIPTION
-This document describes differences between the 5.23.5 release and the 5.23.6
+This document describes differences between the 5.23.6 release and the 5.23.7
release.
-If you are upgrading from an earlier release such as 5.23.4, first read
-L<perl5235delta>, which describes differences between 5.23.4 and 5.23.5.
+If you are upgrading from an earlier release such as 5.23.5, first read
+L<perl5236delta>, which describes differences between 5.23.5 and 5.23.6.
=head1 Notice
=head1 Security
-XXX Any security-related notices go here. In particular, any security
-vulnerabilities closed should be noted here rather than in the
-L</Selected Bug Fixes> section.
+=head2 fix out of boundary access in Win32 path handling
-[ List each security issue as a =head2 entry ]
+This is CVE-2015-8608. For more information see
+L<[perl #126755]|https://rt.perl.org/Ticket/Display.html?id=126755>
+
+=head2 fix loss of taint in canonpath
+
+This is CVE-2015-8607. For more information see
+L<[perl #126862]|https://rt.perl.org/Ticket/Display.html?id=126862>
=head1 Incompatible Changes
-=head2 Some regular expression patterns that had runtime errors now
-don't compile at all
+XXX For a release on a stable branch, this section aspires to be:
+
+ There are no changes intentionally incompatible with 5.XXX.XXX
+ If any exist, they are bugs, and we request that you submit a
+ report. See L</Reporting Bugs> below.
-This should have been in the perldelta for 5.23.4, but was omitted.
+[ List each incompatible change as a =head2 entry ]
-Almost all Unicode properties using the C<\p{}> and C<\P{}> regular
-expression pattern constructs are now checked for validity at pattern
-compilation time, and invalid ones will cause the program to not
-compile. In earlier releases, this check was often deferred until run
-time. Whenever an error check is moved from run- to compile time,
-erroneous code is caught 100% of the time, whereas before it would only
-get caught if and when the offending portion actually gets executed,
-which for unreachable code might be never.
+=head2 C<qr/\b{wb}/> is now tailored to Perl expectations
+
+This is now more suited to be a drop-in replacement for plain C<\b>, but
+giving better results for parsing natural language. Previously it
+strictly followed the current Unicode rules which calls for it to match
+between each white space character. Now it doesn't generally match
+within spans of white space, behaving like C<\b> does. See
+L<perlrebackslash/\b{wb}>
=head1 Deprecations
[ List each other deprecation as a =head2 entry ]
-=head2 Using code points above the platform's C<IV_MAX> is now
-deprecated
-
-Unicode defines code points in the range C<0..0x10FFFF>. Some standards
-at one time defined them up to 2**31 - 1, but Perl has allowed them to
-be as high as anything that will fit in a word on the platform being
-used. However, use of those above the platform's C<IV_MAX> is broken in
-some constructs, notably C<tr///>, regular expression patterns involving
-quantifiers, and in some arithmetic and comparison operations, such as
-being the upper limit of a loop. Now the use of such code points raises
-a deprecation warning, unless that warning category is turned off.
-C<IV_MAX> is typically 2**31 -1 on 32-bit platforms, and 2**63-1 on
-64-bit ones.
-
-=head2 Doing bitwise operations on strings containing code points above
-0xFF is deprecated
-
-The string bitwise operators treat their operands as strings of bytes,
-and values beyond 0xFF are nonsensical in this context. To operate on
-encoded bytes, first encode the strings. To operate on code points'
-numeric values, use C<split> and C<map ord>. In the future, this
-warning will be replaced by an exception.
-
=head1 Performance Enhancements
XXX Changes which enhance performance without changing behaviour go here.
=item *
-L<B::Deparse> has been upgraded from version 1.35 to 1.36.
-
-Uses of C<< < > >> are now always deparsed as either C<glob()> or
-C<readline()>, and uses of C<glob()> or C<readline()> are never deparsed as
-C<< < > >>. This fixes the deparsing of C<readline ${"a"}>.
-[perl #116677]
-
-=item *
-
-L<Data::Dumper> has been upgraded from version 2.158 to 2.159.
-
-This adds a "Trailingcomma" option, which when enabled adds a trailing comma
-after the last element of dumped arrays and hashes that would otherwise be
-followed immediately by a line break. [perl #126813]
-
-=item *
-
-L<DynaLoader> has been upgraded from version 1.36 to 1.37.
-
-Fixed an else nesting issue in dynamic loading support for OS/390 (and
-similar systems) that was introduced in 1.36.
+L<Module::CoreList> has been upgraded from version 5.20151220 to 5.20160120.
=item *
-L<utf8> has been upgraded from version 1.17 to 1.18.
-
-Partly reverted a micro-optimization to F<lib/utf_heavy.pl> that
-caused self-recursion when it was loaded with C<${^ENCODING}> set.
-[perl #126593]
-
-=item *
-
-The modules L<sigtrap>, L<DB>, and the perl debugger could have under
-rare circumstances, without you expecting it, output containing raw
-control characters. This has been fixed.
+The F<cpan/podlators/> bundle has been upgraded from version 2.28 to 4.04.
=back
=item *
-L<message|perldiag/"Invalid number '%s' for -C option.">
-
-(F) You supplied a number to the -C option that either has extra leading
-zeroes or overflows perl's unsigned integer representation.
