#
1.35 |
|
14-May-2024 |
afresh1 |
Fix merge issues, remove excess files - match perl-5.38.2 dist
ok gkoehler@ Commit and we'll fix fallout bluhm@ Right away, please deraadt@
|
Revision tags: OPENBSD_7_5_BASE
|
#
1.34 |
|
26-Nov-2023 |
afresh1 |
Fix read/write past buffer end
From upstream commit:
From 7047915eef37fccd93e7cd985c29fe6be54650b6 Mon Sep 17 00:00:00 2001 From: Karl Williamson <khw@cpan.org> Date: Sat, 9 Sep 2023 11:59:09 -0600 Subject: [PATCH] Fix read/write past buffer end: perl-security#140
A package name may be specified in a \p{...} regular expression construct. If unspecified, "utf8::" is assumed, which is the package all official Unicode properties are in. By specifying a different package, one can create a user-defined property with the same unqualified name as a Unicode one. Such a property is defined by a sub whose name begins with "Is" or "In", and if the sub wishes to refer to an official Unicode property, it must explicitly specify the "utf8::". S_parse_uniprop_string() is used to parse the interior of both \p{} and the user-defined sub lines.
In S_parse_uniprop_string(), it parses the input "name" parameter, creating a modified copy, "lookup_name", malloc'ed with the same size as "name". The modifications are essentially to create a canonicalized version of the input, with such things as extraneous white-space stripped off. I found it convenient to strip off the package specifier "utf8::". To to so, the code simply pretends "lookup_name" begins just after the "utf8::", and adjusts various other values to compensate. However, it missed the adjustment of one required one.
This is only a problem when the property name begins with "perl" and isn't "perlspace" nor "perlword". All such ones are undocumented internal properties.
What happens in this case is that the input is reparsed with slightly different rules in effect as to what is legal versus illegal. The problem is that "lookup_name" no longer is pointing to its initial value, but "name" is. Thus the space allocated for filling "lookup_name" is now shorter than "name", and as this shortened "lookup_name" is filled by copying suitable portions of "name", the write can be to unallocated space.
The solution is to skip the "utf8::" when reparsing "name". Then both "lookup_name" and "name" are effectively shortened by the same amount, and there is no going off the end.
This commit also does white-space adjustment so that things align vertically for readability.
|
Revision tags: OPENBSD_7_3_BASE OPENBSD_7_4_BASE
|
#
1.33 |
|
15-Feb-2023 |
afresh1 |
branches: 1.33.2; 1.33.4; Apply local patches - perl-5.36.0
OK bluhm@ a good time naddy@
|
#
1.32 |
|
15-Feb-2023 |
afresh1 |
Fix merge issues, remove excess files - match perl-5.36.0 dist
OK bluhm@ a good time naddy@
|
Revision tags: OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE OPENBSD_7_2_BASE
|
#
1.31 |
|
01-Mar-2021 |
afresh1 |
Fix merge issues, remove excess files - match perl-5.32.1 dist
OK sthen@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.30 |
|
01-Jun-2020 |
afresh1 |
Fix various overflows and state corruption in perl
Found by: ManhND of The Tarantula Team, VinCSS (a member of Vingroup), Hugo van der Sanden, Slaven Rezic, and Sergey Aleynikov Fixed by: John Lightsey, Hugo van der Sanden, and Karl Williamson
Addresses: * CVE-2020-10543 * CVE-2020-10878 * CVE-2020-12723
|
Revision tags: OPENBSD_6_7_BASE
|
#
1.29 |
|
09-Apr-2020 |
afresh1 |
branches: 1.29.4; Update perl to 5.30.2
https://metacpan.org/pod/release/SHAY/perl-5.30.2/pod/perldelta.pod
Incompatible Changes There are no changes intentionally incompatible with 5.30.0.
Updated Modules and Pragmata * Compress::Raw::Bzip2 has been upgraded from version 2.084 to 2.089. * Module::CoreList has been upgraded from version 5.20191110 to 5.20200314.
Selected Bug Fixes * printf() or sprintf() with the %n format no longer cause a panic on debugging builds, or report an incorrectly cached length value when producing SVfUTF8 flagged strings. * A memory leak in regular expression patterns has been fixed. * A read beyond buffer in grok_infnan has been fixed. * An assertion failure in the regular expression engine has been fixed. * (?{...}) eval groups in regular expressions no longer unintentionally trigger "EVAL without pos change exceeded limit in regex".
Proceed when you feel comfortable. deraadt@
|
#
1.28 |
|
30-Dec-2019 |
afresh1 |
Fix merge issues, remove excess files - match perl-5.30.1 dist
Timing is good deraadt@, OK sthen@
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE
|
#
1.27 |
|
13-Feb-2019 |
afresh1 |
branches: 1.27.4; Fix merge issues, remove excess files - match perl-5.28.1 dist
looking good sthen@, Great! bluhm@
|
#
1.26 |
|
29-Nov-2018 |
afresh1 |
Fix various overflows in perl
Addresses: * CVE-2018-18311 (Perl RT #133204) * CVE-2018-18312 (Perl RT #133423) * CVE-2018-18313 (Perl RT #133192) * CVE-2018-18314 (Perl RT #131649)
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.25 |
|
14-Apr-2018 |
afresh1 |
branches: 1.25.2; Correct heap overflow bugs in perl
* RT #131844: [CVE-2018-6913] heap-buffer-overflow in S_pack_rec
Reported by GwanYeong Kim, fixed by Tony Cook.
* RT #132063: [CVE-2018-6798] Heap-buffer-overflow in Perl__byte_dump_string (utf8.c)
Reported by Nguyen Duc Manh, fixed by Karl Williamson, Yves Orton, and Tony Cook.
* RT #132227: [CVE-2018-6797] heap-buffer-overflow (WRITE of size 1) in S_regatom (regcomp.c)
Reported by Brian Carpenter, fixed by Yves Orton, Karl Williamson, and Tony Cook.
