summaryrefslogtreecommitdiffstats
path: root/upstream/mageia-cauldron/man1/perl5223delta.1
diff options
context:
space:
mode:
Diffstat (limited to 'upstream/mageia-cauldron/man1/perl5223delta.1')
-rw-r--r--upstream/mageia-cauldron/man1/perl5223delta.1289
1 files changed, 289 insertions, 0 deletions
diff --git a/upstream/mageia-cauldron/man1/perl5223delta.1 b/upstream/mageia-cauldron/man1/perl5223delta.1
new file mode 100644
index 00000000..34bda697
--- /dev/null
+++ b/upstream/mageia-cauldron/man1/perl5223delta.1
@@ -0,0 +1,289 @@
+.\" -*- mode: troff; coding: utf-8 -*-
+.\" Automatically generated by Pod::Man 5.01 (Pod::Simple 3.43)
+.\"
+.\" Standard preamble:
+.\" ========================================================================
+.de Sp \" Vertical space (when we can't use .PP)
+.if t .sp .5v
+.if n .sp
+..
+.de Vb \" Begin verbatim text
+.ft CW
+.nf
+.ne \\$1
+..
+.de Ve \" End verbatim text
+.ft R
+.fi
+..
+.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
+.ie n \{\
+. ds C` ""
+. ds C' ""
+'br\}
+.el\{\
+. ds C`
+. ds C'
+'br\}
+.\"
+.\" Escape single quotes in literal strings from groff's Unicode transform.
+.ie \n(.g .ds Aq \(aq
+.el .ds Aq '
+.\"
+.\" If the F register is >0, we'll generate index entries on stderr for
+.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
+.\" entries marked with X<> in POD. Of course, you'll have to process the
+.\" output yourself in some meaningful fashion.
+.\"
+.\" Avoid warning from groff about undefined register 'F'.
+.de IX
+..
+.nr rF 0
+.if \n(.g .if rF .nr rF 1
+.if (\n(rF:(\n(.g==0)) \{\
+. if \nF \{\
+. de IX
+. tm Index:\\$1\t\\n%\t"\\$2"
+..
+. if !\nF==2 \{\
+. nr % 0
+. nr F 2
+. \}
+. \}
+.\}
+.rr rF
+.\" ========================================================================
+.\"
+.IX Title "PERL5223DELTA 1"
+.TH PERL5223DELTA 1 2023-11-28 "perl v5.38.2" "Perl Programmers Reference Guide"
+.\" For nroff, turn off justification. Always turn off hyphenation; it makes
+.\" way too many mistakes in technical documents.
+.if n .ad l
+.nh
+.SH NAME
+perl5223delta \- what is new for perl v5.22.3
+.SH DESCRIPTION
+.IX Header "DESCRIPTION"
+This document describes differences between the 5.22.2 release and the 5.22.3
+release.
+.PP
+If you are upgrading from an earlier release such as 5.22.1, first read
+perl5222delta, which describes differences between 5.22.1 and 5.22.2.
+.SH Security
+.IX Header "Security"
+.SS "\fB\-Di\fP switch is now required for PerlIO debugging output"
+.IX Subsection "-Di switch is now required for PerlIO debugging output"
+Previously PerlIO debugging output would be sent to the file specified by the
+\&\f(CW\*(C`PERLIO_DEBUG\*(C'\fR environment variable if perl wasn't running setuid and the
+\&\fB\-T\fR or \fB\-t\fR switches hadn't been parsed yet.
+.PP
+If perl performed output at a point where it hadn't yet parsed its switches
+this could result in perl creating or overwriting the file named by
+\&\f(CW\*(C`PERLIO_DEBUG\*(C'\fR even when the \fB\-T\fR switch had been supplied.
+.PP
+Perl now requires the \fB\-Di\fR switch to produce PerlIO debugging output. By
+default this is written to \f(CW\*(C`stderr\*(C'\fR, but can optionally be redirected to a
+file by setting the \f(CW\*(C`PERLIO_DEBUG\*(C'\fR environment variable.
+.PP
+If perl is running setuid or the \fB\-T\fR switch was supplied \f(CW\*(C`PERLIO_DEBUG\*(C'\fR is
+ignored and the debugging output is sent to \f(CW\*(C`stderr\*(C'\fR as for any other \fB\-D\fR
+switch.
+.SS "Core modules and tools no longer search \fI"".""\fP for optional modules"
+.IX Subsection "Core modules and tools no longer search ""."" for optional modules"
+The tools and many modules supplied in core no longer search the default
+current directory entry in \f(CW@INC\fR for optional modules. For
+example, Storable will remove the final \fI"."\fR from \f(CW@INC\fR before trying to
+load Log::Agent.
