-
perl (5.26.2-7ubuntu0.1) cosmic-security; urgency=medium
* SECURITY UPDATE: Integer overflow leading to buffer overflow
- debian/patches/fixes/CVE-2018-18311.patch: handle integer wrap in
util.c.
- CVE-2018-18311
* SECURITY UPDATE: Heap-buffer-overflow write / reg_node overrun
- debian/patches/fixes/CVE-2018-18312.patch: fix logic in regcomp.c.
- CVE-2018-18312
* SECURITY UPDATE: Heap-buffer-overflow read
- debian/patches/fixes/CVE-2018-18313.patch: convert some strchr to
memchr in regcomp.c.
- CVE-2018-18313
* SECURITY UPDATE: Heap-based buffer overflow
- debian/patches/fixes/CVE-2018-18314.patch: fix extended charclass in
pod/perldiag.pod, pod/perlrecharclass.pod, regcomp.c,
t/lib/warnings/regcomp, t/re/reg_mesg.t, t/re/regex_sets.t.
- CVE-2018-18314
-- Marc Deslauriers <email address hidden> Mon, 19 Nov 2018 10:05:42 -0500
-
perl (5.26.2-7) unstable; urgency=medium
* Temporarily skip GDBM_File fatal.t for gdbm >= 1.15 compatibility.
(Closes: #904005)
-- Niko Tyni <email address hidden> Sun, 12 Aug 2018 11:26:41 +0300
-
perl (5.26.2-6) unstable; urgency=high
* [SECURITY] CVE-2018-12015: fix directory traversal vulnerability
in Archive-Tar (Closes: #900834)
-- Dominic Hargreaves <email address hidden> Sat, 09 Jun 2018 13:38:44 +0100
-
perl (5.26.2-5) unstable; urgency=medium
[ Dominic Hargreaves ]
* Remove Breaks and Conflicts entries relating to packages which were
fixed in oldstable or before
[ Niko Tyni ]
* autopkgtest improvements:
+ add a missing Testsuite header
+ run a syntax check on (almost) all the Perl modules we ship
+ verify that perl-base stays self contained
* Move Provides entries from libperl5.26 and perl-modules-5.26 to perl.
(Closes: #899110)
-- Niko Tyni <email address hidden> Sat, 19 May 2018 19:05:17 +0300
-
perl (5.26.2-4) unstable; urgency=medium
* Add cross build support files for riscv64.
* Add Breaks/Replaces/Provides for libb-debug-perl.
* Add rudimentary autopkgtest regression checks. (Closes: #782760)
-- Niko Tyni <email address hidden> Fri, 18 May 2018 17:13:34 +0300
-
perl (5.26.2-3) unstable; urgency=medium
[ Dominic Hargreaves ]
* Update Vcs-* fields to point to salsa
[ Niko Tyni ]
* Refresh cross build support files for most Debian architectures.
(Closes: #895992)
* Increase test timeout of t/re/fold_grind.t on riscv64.
(Closes: #896827)
-- Niko Tyni <email address hidden> Wed, 25 Apr 2018 19:55:24 +0300
-
perl (5.26.1-6) unstable; urgency=high
* [SECURITY] CVE-2018-6797: buffer overflow related to regex
unicode semantics.
* [SECURITY] CVE-2018-6798: heap buffer overflow when matching
malformed UTF-8 characters.
* [SECURITY] CVE-2018-6913: heap buffer overflow with large data blocks.
-- Niko Tyni <email address hidden> Sat, 10 Mar 2018 20:40:42 +0200