Many thanks to deraadt@ tj@ bluhm@ tb@ robert@
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.24 |
|
29-Oct-2017 |
afresh1 |
branches: 1.24.2; Fix merge issues, remove excess files - match perl-5.24.3 dist
ok bluhm@
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.23 |
|
22-Sep-2017 |
afresh1 |
branches: 1.23.4; A buffer over-read and heap overflow in perl's regexp may result in a crash or memory leak.
Fixes * CVE-2017-12883 (Buffer over-read) * CVE-2017-12837 (Heap overflow when compiling case-insensitive regexp)
Patches by Karl Williamson
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.22 |
|
05-Feb-2017 |
afresh1 |
branches: 1.22.4; Fix merge issues, remove excess files - match perl-5.24.1 dist
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.21 |
|
03-Jul-2016 |
afresh1 |
branches: 1.21.4; Update to perl 5.20.3
OK bluhm@
|
Revision tags: OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.20 |
|
25-Apr-2015 |
afresh1 |
Fix merge issues, remove excess files - match perl-5.20.2 dist
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.19 |
|
17-Nov-2014 |
afresh1 |
Fix merge conflicts, remove extra files, match upstream perl-5.20.1
ok deraadt@ sthen@ espie@ miod@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.18 |
|
24-Mar-2014 |
afresh1 |
Merge perl-5.18.2 plus local patches, remove old files
OK espie@ sthen@ deraadt@
|
Revision tags: OPENBSD_5_4_BASE OPENBSD_5_5_BASE
|
#
1.17 |
|
25-Mar-2013 |
sthen |
merge/resolve conflicts (some more to do after this one)
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.16 |
|
24-Sep-2010 |
millert |
merge in perl 5.12.2 plus local changes
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.15 |
|
03-Nov-2009 |
jasper |
- apply fix from upstream git for CVE-2009-3626, which could cause perl to crash on certain invalid UTF-8 codes.
ok millert@ sthen@
|
#
1.14 |
|
12-Oct-2009 |
millert |
Merge in perl 5.10.1
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.13 |
|
29-Sep-2008 |
millert |
fix conflicts and merge in local changes to perl 5.10.0
|
Revision tags: OPENBSD_4_3_BASE OPENBSD_4_4_BASE
|
#
1.12 |
|
07-Nov-2007 |
millert |
Fix potential heap overflow given a specially crafted regexp. From Tavis Ormandy; adapted from fixes in the perl 5.9.x codebase.
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE
|
#
1.11 |
|
28-Mar-2006 |
millert |
merge in perl 5.8.8
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE
|
#
1.10 |
|
15-Jan-2005 |
millert |
sync in-tree perl with 5.8.6
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.9 |
|
09-Aug-2004 |
millert |
merge 5.8.5 into HEAD remove now-unused files crank libperl shared library major number update Makefile.bsd-wrapper tweak openbsd hints file for arm and m68k
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.8 |
|
03-Dec-2003 |
millert |
Resolve conflicts for perl 5.8.2, remove old files, and add OpenBSD-specific scaffolding
|
Revision tags: OPENBSD_3_3_BASE OPENBSD_3_4_BASE
|
#
1.7 |
|
06-Jan-2003 |
miod |
syncronous -> synchronous
|
#
1.6 |
|
27-Oct-2002 |
millert |
Resolve conflicts, remove old files, merge local changes
|
Revision tags: OPENBSD_3_0_BASE OPENBSD_3_1_BASE OPENBSD_3_2_BASE
|
#
1.5 |
|
24-May-2001 |
millert |
merge in perl 5.6.1 with our local changes
|
Revision tags: OPENBSD_2_7_BASE OPENBSD_2_8_BASE OPENBSD_2_9_BASE
|
#
1.4 |
|
06-Apr-2000 |
millert |
perl-5.6.0 + local changes
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.3 |
|
29-Apr-1999 |
millert |
perl5.005_03 (stock)
|
Revision tags: OPENBSD_2_3_BASE OPENBSD_2_4_BASE OPENBSD_2_5_BASE
|
#
1.2 |
|
30-Nov-1997 |
millert |
perl 5.004_04
|
#
1.1 |
|
19-Aug-1996 |
downsj |
branches: 1.1.1; Initial revision
|
#
1.34 |
|
26-Nov-2023 |
afresh1 |
Fix read/write past buffer end
From upstream commit:
From 7047915eef37fccd93e7cd985c29fe6be54650b6 Mon Sep 17 00:00:00 2001 From: Karl Williamson <khw@cpan.org> Date: Sat, 9 Sep 2023 11:59:09 -0600 Subject: [PATCH] Fix read/write past buffer end: perl-security#140
A package name may be specified in a \p{...} regular expression construct. If unspecified, "utf8::" is assumed, which is the package all official Unicode properties are in. By specifying a different package, one can create a user-defined property with the same unqualified name as a Unicode one. Such a property is defined by a sub whose name begins with "Is" or "In", and if the sub wishes to refer to an official Unicode property, it must explicitly specify the "utf8::". S_parse_uniprop_string() is used to parse the interior of both \p{} and the user-defined sub lines.
In S_parse_uniprop_string(), it parses the input "name" parameter, creating a modified copy, "lookup_name", malloc'ed with the same size as "name". The modifications are essentially to create a canonicalized version of the input, with such things as extraneous white-space stripped off. I found it convenient to strip off the package specifier "utf8::". To to so, the code simply pretends "lookup_name" begins just after the "utf8::", and adjusts various other values to compensate. However, it missed the adjustment of one required one.
This is only a problem when the property name begins with "perl" and isn't "perlspace" nor "perlword". All such ones are undocumented internal properties.
What happens in this case is that the input is reparsed with slightly different rules in effect as to what is legal versus illegal. The problem is that "lookup_name" no longer is pointing to its initial value, but "name" is. Thus the space allocated for filling "lookup_name" is now shorter than "name", and as this shortened "lookup_name" is filled by copying suitable portions of "name", the write can be to unallocated space.