+.PP
+This prevents an attacker injecting an optional module into a process run by
+another user where the current directory is writable by the attacker, e.g. the
+\&\fI/tmp\fR directory.
+.PP
+In most cases this removal should not cause problems, but difficulties were
+encountered with base, which treats every module name supplied as optional.
+These difficulties have not yet been resolved, so for this release there are no
+changes to base. We hope to have a fix for base in Perl 5.22.4.
+.PP
+To protect your own code from this attack, either remove the default \fI"."\fR
+entry from \f(CW@INC\fR at the start of your script, so:
+.PP
+.Vb 3
+\& #!/usr/bin/perl
+\& use strict;
+\& ...
+.Ve
+.PP
+becomes:
+.PP
+.Vb 4
+\& #!/usr/bin/perl
+\& BEGIN { pop @INC if $INC[\-1] eq \*(Aq.\*(Aq }
+\& use strict;
+\& ...
+.Ve
+.PP
+or for modules, remove \fI"."\fR from a localized \f(CW@INC\fR, so:
+.PP
+.Vb 1
+\& my $can_foo = eval { require Foo; }
+.Ve
+.PP
+becomes:
+.PP
+.Vb 5
+\& my $can_foo = eval {
+\& local @INC = @INC;
+\& pop @INC if $INC[\-1] eq \*(Aq.\*(Aq;
+\& require Foo;
+\& };
+.Ve
+.SH "Incompatible Changes"
+.IX Header "Incompatible Changes"
+Other than the security changes above there are no changes intentionally
+incompatible with Perl 5.22.2. If any exist, they are bugs, and we request
+that you submit a report. See "Reporting Bugs" below.
+.SH "Modules and Pragmata"
+.IX Header "Modules and Pragmata"
+.SS "Updated Modules and Pragmata"
+.IX Subsection "Updated Modules and Pragmata"
+.IP \(bu 4
+Archive::Tar has been upgraded from version 2.04 to 2.04_01.
+.IP \(bu 4
+bignum has been upgraded from version 0.39 to 0.39_01.
+.IP \(bu 4
+CPAN has been upgraded from version 2.11 to 2.11_01.
+.IP \(bu 4
+Digest has been upgraded from version 1.17 to 1.17_01.
+.IP \(bu 4
+Digest::SHA has been upgraded from version 5.95 to 5.95_01.
+.IP \(bu 4
+Encode has been upgraded from version 2.72 to 2.72_01.
+.IP \(bu 4
+ExtUtils::Command has been upgraded from version 1.20 to 1.20_01.
+.IP \(bu 4
+ExtUtils::MakeMaker has been upgraded from version 7.04_01 to 7.04_02.
+.IP \(bu 4
+File::Fetch has been upgraded from version 0.48 to 0.48_01.
+.IP \(bu 4
+File::Spec has been upgraded from version 3.56_01 to 3.56_02.
+.IP \(bu 4
+HTTP::Tiny has been upgraded from version 0.054 to 0.054_01.
+.IP \(bu 4
+IO has been upgraded from version 1.35 to 1.35_01.
+.IP \(bu 4
+The IO-Compress modules have been upgraded from version 2.068 to 2.068_001.
+.IP \(bu 4
+IPC::Cmd has been upgraded from version 0.92 to 0.92_01.
+.IP \(bu 4
+JSON::PP has been upgraded from version 2.27300 to 2.27300_01.
+.IP \(bu 4
+Locale::Maketext has been upgraded from version 1.26 to 1.26_01.
+.IP \(bu 4
+Locale::Maketext::Simple has been upgraded from version 0.21 to 0.21_01.
+.IP \(bu 4
+Memoize has been upgraded from version 1.03 to 1.03_01.
+.IP \(bu 4
+Module::CoreList has been upgraded from version 5.20160429 to 5.20170114_22.
+.IP \(bu 4
+Net::Ping has been upgraded from version 2.43 to 2.43_01.
+.IP \(bu 4
+Parse::CPAN::Meta has been upgraded from version 1.4414 to 1.4414_001.
+.IP \(bu 4
+Pod::Html has been upgraded from version 1.22 to 1.2201.
+.IP \(bu 4
+Pod::Perldoc has been upgraded from version 3.25 to 3.25_01.
+.IP \(bu 4
+Storable has been upgraded from version 2.53_01 to 2.53_02.
+.IP \(bu 4
+Sys::Syslog has been upgraded from version 0.33 to 0.33_01.
