openwrt-packages-dist

25723 Commits

1 Branch

46 MiB

Commit Graph

Author	SHA1	Message	Date
Philip Prindeville	4a94479f96	perl: update to 5.26.1 Required changes: * Add qualifying '.' to scripts or to @INC, as appropriate since we're enabling default_inc_excludes_dot; * Add new platform/library definitions like double-double format and locale library functions/headers; * Delete patch 020 as it's been upstreamed; Optional changes: * Instead of using -@rm and having that fail, emit an error message, and be ignored, just use @rm -f instead which will always succeed. Security [CVE-2017-12837] Heap buffer overflow in regular expression compiler Compiling certain regular expression patterns with the case-insensitive modifier could cause a heap buffer overflow and crash perl. This has now been fixed. [perl #131582] [CVE-2017-12883] Buffer over-read in regular expression parser For certain types of syntax error in a regular expression pattern, the error message could either contain the contents of a random, possibly large, chunk of memory, or could crash perl. This has now been fixed. [perl #131598] [CVE-2017-12814] $ENV{$key} stack buffer overflow on Windows A possible stack buffer overflow in the %ENV code on Windows has been fixed by removing the buffer completely since it was superfluous anyway. [perl #131665] Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>	7 years ago
Marcel Denia	afad970139	perl: Switch to split configuration files This replaces the previously used collection of configuration files for every single architecture in conjunction with hacky overrides, which became an increasing burden to maintain. Fixes a number of outstanding bugs and oddities, with the most important one being the previously wrong signal order(as shown by ext/POSIX/t/sigaction.t). See files/perlconfig.pl's POD and files/README.config for details. Signed-off-by: Marcel Denia <naoir@gmx.net>	9 years ago

Author

SHA1

Message

Date

Philip Prindeville

4a94479f96

perl: update to 5.26.1

Required changes:

* Add qualifying '.' to scripts or to @INC, as appropriate since we're
  enabling default_inc_excludes_dot;

* Add new platform/library definitions like double-double format and
  locale library functions/headers;

* Delete patch 020 as it's been upstreamed;

Optional changes:

* Instead of using -@rm and having that fail, emit an error message,
  and be ignored, just use @rm -f instead which will always succeed.

Security
[CVE-2017-12837] Heap buffer overflow in regular expression compiler

Compiling certain regular expression patterns with the case-insensitive
modifier could cause a heap buffer overflow and crash perl. This has
now been fixed. [perl #131582]

[CVE-2017-12883] Buffer over-read in regular expression parser

For certain types of syntax error in a regular expression pattern, the
error message could either contain the contents of a random, possibly
large, chunk of memory, or could crash perl. This has now been fixed.
[perl #131598]

[CVE-2017-12814] $ENV{$key} stack buffer overflow on Windows

A possible stack buffer overflow in the %ENV code on Windows has been
fixed by removing the buffer completely since it was superfluous anyway.
[perl #131665]

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>

7 years ago

Marcel Denia

afad970139

perl: Switch to split configuration files

This replaces the previously used collection of configuration files for every single
architecture in conjunction with hacky overrides, which became an increasing burden to maintain.

Fixes a number of outstanding bugs and oddities, with the most important one being the
previously wrong signal order(as shown by ext/POSIX/t/sigaction.t).

See files/perlconfig.pl's POD and files/README.config for details.

Signed-off-by: Marcel Denia <naoir@gmx.net>

9 years ago

2 Commits (c62586b417cd5b6ccbbd095691f67e138f029477)