The solution is to skip the "utf8::" when reparsing "name". Then both "lookup_name" and "name" are effectively shortened by the same amount, and there is no going off the end.
This commit also does white-space adjustment so that things align vertically for readability.
|
Revision tags: OPENBSD_7_3_BASE OPENBSD_7_4_BASE
|
#
1.33 |
|
15-Feb-2023 |
afresh1 |
Apply local patches - perl-5.36.0
OK bluhm@ a good time naddy@
|
#
1.32 |
|
15-Feb-2023 |
afresh1 |
Fix merge issues, remove excess files - match perl-5.36.0 dist
OK bluhm@ a good time naddy@
|
Revision tags: OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE OPENBSD_7_2_BASE
|
#
1.31 |
|
01-Mar-2021 |
afresh1 |
Fix merge issues, remove excess files - match perl-5.32.1 dist
OK sthen@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.30 |
|
01-Jun-2020 |
afresh1 |
Fix various overflows and state corruption in perl
Found by: ManhND of The Tarantula Team, VinCSS (a member of Vingroup), Hugo van der Sanden, Slaven Rezic, and Sergey Aleynikov Fixed by: John Lightsey, Hugo van der Sanden, and Karl Williamson
Addresses: * CVE-2020-10543 * CVE-2020-10878 * CVE-2020-12723
|
Revision tags: OPENBSD_6_7_BASE
|
#
1.29 |
|
09-Apr-2020 |
afresh1 |
branches: 1.29.4; Update perl to 5.30.2
https://metacpan.org/pod/release/SHAY/perl-5.30.2/pod/perldelta.pod
Incompatible Changes There are no changes intentionally incompatible with 5.30.0.
Updated Modules and Pragmata * Compress::Raw::Bzip2 has been upgraded from version 2.084 to 2.089. * Module::CoreList has been upgraded from version 5.20191110 to 5.20200314.
Selected Bug Fixes * printf() or sprintf() with the %n format no longer cause a panic on debugging builds, or report an incorrectly cached length value when producing SVfUTF8 flagged strings. * A memory leak in regular expression patterns has been fixed. * A read beyond buffer in grok_infnan has been fixed. * An assertion failure in the regular expression engine has been fixed. * (?{...}) eval groups in regular expressions no longer unintentionally trigger "EVAL without pos change exceeded limit in regex".
Proceed when you feel comfortable. deraadt@
|
#
1.28 |
|
30-Dec-2019 |
afresh1 |
Fix merge issues, remove excess files - match perl-5.30.1 dist
Timing is good deraadt@, OK sthen@
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE
|
#
1.27 |
|
13-Feb-2019 |
afresh1 |
branches: 1.27.4; Fix merge issues, remove excess files - match perl-5.28.1 dist
looking good sthen@, Great! bluhm@
|
#
1.26 |
|
29-Nov-2018 |
afresh1 |
Fix various overflows in perl
Addresses: * CVE-2018-18311 (Perl RT #133204) * CVE-2018-18312 (Perl RT #133423) * CVE-2018-18313 (Perl RT #133192) * CVE-2018-18314 (Perl RT #131649)
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.25 |
|
14-Apr-2018 |
afresh1 |
branches: 1.25.2; Correct heap overflow bugs in perl
* RT #131844: [CVE-2018-6913] heap-buffer-overflow in S_pack_rec
Reported by GwanYeong Kim, fixed by Tony Cook.
* RT #132063: [CVE-2018-6798] Heap-buffer-overflow in Perl__byte_dump_string (utf8.c)
Reported by Nguyen Duc Manh, fixed by Karl Williamson, Yves Orton, and Tony Cook.
* RT #132227: [CVE-2018-6797] heap-buffer-overflow (WRITE of size 1) in S_regatom (regcomp.c)
Reported by Brian Carpenter, fixed by Yves Orton, Karl Williamson, and Tony Cook.
Many thanks to deraadt@ tj@ bluhm@ tb@ robert@
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.24 |
|
29-Oct-2017 |
afresh1 |
branches: 1.24.2; Fix merge issues, remove excess files - match perl-5.24.3 dist
ok bluhm@
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.23 |
|
22-Sep-2017 |
afresh1 |
branches: 1.23.4; A buffer over-read and heap overflow in perl's regexp may result in a crash or memory leak.
Fixes * CVE-2017-12883 (Buffer over-read) * CVE-2017-12837 (Heap overflow when compiling case-insensitive regexp)
Patches by Karl Williamson
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.22 |
|
05-Feb-2017 |
afresh1 |
branches: 1.22.4; Fix merge issues, remove excess files - match perl-5.24.1 dist
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.21 |
|
03-Jul-2016 |
afresh1 |
branches: 1.21.4; Update to perl 5.20.3
OK bluhm@
|
Revision tags: OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.20 |
|
25-Apr-2015 |
afresh1 |
Fix merge issues, remove excess files - match perl-5.20.2 dist
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.19 |
|
17-Nov-2014 |
afresh1 |
Fix merge conflicts, remove extra files, match upstream perl-5.20.1
ok deraadt@ sthen@ espie@ miod@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.18 |
|
24-Mar-2014 |
afresh1 |
Merge perl-5.18.2 plus local patches, remove old files
OK espie@ sthen@ deraadt@
|
Revision tags: OPENBSD_5_4_BASE OPENBSD_5_5_BASE
|
#
1.17 |
|
25-Mar-2013 |
sthen |
merge/resolve conflicts (some more to do after this one)
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.16 |
|
24-Sep-2010 |
millert |
merge in perl 5.12.2 plus local changes
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.15 |
|
03-Nov-2009 |
jasper |
- apply fix from upstream git for CVE-2009-3626, which could cause perl to crash on certain invalid UTF-8 codes.
ok millert@ sthen@
|
#
1.14 |
|
12-Oct-2009 |
millert |
Merge in perl 5.10.1
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.13 |
|
29-Sep-2008 |
millert |
fix conflicts and merge in local changes to perl 5.10.0
|
Revision tags: OPENBSD_4_3_BASE OPENBSD_4_4_BASE
|
#
1.12 |
|
07-Nov-2007 |
millert |
Fix potential heap overflow given a specially crafted regexp. From Tavis Ormandy; adapted from fixes in the perl 5.9.x codebase.