+.IP \(bu 4
+Test has been upgraded from version 1.26 to 1.26_01.
+.IP \(bu 4
+Test::Harness has been upgraded from version 3.35 to 3.35_01.
+.IP \(bu 4
+XSLoader has been upgraded from version 0.20 to 0.20_01, fixing a security
+hole in which binary files could be loaded from a path outside of \f(CW@INC\fR.
+[GH #15418] <https://github.com/Perl/perl5/issues/15418>
+.SH Documentation
+.IX Header "Documentation"
+.SS "Changes to Existing Documentation"
+.IX Subsection "Changes to Existing Documentation"
+\fIperlapio\fR
+.IX Subsection "perlapio"
+.IP \(bu 4
+The documentation of \f(CW\*(C`PERLIO_DEBUG\*(C'\fR has been updated.
+.PP
+\fIperlrun\fR
+.IX Subsection "perlrun"
+.IP \(bu 4
+The new \fB\-Di\fR switch has been documented, and the documentation of
+\&\f(CW\*(C`PERLIO_DEBUG\*(C'\fR has been updated.
+.SH Testing
+.IX Header "Testing"
+.IP \(bu 4
+A new test script, \fIt/run/switchDx.t\fR, has been added to test that the new
+\&\fB\-Di\fR switch is working correctly.
+.SH "Selected Bug Fixes"
+.IX Header "Selected Bug Fixes"
+.IP \(bu 4
+The \f(CW\*(C`PadlistNAMES\*(C'\fR macro is an lvalue again.
+.SH Acknowledgements
+.IX Header "Acknowledgements"
+Perl 5.22.3 represents approximately 9 months of development since Perl 5.22.2
+and contains approximately 4,400 lines of changes across 240 files from 20
+authors.
+.PP
+Excluding auto-generated files, documentation and release tools, there were
+approximately 2,200 lines of changes to 170 .pm, .t, .c and .h files.
+.PP
+Perl continues to flourish into its third decade thanks to a vibrant community
+of users and developers. The following people are known to have contributed
+the improvements that became Perl 5.22.3:
+.PP
+Aaron Crane, Abigail, Alex Vandiver, Aristotle Pagaltzis, Chad Granum, Chris
+\&'BinGOs' Williams, Craig A. Berry, David Mitchell, Father Chrysostomos, James E
+Keenan, Jarkko Hietaniemi, Karen Etheridge, Karl Williamson, Matthew Horsfall,
+Niko Tyni, Ricardo Signes, Sawyer X, Stevan Little, Steve Hay, Tony Cook.
+.PP
+The list above is almost certainly incomplete as it is automatically generated
+from version control history. In particular, it does not include the names of
+the (very much appreciated) contributors who reported issues to the Perl bug
+tracker.
+.PP
+Many of the changes included in this version originated in the CPAN modules
+included in Perl's core. We're grateful to the entire CPAN community for
+helping Perl to flourish.
+.PP
+For a more complete list of all of Perl's historical contributors, please see
+the \fIAUTHORS\fR file in the Perl source distribution.
+.SH "Reporting Bugs"
+.IX Header "Reporting Bugs"
+If you find what you think is a bug, you might check the articles recently
+posted to the comp.lang.perl.misc newsgroup and the Perl bug database at
+https://rt.perl.org/ . There may also be information at http://www.perl.org/ ,
+the Perl Home Page.
+.PP
+If you believe you have an unreported bug, please run the perlbug program
+included with your release. Be sure to trim your bug down to a tiny but
+sufficient test case. Your bug report, along with the output of \f(CW\*(C`perl \-V\*(C'\fR,
+will be sent off to perlbug@perl.org to be analysed by the Perl porting team.
+.PP
+If the bug you are reporting has security implications, which make it
+inappropriate to send to a publicly archived mailing list, then please send it
+to perl5\-security\-report@perl.org. This points to a closed subscription
+unarchived mailing list, which includes all the core committers, who will be
+able to help assess the impact of issues, figure out a resolution, and help
+co-ordinate the release of patches to mitigate or fix the problem across all
+platforms on which Perl is supported. Please only use this address for
+security issues in the Perl core, not for modules independently distributed on
+CPAN.
+.SH "SEE ALSO"
+.IX Header "SEE ALSO"
+The \fIChanges\fR file for an explanation of how to view exhaustive details on
+what changed.
+.PP
+The \fIINSTALL\fR file for how to build Perl.
+.PP
+The \fIREADME\fR file for general stuff.
+.PP
+The \fIArtistic\fR and \fICopying\fR files for copyright information.
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-01 02:00:32 +0000