* Tue Jun 09 2020 mls@suse.de
- Fix various security issues in the study_chunk function
[bnc#1171863] [CVE-2020-10543]
[bnc#1171864] [CVE-2020-10878]
[bnc#1171866] [CVE-2020-12723]
new patch: perl-study.diff
- Comment out bad warning in features.ph file [bnc#1172348]
* Wed May 10 2017 mpluskal@suse.com
- Fix building with zlib-1.2.10 (RT#119762):
* Compress-Raw-Zlib-2.071-Adapt-tests-to-zlib-1.2.11.patch
* Wed May 03 2017 coolo@suse.com
- Update to perl-5.24.1
- Di switch is now required for PerlIO debugging output
Previously PerlIO debugging output would be sent to the file specified
by the "PERLIO_DEBUG" environment variable if perl wasn't running setuid
and the -T or -t switches hadn't been parsed yet.
If perl performed output at a point where it hadn't yet parsed its
switches this could result in perl creating or overwriting the file
named by "PERLIO_DEBUG" even when the -T switch had been supplied.
Perl now requires the -Di switch to produce PerlIO debugging output. By
default this is written to "stderr", but can optionally be redirected to
a file by setting the "PERLIO_DEBUG" environment variable.
If perl is running setuid or the -T switch was supplied "PERLIO_DEBUG"
is ignored and the debugging output is sent to "stderr" as for any other
- D switch.
Core modules and tools no longer search "." for optional modules
The tools and many modules supplied in core no longer search the default
current directory entry in @INC for optional modules. For example,
Storable will remove the final "." from @INC before trying to load
Log::Agent.
This prevents an attacker injecting an optional module into a process
run by another user where the current directory is writable by the
attacker, e.g. the /tmp directory.
- Refresh patches
* Sun Jun 26 2016 schwab@suse.de
- Move parent.pm to perl-base, used by File::Temp
* Thu Jun 02 2016 idonmez@suse.com
- Add perl-avoid-warnings.patch to fix a warning in cop.h, which
breaks perf build due to -Werror. Already upstream.
* Tue May 10 2016 mls@suse.de
- Update to perl-5.24.0
* postfix dereferencing is no longer experimental
* unicode 8.0 is now supported
* perl will now croak when closing an in-place output file fails
* new "\b{lb}" boundary in regular expressions
* qr/(?[ ])/" now works in UTF-8 locales
* integer shift ("<<" and ">>") now more explicitly defined
* printf and sprintf now allow reordered precision arguments
* more fields provided to "sigaction" callback with "SA_SIGINFO"
* hashbang redirection to Perl 6
* set proper umask before calling mkstemp(3)
* fix loss of taint in canonpath
* remove duplicate environment variables from "environ"
- rename patch perl-5.22.0.dif to perl-5.24.0.dif
* Fri Feb 12 2016 idonmez@suse.com
- Update to perl-5.22.1
* Several bugs, including a segmentation fault, have been fixed
with the bounds checking constructs (introduced in Perl 5.22)
* Module::CoreList has been upgraded from version 5.20150520 to
5.20151213.
* PerlIO::scalar has been upgraded from version 0.22 to 0.23.
* POSIX has been upgraded from version 1.53 to 1.53_01.
* Storable has been upgraded from version 2.53 to 2.53_01.
* warnings has been upgraded from version 1.32 to 1.34.
* See perldelta.pod for all the changes.
- Update perl-5.22.0.dif stop patching CPAN.pm, it was MacOS only
and was breaking tests (due to SHA-1 mismatch).
* Thu Jan 07 2016 bwiedemann@suse.com
- fix perl_gen_filelist macro to not fail on foo.1 man page
* Mon Dec 07 2015 opensuse@dstoecker.de
- prevent bad RPM provides for Math::BigInt and DB
(patch file perl-5.22.0_wrong_rpm_provides.diff)