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE
|
#
1.11 |
|
28-Mar-2006 |
millert |
merge in perl 5.8.8
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE
|
#
1.10 |
|
15-Jan-2005 |
millert |
sync in-tree perl with 5.8.6
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.9 |
|
09-Aug-2004 |
millert |
merge 5.8.5 into HEAD remove now-unused files crank libperl shared library major number update Makefile.bsd-wrapper tweak openbsd hints file for arm and m68k
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.8 |
|
03-Dec-2003 |
millert |
Resolve conflicts for perl 5.8.2, remove old files, and add OpenBSD-specific scaffolding
|
Revision tags: OPENBSD_3_3_BASE OPENBSD_3_4_BASE
|
#
1.7 |
|
06-Jan-2003 |
miod |
syncronous -> synchronous
|
#
1.6 |
|
27-Oct-2002 |
millert |
Resolve conflicts, remove old files, merge local changes
|
Revision tags: OPENBSD_3_0_BASE OPENBSD_3_1_BASE OPENBSD_3_2_BASE
|
#
1.5 |
|
24-May-2001 |
millert |
merge in perl 5.6.1 with our local changes
|
Revision tags: OPENBSD_2_7_BASE OPENBSD_2_8_BASE OPENBSD_2_9_BASE
|
#
1.4 |
|
06-Apr-2000 |
millert |
perl-5.6.0 + local changes
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.3 |
|
29-Apr-1999 |
millert |
perl5.005_03 (stock)
|
Revision tags: OPENBSD_2_3_BASE OPENBSD_2_4_BASE OPENBSD_2_5_BASE
|
#
1.2 |
|
30-Nov-1997 |
millert |
perl 5.004_04
|
#
1.1 |
|
19-Aug-1996 |
downsj |
branches: 1.1.1; Initial revision
|
#
1.33 |
|
15-Feb-2023 |
afresh1 |
Apply local patches - perl-5.36.0
OK bluhm@ a good time naddy@
|
#
1.32 |
|
15-Feb-2023 |
afresh1 |
Fix merge issues, remove excess files - match perl-5.36.0 dist
OK bluhm@ a good time naddy@
|
Revision tags: OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE OPENBSD_7_2_BASE
|
#
1.31 |
|
01-Mar-2021 |
afresh1 |
Fix merge issues, remove excess files - match perl-5.32.1 dist
OK sthen@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.30 |
|
01-Jun-2020 |
afresh1 |
Fix various overflows and state corruption in perl
Found by: ManhND of The Tarantula Team, VinCSS (a member of Vingroup), Hugo van der Sanden, Slaven Rezic, and Sergey Aleynikov Fixed by: John Lightsey, Hugo van der Sanden, and Karl Williamson
Addresses: * CVE-2020-10543 * CVE-2020-10878 * CVE-2020-12723
|
Revision tags: OPENBSD_6_7_BASE
|
#
1.29 |
|
09-Apr-2020 |
afresh1 |
branches: 1.29.4; Update perl to 5.30.2
https://metacpan.org/pod/release/SHAY/perl-5.30.2/pod/perldelta.pod
Incompatible Changes There are no changes intentionally incompatible with 5.30.0.
Updated Modules and Pragmata * Compress::Raw::Bzip2 has been upgraded from version 2.084 to 2.089. * Module::CoreList has been upgraded from version 5.20191110 to 5.20200314.
Selected Bug Fixes * printf() or sprintf() with the %n format no longer cause a panic on debugging builds, or report an incorrectly cached length value when producing SVfUTF8 flagged strings. * A memory leak in regular expression patterns has been fixed. * A read beyond buffer in grok_infnan has been fixed. * An assertion failure in the regular expression engine has been fixed. * (?{...}) eval groups in regular expressions no longer unintentionally trigger "EVAL without pos change exceeded limit in regex".
Proceed when you feel comfortable. deraadt@
|
#
1.28 |
|
30-Dec-2019 |
afresh1 |
Fix merge issues, remove excess files - match perl-5.30.1 dist
Timing is good deraadt@, OK sthen@
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE
|
#
1.27 |
|
13-Feb-2019 |
afresh1 |
branches: 1.27.4; Fix merge issues, remove excess files - match perl-5.28.1 dist
looking good sthen@, Great! bluhm@
|
#
1.26 |
|
29-Nov-2018 |
afresh1 |
Fix various overflows in perl
Addresses: * CVE-2018-18311 (Perl RT #133204) * CVE-2018-18312 (Perl RT #133423) * CVE-2018-18313 (Perl RT #133192) * CVE-2018-18314 (Perl RT #131649)
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.25 |
|
14-Apr-2018 |
afresh1 |
branches: 1.25.2; Correct heap overflow bugs in perl
* RT #131844: [CVE-2018-6913] heap-buffer-overflow in S_pack_rec
Reported by GwanYeong Kim, fixed by Tony Cook.
* RT #132063: [CVE-2018-6798] Heap-buffer-overflow in Perl__byte_dump_string (utf8.c)
Reported by Nguyen Duc Manh, fixed by Karl Williamson, Yves Orton, and Tony Cook.
* RT #132227: [CVE-2018-6797] heap-buffer-overflow (WRITE of size 1) in S_regatom (regcomp.c)
Reported by Brian Carpenter, fixed by Yves Orton, Karl Williamson, and Tony Cook.
Many thanks to deraadt@ tj@ bluhm@ tb@ robert@
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.24 |
|
29-Oct-2017 |
afresh1 |
branches: 1.24.2; Fix merge issues, remove excess files - match perl-5.24.3 dist
ok bluhm@
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.23 |
|
22-Sep-2017 |
afresh1 |
branches: 1.23.4; A buffer over-read and heap overflow in perl's regexp may result in a crash or memory leak.
