perl-5.42.0-160000.2.2

- update to 5.42.0
  * new pragma "source::encoding"
  * new ":writer" attribute on field variables
  * new "any" and "all" operators
  * lexical method declaration using "my method"
  * lexical method invocation operator "->&"
  * switch and Smart Match operator kept, behind a feature
  * unicode 16.0 supported
  * assigning logical xor "^^=" operator
  * many performance enhancements
- drop perl-dirdup.diff (included upstream)

- Replace usage of %jobs for reproducible builds (boo#1237231)
- Add perl-fixed-uname.patch to not store kernel version (boo#1230137)

- update to 5.40.2
  * fix heap buffer overflow with tr// [bsc#1241083] [CVE-2024-56406]

- Drop BerkeleyDB support from core perl [jsc#PED-12413]

- update to 5.40.1
  * fix strftime sometimes crashing if a non-string was used as argument
  * some functions in the builtin:: package would crash when used after
  a tail call
  * fix utf8n_to_uvchr sometimes failing to correctly identify certain
  invalid UTF-8 sequences as invalid.

- Insert manual provide for perl(Getopt::Long) until new version
  transition is done

- move UNIVERSAL.pm into perl-base

- update to 5.40.0
  * New __CLASS__ Keyword
  * :reader attribute for field variables
  * Permit a space in -M command-line option
  * Restrictions to use VERSION declarations
  * New builtin::inf and builtin::nan functions (experimental)
  * New ^^ logical xor operator
  * try/catch feature is no longer experimental
  * for iterating over multiple values at a time is no longer experimental
  * builtin module is no longer experimental
  * The :5.40 feature bundle adds try
  * use v5.40; imports builtin functions
  * CVE-2023-47038 - Write past buffer end via illegal user-defined Unicode property
  * CVE-2023-47039 - Perl for Windows binary hijacking vulnerability
  * reset EXPR now calls set-magic on scalars
  * Calling the import method of an unknown package produces a warning
  * return no longer allows an indirect object
  * Class barewords no longer resolved as file handles in method calls
    under no feature "bareword_filehandles"
  * Using goto to jump from an outer scope into an inner scope is
    deprecated and will be removed completely in Perl 5.42. [GH #21601]
  * The negation OPs have been modified to support the generic TARGMY
    optimization. [GH #21442]
- Refresh perl-5.38.0.diff
- Drop perl-5.18.2-overflow.diff (no longer applicable)
- Drop perl-locale-backport.diff (proper fix in new version)
- Drop old manual package name based perl provides

- Revert commit 7af2d2037375d58e700f9e1b217efb2c4db66133 as suggested
  by upstream perl
  * fixed locale being clobbered by perl [bsc#1220195]
  * new patch: perl-locale-backport.diff

- Fix various security issues in the study_chunk function
  [bnc#1171863] [CVE-2020-10543]
  [bnc#1171864] [CVE-2020-10878]
  [bnc#1171866] [CVE-2020-12723]
  new patch: perl-study.diff
- Comment out bad warning in features.ph file [bnc#1172348]

- Backport perl-fix2020.patch to make timelocal calls work in
  the year 2020 [bnc#1102840] [bnc#1160039]
  new patch: perl-fix2020.patch

- fix heap-based buffer overflow in regex
  [bnc#1114686] [CVE-2018-18314]
  new patch: perl-extended-charclass-assert.diff
- fix heap-buffer-overflow read if regex contains \0 chars
  [bnc#1114681] [CVE-2018-18313]
  new patch: perl-regcomp-strchr-memchr.diff
- fix reg_node overrun
  [bnc#1114675] [CVE-2018-18312]
  new patch: perl-reg-node-overrun.diff
- fix integer overflow with oversize environment
  [bnc#1114674] [CVE-2018-18311]
  new patch: perl-setenv-integer-wrap.diff

- fix Archive::Tar directory traversal vulnerability [bnc#1096718]
  [CVE-2018-12015]
  new patch: perl-archive-tar-dirtrav.diff

- Use %license (boo#1082318)

- posix-sigaction.patch: make sure Perl_sighandler is always installed
  with SA_SIGINFO (bsc#1064697)

- ignore make check transient errors for PowerPC
  that are reported since 20170907
  bypass boo#1063176
  new patch: perl_skip_flaky_tests_powerpc.patch

- Add perl-reproducible.patch to make build reproducible (boo#1047218)

- Replace references to /var/adm/fillup-templates with new
  %_fillupdir macro (boo#1069468)

- update to perl-5.26.1
  * [CVE-2017-12837] Heap buffer overflow in regular expression compiler
  * [CVE-2017-12883] Buffer over-read in regular expression parser
  * tons of bug fixes
- update list of obsoletes