-
+XXX L<message|perldiag/"message">
=back
=item *
-XXX Describe change here
+Accessing the C<IO> part of a glob as C<FILEHANDLE> instead of C<IO> is no
+longer deprecated. It is discouraged to encourage uniformity (so that, for
+example, one can grep more easily) but it will not be removed. [perl #127060]
=back
=item *
-F<make_ext.pl> is no longer inappropriately silent. This was caused
-by an operator precedence error introduced in 5.23.4.
+F<Configure> no longer probes for F<libnm> by default. Originally
+this was the "New Math" library, but the name has been re-used by the
+GNOME NetworkManager. [perl #127131]
=back
[ Within the sections, list each platform as a =item entry with specific
changes as paragraphs below it. ]
-=over 4
-
-=item All Solaris now builds shared libperl
-
-Solaris and variants like OpenIndiana now always build with the shared
-Perl library (Configure -Duseshrplib). This was required for the
-OpenIndiana builds, but this has also been the setting for Oracle/Sun
-Perl builds for several years.
-
-=back
-
=head2 New Platforms
XXX List any platforms that this version of perl compiles on, that previous
=over 4
-=item OpenIndiana
+=item XXX-some-platform
-OpenIndiana (continuation of OpenSolaris) builds were not working due
-to problems with the Perl shared library. This should be working now.
-L<[perl #126958]|https://rt.perl.org/Ticket/Display.html?id=126958>
+XXX
=back
=over 4
-=item EBCDIC platforms, such as z/OS
-
-UTF-EBCDIC is like UTF-8, but for EBCDIC platforms. It now has been
-extended so that it can represent code points up to 2 ** 64 - 1 on
-platforms with 64-bit words. This brings it into parity with UTF-8.
-This enhancement requires an incompatible change to the representation
-of code points in the range 2 ** 30 to 2 ** 31 -1 (the latter was the
-previous maximum representable code point). This means that a file that
-contains one of these code points, written out with previous versions of
-perl cannot be read in, without conversion, by a perl containing this
-change. We do not believe any such files are in existence, but if you
-do have one, submit a ticket at L<mailto:perlbug@perl.org>, and we will
-write a conversion script for you.
-
-=item OS X/Darwin
-
-Builds with both -DDEBUGGING and threading enabled would fail with a
-"panic: free from wrong pool" error when built or tested from Terminal
-on OS X. This was caused by perl's internal management of the
-environment conflicting with an atfork handler using the libc
-setenv() function to update the environment.
-
-Perl now uses setenv()/unsetenv() to update the environment on OS X.
-[perl #126240]
-
-=item ppc64el floating point
+=item XXX-some-platform
-The floating point format of ppc64el (Debian naming for little-endian
-PowerPC) is now detected correctly.
+XXX
=back
=item *
-Perl core code and the threads extension have been annotated so that
-if Perl is configured to use threads, during compile-time clang (3.6
-or later) will warn about suspicious uses of mutexes.
-See L<http://clang.llvm.org/docs/ThreadSafetyAnalysis.html> for more
-information.
-
-=item *
-
-The signbit() emulation has been enhanced. This will help older
-and/or more exotic platforms or configurations.
+XXX
=back
=item *
-C</...\G/> no longer crashes on utf8 strings. When C<\G> is a fixed number
-of characters from the start of the regex, perl needs to count back that
-many characters from the current C<pos()> position and start matching from
-there. However, it was counting back bytes rather than characters, which
-could lead to panics on utf8 strings.
-
-=item *
-
-In some cases operators that return integers would return negative
-integers as large positive integers. [perl #126635]
+A regression that allowed undeclared barewords as hash keys to work despite
+strictures has been fixed. [perl #126981]
=item *
-The pipe() operator would assert for DEBUGGING builds instead of
-producing the correct error message. The condition asserted on is
-detected and reported on correctly without the assertions, so the
-assertions were removed. [perl #126480]
+Calls to the placeholder C<&PL_sv_yes> used internally when an
+import() or unimport() method isn't found now correctly handle scalar
+context. [perl #126042]
=item *
-In some cases, failing to parse a here-doc would attempt to use freed
-memory. This was caused by a pointer not being restored correctly.
-[perl #126443]
+Fixed some problems introduced in 5.23.2 with list assignment dealing
+with magic and XS functions returning their arguments. [perl #126633]
=item *
-C<< @x = sort { *a = 0; $a <=> $b } 0 .. 1 >> no longer frees the GP
-for *a before restoring its SV slot. [perl #124097]
+Report more context when we see an array where we expect to see an
+operator and avoid an assertion failure. [perl #123737]
=item *
-Multiple problems with the new hexadecimal floating point printf
-format C<%a> were fixed:
-L<[perl #126582]|https://rt.perl.org/Ticket/Display.html?id=126582>,
-L<[perl #126586]|https://rt.perl.org/Ticket/Display.html?id=126586>,
-L<[perl #126822]|https://rt.perl.org/Ticket/Display.html?id=126822>
+Modifying an array that was previously a package C<@ISA> no longer
+causes assertion failures or crashes. [perl #123788]
=back
XXX Generate this with:
- perl Porting/acknowledgements.pl v5.23.5..HEAD
+ perl Porting/acknowledgements.pl v5.23.6..HEAD
=head1 Reporting Bugs
https://perl5.git.perl.org / perl5.git / blobdiff