Fixes * CVE-2017-12883 (Buffer over-read) * CVE-2017-12837 (Heap overflow when compiling case-insensitive regexp)
Patches by Karl Williamson
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.22 |
|
05-Feb-2017 |
afresh1 |
branches: 1.22.4; Fix merge issues, remove excess files - match perl-5.24.1 dist
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.21 |
|
03-Jul-2016 |
afresh1 |
branches: 1.21.4; Update to perl 5.20.3
OK bluhm@
|
Revision tags: OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.20 |
|
25-Apr-2015 |
afresh1 |
Fix merge issues, remove excess files - match perl-5.20.2 dist
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.19 |
|
17-Nov-2014 |
afresh1 |
Fix merge conflicts, remove extra files, match upstream perl-5.20.1
ok deraadt@ sthen@ espie@ miod@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.18 |
|
24-Mar-2014 |
afresh1 |
Merge perl-5.18.2 plus local patches, remove old files
OK espie@ sthen@ deraadt@
|
Revision tags: OPENBSD_5_4_BASE OPENBSD_5_5_BASE
|
#
1.17 |
|
25-Mar-2013 |
sthen |
merge/resolve conflicts (some more to do after this one)
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.16 |
|
24-Sep-2010 |
millert |
merge in perl 5.12.2 plus local changes
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.15 |
|
03-Nov-2009 |
jasper |
- apply fix from upstream git for CVE-2009-3626, which could cause perl to crash on certain invalid UTF-8 codes.
ok millert@ sthen@
|
#
1.14 |
|
12-Oct-2009 |
millert |
Merge in perl 5.10.1
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.13 |
|
29-Sep-2008 |
millert |
fix conflicts and merge in local changes to perl 5.10.0
|
Revision tags: OPENBSD_4_3_BASE OPENBSD_4_4_BASE
|
#
1.12 |
|
07-Nov-2007 |
millert |
Fix potential heap overflow given a specially crafted regexp. From Tavis Ormandy; adapted from fixes in the perl 5.9.x codebase.
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE
|
#
1.11 |
|
28-Mar-2006 |
millert |
merge in perl 5.8.8
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE
|
#
1.10 |
|
15-Jan-2005 |
millert |
sync in-tree perl with 5.8.6
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.9 |
|
09-Aug-2004 |
millert |
merge 5.8.5 into HEAD remove now-unused files crank libperl shared library major number update Makefile.bsd-wrapper tweak openbsd hints file for arm and m68k
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.8 |
|
03-Dec-2003 |
millert |
Resolve conflicts for perl 5.8.2, remove old files, and add OpenBSD-specific scaffolding
|
Revision tags: OPENBSD_3_3_BASE OPENBSD_3_4_BASE
|
#
1.7 |
|
06-Jan-2003 |
miod |
syncronous -> synchronous
|
#
1.6 |
|
27-Oct-2002 |
millert |
Resolve conflicts, remove old files, merge local changes
|
Revision tags: OPENBSD_3_0_BASE OPENBSD_3_1_BASE OPENBSD_3_2_BASE
|
#
1.5 |
|
24-May-2001 |
millert |
merge in perl 5.6.1 with our local changes
|
Revision tags: OPENBSD_2_7_BASE OPENBSD_2_8_BASE OPENBSD_2_9_BASE
|
#
1.4 |
|
06-Apr-2000 |
millert |
perl-5.6.0 + local changes
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.3 |
|
29-Apr-1999 |
millert |
perl5.005_03 (stock)
|
Revision tags: OPENBSD_2_3_BASE OPENBSD_2_4_BASE OPENBSD_2_5_BASE
|
#
1.2 |
|
30-Nov-1997 |
millert |
perl 5.004_04
|
#
1.1 |
|
19-Aug-1996 |
downsj |
branches: 1.1.1; Initial revision
|
#
1.31 |
|
01-Mar-2021 |
afresh1 |
Fix merge issues, remove excess files - match perl-5.32.1 dist
OK sthen@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.30 |
|
01-Jun-2020 |
afresh1 |
Fix various overflows and state corruption in perl
Found by: ManhND of The Tarantula Team, VinCSS (a member of Vingroup), Hugo van der Sanden, Slaven Rezic, and Sergey Aleynikov Fixed by: John Lightsey, Hugo van der Sanden, and Karl Williamson
Addresses: * CVE-2020-10543 * CVE-2020-10878 * CVE-2020-12723
|
Revision tags: OPENBSD_6_7_BASE
|
#
1.29 |
|
09-Apr-2020 |
afresh1 |
branches: 1.29.4; Update perl to 5.30.2
https://metacpan.org/pod/release/SHAY/perl-5.30.2/pod/perldelta.pod
Incompatible Changes There are no changes intentionally incompatible with 5.30.0.
Updated Modules and Pragmata * Compress::Raw::Bzip2 has been upgraded from version 2.084 to 2.089. * Module::CoreList has been upgraded from version 5.20191110 to 5.20200314.
Selected Bug Fixes * printf() or sprintf() with the %n format no longer cause a panic on debugging builds, or report an incorrectly cached length value when producing SVfUTF8 flagged strings. * A memory leak in regular expression patterns has been fixed. * A read beyond buffer in grok_infnan has been fixed. * An assertion failure in the regular expression engine has been fixed. * (?{...}) eval groups in regular expressions no longer unintentionally trigger "EVAL without pos change exceeded limit in regex".
Proceed when you feel comfortable. deraadt@
|
#
1.28 |
|
30-Dec-2019 |
afresh1 |
Fix merge issues, remove excess files - match perl-5.30.1 dist
Timing is good deraadt@, OK sthen@
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE
|
#
1.27 |
|
13-Feb-2019 |
afresh1 |
branches: 1.27.4; Fix merge issues, remove excess files - match perl-5.28.1 dist
looking good sthen@, Great! bluhm@
|
#
1.26 |
|
29-Nov-2018 |
afresh1 |
Fix various overflows in perl
Addresses: * CVE-2018-18311 (Perl RT #133204) * CVE-2018-18312 (Perl RT #133423) * CVE-2018-18313 (Perl RT #133192) * CVE-2018-18314 (Perl RT #131649)
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.25 |
|
14-Apr-2018 |
afresh1 |
branches: 1.25.2; Correct heap overflow bugs in perl
* RT #131844: [CVE-2018-6913] heap-buffer-overflow in S_pack_rec
Reported by GwanYeong Kim, fixed by Tony Cook.