- update to perl-5.26.0
  * "." no longer in @INC
  * "do" may now warn
  * regexp: a literal left brace "{" should be escaped
  * lexical subroutines are no longer experimental
  * indented Here-documents
  * new regular expression modifier /xx
  * declaring a reference to a variable
  * unicode 9.0 is now supported
  * new Hash Function For 64-bit Builds
- rename perl-5.24.0.dif to perl-5.26.0.dif
- remove obsolete perl-avoid-warnings.patch
- remove obsolete Compress-Raw-Zlib-2.071-zlib-1.2.11.patch

- Remove patch from previous commit, does not work:
  * Compress-Raw-Zlib-2.071-Adapt-tests-to-zlib-1.2.11.patch
- Add patch taken from upstream release instead:
  * Compress-Raw-Zlib-2.071-zlib-1.2.11.patch

- Fix building with zlib-1.2.10 (RT#119762):
  * Compress-Raw-Zlib-2.071-Adapt-tests-to-zlib-1.2.11.patch

- Update to perl-5.24.1
  - Di switch is now required for PerlIO debugging output
    Previously PerlIO debugging output would be sent to the file specified
    by the "PERLIO_DEBUG" environment variable if perl wasn't running setuid
    and the -T or -t switches hadn't been parsed yet.
    If perl performed output at a point where it hadn't yet parsed its
    switches this could result in perl creating or overwriting the file
    named by "PERLIO_DEBUG" even when the -T switch had been supplied.
    Perl now requires the -Di switch to produce PerlIO debugging output. By
    default this is written to "stderr", but can optionally be redirected to
    a file by setting the "PERLIO_DEBUG" environment variable.
    If perl is running setuid or the -T switch was supplied "PERLIO_DEBUG"
    is ignored and the debugging output is sent to "stderr" as for any other
  - D switch.
  Core modules and tools no longer search "." for optional modules
    The tools and many modules supplied in core no longer search the default
    current directory entry in @INC for optional modules. For example,
    Storable will remove the final "." from @INC before trying to load
    Log::Agent.
    This prevents an attacker injecting an optional module into a process
    run by another user where the current directory is writable by the
    attacker, e.g. the /tmp directory.
- Refresh patches

- Move parent.pm to perl-base, used by File::Temp

- Add perl-avoid-warnings.patch to fix a warning in cop.h, which
  breaks perf build due to -Werror. Already upstream.

- Update to perl-5.24.0
  * postfix dereferencing is no longer experimental
  * unicode 8.0 is now supported
  * perl will now croak when closing an in-place output file fails
  * new "\b{lb}" boundary in regular expressions
  * qr/(?[ ])/" now works in UTF-8 locales
  * integer shift ("<<" and ">>") now more explicitly defined
  * printf and sprintf now allow reordered precision arguments
  * more fields provided to "sigaction" callback with "SA_SIGINFO"
  * hashbang redirection to Perl 6
  * set proper umask before calling mkstemp(3)
  * fix loss of taint in canonpath
  * remove duplicate environment variables from "environ"
- rename patch perl-5.22.0.dif to perl-5.24.0.dif

- Update to perl-5.22.1
  * Several bugs, including a segmentation fault, have been fixed
    with the bounds checking constructs (introduced in Perl 5.22)
  * Module::CoreList has been upgraded from version 5.20150520 to
    5.20151213.
  * PerlIO::scalar has been upgraded from version 0.22 to 0.23.
  * POSIX has been upgraded from version 1.53 to 1.53_01.
  * Storable has been upgraded from version 2.53 to 2.53_01.
  * warnings has been upgraded from version 1.32 to 1.34.
  * See perldelta.pod for all the changes.
- Update perl-5.22.0.dif stop patching CPAN.pm, it was MacOS only
  and was breaking tests (due to SHA-1 mismatch).

- fix perl_gen_filelist macro to not fail on foo.1 man page

- prevent bad RPM provides for Math::BigInt and DB
  (patch file perl-5.22.0_wrong_rpm_provides.diff)

- Stabilize Socket::VERSION comparisons [bnc#1193489]
  new patch: perl-Stabilize-Socket-VERSION-comparisons.patch

- Split DB_File module into a seperate perl-core-DB_File package
  [jsc#SLE-12212]
  * add Recommends: perl-core-DB_File to the perl package
- Fix build with newer glibc versions
  new patch: perl-saltbits.diff

- do not change the current directory when cloning an open
  directory handle [bnc#1244079] [CVE-2025-40909]
  new patch: perl-dirdup.diff

- fix space calculation issues in pp_pack.c [bnc#1082216]
  [CVE-2018-6913]
  * new patch: perl-pack-overflow.diff
- fix heap buffer overflow in regexec.c [bnc#1082233]
  [CVE-2018-6798]
  new patch: perl-regexec-heap-overflow.diff
- make Net::FTP work with TLS 1.3 [bnc#1213638]
  new patch: perl-net-ftp-tls13.diff

- enable TLS cert verification in CPAN [bnc#1210999] [CVE-2023-31484]
  new patch: perl-cpan_verify_cert.diff

- fix File::Path rmtree/remove_tree race condition
  [bnc#1047178] [CVE-2017-6512]
  new patch: perl-file_path_rmtree_fchmod.diff