* RT #132063: [CVE-2018-6798] Heap-buffer-overflow in Perl__byte_dump_string (utf8.c)
Reported by Nguyen Duc Manh, fixed by Karl Williamson, Yves Orton, and Tony Cook.
* RT #132227: [CVE-2018-6797] heap-buffer-overflow (WRITE of size 1) in S_regatom (regcomp.c)
Reported by Brian Carpenter, fixed by Yves Orton, Karl Williamson, and Tony Cook.
Many thanks to deraadt@ tj@ bluhm@ tb@ robert@
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.24 |
|
29-Oct-2017 |
afresh1 |
branches: 1.24.2; Fix merge issues, remove excess files - match perl-5.24.3 dist
ok bluhm@
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.23 |
|
22-Sep-2017 |
afresh1 |
branches: 1.23.4; A buffer over-read and heap overflow in perl's regexp may result in a crash or memory leak.
Fixes * CVE-2017-12883 (Buffer over-read) * CVE-2017-12837 (Heap overflow when compiling case-insensitive regexp)
Patches by Karl Williamson
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.22 |
|
05-Feb-2017 |
afresh1 |
branches: 1.22.4; Fix merge issues, remove excess files - match perl-5.24.1 dist
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.21 |
|
03-Jul-2016 |
afresh1 |
branches: 1.21.4; Update to perl 5.20.3
OK bluhm@
|
Revision tags: OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.20 |
|
25-Apr-2015 |
afresh1 |
Fix merge issues, remove excess files - match perl-5.20.2 dist
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.19 |
|
17-Nov-2014 |
afresh1 |
Fix merge conflicts, remove extra files, match upstream perl-5.20.1
ok deraadt@ sthen@ espie@ miod@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.18 |
|
24-Mar-2014 |
afresh1 |
Merge perl-5.18.2 plus local patches, remove old files
OK espie@ sthen@ deraadt@
|
Revision tags: OPENBSD_5_4_BASE OPENBSD_5_5_BASE
|
#
1.17 |
|
25-Mar-2013 |
sthen |
merge/resolve conflicts (some more to do after this one)
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.16 |
|
24-Sep-2010 |
millert |
merge in perl 5.12.2 plus local changes
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.15 |
|
03-Nov-2009 |
jasper |
- apply fix from upstream git for CVE-2009-3626, which could cause perl to crash on certain invalid UTF-8 codes.
ok millert@ sthen@
|
#
1.14 |
|
12-Oct-2009 |
millert |
Merge in perl 5.10.1
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.13 |
|
29-Sep-2008 |
millert |
fix conflicts and merge in local changes to perl 5.10.0
|
Revision tags: OPENBSD_4_3_BASE OPENBSD_4_4_BASE
|
#
1.12 |
|
07-Nov-2007 |
millert |
Fix potential heap overflow given a specially crafted regexp. From Tavis Ormandy; adapted from fixes in the perl 5.9.x codebase.
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE
|
#
1.11 |
|
28-Mar-2006 |
millert |
merge in perl 5.8.8
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE
|
#
1.10 |
|
15-Jan-2005 |
millert |
sync in-tree perl with 5.8.6
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.9 |
|
09-Aug-2004 |
millert |
merge 5.8.5 into HEAD remove now-unused files crank libperl shared library major number update Makefile.bsd-wrapper tweak openbsd hints file for arm and m68k
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.8 |
|
03-Dec-2003 |
millert |
Resolve conflicts for perl 5.8.2, remove old files, and add OpenBSD-specific scaffolding
|
Revision tags: OPENBSD_3_3_BASE OPENBSD_3_4_BASE
|
#
1.7 |
|
06-Jan-2003 |
miod |
syncronous -> synchronous
|
#
1.6 |
|
27-Oct-2002 |
millert |
Resolve conflicts, remove old files, merge local changes
|
Revision tags: OPENBSD_3_0_BASE OPENBSD_3_1_BASE OPENBSD_3_2_BASE
|
#
1.5 |
|
24-May-2001 |
millert |
merge in perl 5.6.1 with our local changes
|
Revision tags: OPENBSD_2_7_BASE OPENBSD_2_8_BASE OPENBSD_2_9_BASE
|
#
1.4 |
|
06-Apr-2000 |
millert |
perl-5.6.0 + local changes
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.3 |
|
29-Apr-1999 |
millert |
perl5.005_03 (stock)
|
Revision tags: OPENBSD_2_3_BASE OPENBSD_2_4_BASE OPENBSD_2_5_BASE
|
#
1.2 |
|
30-Nov-1997 |
millert |
perl 5.004_04
|
#
1.1 |
|
19-Aug-1996 |
downsj |
branches: 1.1.1; Initial revision
|
#
1.30 |
|
01-Jun-2020 |
afresh1 |
Fix various overflows and state corruption in perl
Found by: ManhND of The Tarantula Team, VinCSS (a member of Vingroup), Hugo van der Sanden, Slaven Rezic, and Sergey Aleynikov Fixed by: John Lightsey, Hugo van der Sanden, and Karl Williamson
Addresses: * CVE-2020-10543 * CVE-2020-10878 * CVE-2020-12723
|
Revision tags: OPENBSD_6_7_BASE
|
#
1.29 |
|
09-Apr-2020 |
afresh1 |
branches: 1.29.4; Update perl to 5.30.2
https://metacpan.org/pod/release/SHAY/perl-5.30.2/pod/perldelta.pod
Incompatible Changes There are no changes intentionally incompatible with 5.30.0.
Updated Modules and Pragmata * Compress::Raw::Bzip2 has been upgraded from version 2.084 to 2.089. * Module::CoreList has been upgraded from version 5.20191110 to 5.20200314.
Selected Bug Fixes * printf() or sprintf() with the %n format no longer cause a panic on debugging builds, or report an incorrectly cached length value when producing SVfUTF8 flagged strings. * A memory leak in regular expression patterns has been fixed. * A read beyond buffer in grok_infnan has been fixed. * An assertion failure in the regular expression engine has been fixed. * (?{...}) eval groups in regular expressions no longer unintentionally trigger "EVAL without pos change exceeded limit in regex".
Proceed when you feel comfortable. deraadt@
|
#
1.28 |
|
30-Dec-2019 |
afresh1 |
Fix merge issues, remove excess files - match perl-5.30.1 dist
Timing is good deraadt@, OK sthen@
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE
|
#
1.27 |
|
13-Feb-2019 |
afresh1 |
branches: 1.27.4; Fix merge issues, remove excess files - match perl-5.28.1 dist
looking good sthen@, Great! bluhm@
|
#
1.26 |
|
29-Nov-2018 |
afresh1 |
Fix various overflows in perl
Addresses: * CVE-2018-18311 (Perl RT #133204) * CVE-2018-18312 (Perl RT #133423) * CVE-2018-18313 (Perl RT #133192) * CVE-2018-18314 (Perl RT #131649)
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.25 |
|
14-Apr-2018 |
afresh1 |
branches: 1.25.2; Correct heap overflow bugs in perl
* RT #131844: [CVE-2018-6913] heap-buffer-overflow in S_pack_rec
Reported by GwanYeong Kim, fixed by Tony Cook.
* RT #132063: [CVE-2018-6798] Heap-buffer-overflow in Perl__byte_dump_string (utf8.c)
Reported by Nguyen Duc Manh, fixed by Karl Williamson, Yves Orton, and Tony Cook.
* RT #132227: [CVE-2018-6797] heap-buffer-overflow (WRITE of size 1) in S_regatom (regcomp.c)
Reported by Brian Carpenter, fixed by Yves Orton, Karl Williamson, and Tony Cook.
Many thanks to deraadt@ tj@ bluhm@ tb@ robert@
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.24 |
|
29-Oct-2017 |
afresh1 |
branches: 1.24.2; Fix merge issues, remove excess files - match perl-5.24.3 dist
ok bluhm@
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.23 |
|
22-Sep-2017 |
afresh1 |
branches: 1.23.4; A buffer over-read and heap overflow in perl's regexp may result in a crash or memory leak.
Fixes * CVE-2017-12883 (Buffer over-read) * CVE-2017-12837 (Heap overflow when compiling case-insensitive regexp)
Patches by Karl Williamson
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.22 |
|
05-Feb-2017 |
afresh1 |
branches: 1.22.4; Fix merge issues, remove excess files - match perl-5.24.1 dist
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.21 |
|
03-Jul-2016 |
afresh1 |
branches: 1.21.4; Update to perl 5.20.3
OK bluhm@
|
Revision tags: OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.20 |
|
25-Apr-2015 |
afresh1 |
Fix merge issues, remove excess files - match perl-5.20.2 dist
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.19 |
|
17-Nov-2014 |
afresh1 |
Fix merge conflicts, remove extra files, match upstream perl-5.20.1
ok deraadt@ sthen@ espie@ miod@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.18 |
|
24-Mar-2014 |
afresh1 |
Merge perl-5.18.2 plus local patches, remove old files
OK espie@ sthen@ deraadt@
|
Revision tags: OPENBSD_5_4_BASE OPENBSD_5_5_BASE
|
#
1.17 |
|
25-Mar-2013 |
sthen |
merge/resolve conflicts (some more to do after this one)
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.16 |
|
24-Sep-2010 |
millert |
merge in perl 5.12.2 plus local changes
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.15 |
|
03-Nov-2009 |
jasper |
- apply fix from upstream git for CVE-2009-3626, which could cause perl to crash on certain invalid UTF-8 codes.
ok millert@ sthen@
|
#
1.14 |
|
12-Oct-2009 |
millert |
Merge in perl 5.10.1
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.13 |
|
29-Sep-2008 |
millert |
fix conflicts and merge in local changes to perl 5.10.0
|
Revision tags: OPENBSD_4_3_BASE OPENBSD_4_4_BASE
|
#
1.12 |
|
07-Nov-2007 |
millert |
Fix potential heap overflow given a specially crafted regexp. From Tavis Ormandy; adapted from fixes in the perl 5.9.x codebase.
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE
|
#
1.11 |
|
28-Mar-2006 |
millert |
merge in perl 5.8.8
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE
|
#
1.10 |
|
15-Jan-2005 |
millert |
sync in-tree perl with 5.8.6
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.9 |
|
09-Aug-2004 |
millert |
merge 5.8.5 into HEAD remove now-unused files crank libperl shared library major number update Makefile.bsd-wrapper tweak openbsd hints file for arm and m68k
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.8 |
|
03-Dec-2003 |
millert |
Resolve conflicts for perl 5.8.2, remove old files, and add OpenBSD-specific scaffolding
|
Revision tags: OPENBSD_3_3_BASE OPENBSD_3_4_BASE
|
#
1.7 |
|
06-Jan-2003 |
miod |
syncronous -> synchronous
|
#
1.6 |
|
27-Oct-2002 |
millert |
Resolve conflicts, remove old files, merge local changes
|
Revision tags: OPENBSD_3_0_BASE OPENBSD_3_1_BASE OPENBSD_3_2_BASE
|
#
1.5 |
|
24-May-2001 |
millert |
merge in perl 5.6.1 with our local changes
|
Revision tags: OPENBSD_2_7_BASE OPENBSD_2_8_BASE OPENBSD_2_9_BASE
|
#
1.4 |
|
06-Apr-2000 |
millert |
perl-5.6.0 + local changes
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.3 |
|
29-Apr-1999 |
millert |
perl5.005_03 (stock)
|
Revision tags: OPENBSD_2_3_BASE OPENBSD_2_4_BASE OPENBSD_2_5_BASE
|
#
1.2 |
|
30-Nov-1997 |
millert |
perl 5.004_04
|
#
1.1 |
|
19-Aug-1996 |
downsj |
branches: 1.1.1; Initial revision
|
#
1.29 |
|
09-Apr-2020 |
afresh1 |
Update perl to 5.30.2
https://metacpan.org/pod/release/SHAY/perl-5.30.2/pod/perldelta.pod
Incompatible Changes There are no changes intentionally incompatible with 5.30.0.
Updated Modules and Pragmata * Compress::Raw::Bzip2 has been upgraded from version 2.084 to 2.089. * Module::CoreList has been upgraded from version 5.20191110 to 5.20200314.
Selected Bug Fixes * printf() or sprintf() with the %n format no longer cause a panic on debugging builds, or report an incorrectly cached length value when producing SVfUTF8 flagged strings. * A memory leak in regular expression patterns has been fixed. * A read beyond buffer in grok_infnan has been fixed. * An assertion failure in the regular expression engine has been fixed. * (?{...}) eval groups in regular expressions no longer unintentionally trigger "EVAL without pos change exceeded limit in regex".
Proceed when you feel comfortable. deraadt@
|
#
1.28 |
|
30-Dec-2019 |
afresh1 |
Fix merge issues, remove excess files - match perl-5.30.1 dist
Timing is good deraadt@, OK sthen@
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE
|
#
1.27 |
|
13-Feb-2019 |
afresh1 |
Fix merge issues, remove excess files - match perl-5.28.1 dist
looking good sthen@, Great! bluhm@
|
#
1.26 |
|
29-Nov-2018 |
afresh1 |
Fix various overflows in perl
Addresses: * CVE-2018-18311 (Perl RT #133204) * CVE-2018-18312 (Perl RT #133423) * CVE-2018-18313 (Perl RT #133192) * CVE-2018-18314 (Perl RT #131649)
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.25 |
|
14-Apr-2018 |
afresh1 |
branches: 1.25.2; Correct heap overflow bugs in perl
* RT #131844: [CVE-2018-6913] heap-buffer-overflow in S_pack_rec
Reported by GwanYeong Kim, fixed by Tony Cook.
* RT #132063: [CVE-2018-6798] Heap-buffer-overflow in Perl__byte_dump_string (utf8.c)
Reported by Nguyen Duc Manh, fixed by Karl Williamson, Yves Orton, and Tony Cook.
* RT #132227: [CVE-2018-6797] heap-buffer-overflow (WRITE of size 1) in S_regatom (regcomp.c)
Reported by Brian Carpenter, fixed by Yves Orton, Karl Williamson, and Tony Cook.
Many thanks to deraadt@ tj@ bluhm@ tb@ robert@
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.24 |
|
29-Oct-2017 |
afresh1 |
branches: 1.24.2; Fix merge issues, remove excess files - match perl-5.24.3 dist
ok bluhm@
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.23 |
|
22-Sep-2017 |
afresh1 |
branches: 1.23.4; A buffer over-read and heap overflow in perl's regexp may result in a crash or memory leak.
Fixes * CVE-2017-12883 (Buffer over-read) * CVE-2017-12837 (Heap overflow when compiling case-insensitive regexp)
Patches by Karl Williamson
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.22 |
|
05-Feb-2017 |
afresh1 |
branches: 1.22.4; Fix merge issues, remove excess files - match perl-5.24.1 dist
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.21 |
|
03-Jul-2016 |
afresh1 |
branches: 1.21.4; Update to perl 5.20.3
OK bluhm@
|
Revision tags: OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.20 |
|
25-Apr-2015 |
afresh1 |
Fix merge issues, remove excess files - match perl-5.20.2 dist
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.19 |
|
17-Nov-2014 |
afresh1 |
Fix merge conflicts, remove extra files, match upstream perl-5.20.1
ok deraadt@ sthen@ espie@ miod@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.18 |
|
24-Mar-2014 |
afresh1 |
Merge perl-5.18.2 plus local patches, remove old files
OK espie@ sthen@ deraadt@
|
Revision tags: OPENBSD_5_4_BASE OPENBSD_5_5_BASE
|
#
1.17 |
|
25-Mar-2013 |
sthen |
merge/resolve conflicts (some more to do after this one)
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.16 |
|
24-Sep-2010 |
millert |
merge in perl 5.12.2 plus local changes
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.15 |
|
03-Nov-2009 |
jasper |
- apply fix from upstream git for CVE-2009-3626, which could cause perl to crash on certain invalid UTF-8 codes.
ok millert@ sthen@
|
#
1.14 |
|
12-Oct-2009 |
millert |
Merge in perl 5.10.1
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.13 |
|
29-Sep-2008 |
millert |
fix conflicts and merge in local changes to perl 5.10.0
|
Revision tags: OPENBSD_4_3_BASE OPENBSD_4_4_BASE
|
#
1.12 |
|
07-Nov-2007 |
millert |
Fix potential heap overflow given a specially crafted regexp. From Tavis Ormandy; adapted from fixes in the perl 5.9.x codebase.
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE
|
#
1.11 |
|
28-Mar-2006 |
millert |
merge in perl 5.8.8
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE
|
#
1.10 |
|
15-Jan-2005 |
millert |
sync in-tree perl with 5.8.6
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.9 |
|
09-Aug-2004 |
millert |
merge 5.8.5 into HEAD remove now-unused files crank libperl shared library major number update Makefile.bsd-wrapper tweak openbsd hints file for arm and m68k
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.8 |
|
03-Dec-2003 |
millert |
Resolve conflicts for perl 5.8.2, remove old files, and add OpenBSD-specific scaffolding
|
Revision tags: OPENBSD_3_3_BASE OPENBSD_3_4_BASE
|
#
1.7 |
|
06-Jan-2003 |
miod |
syncronous -> synchronous
|
#
1.6 |
|
27-Oct-2002 |
millert |
Resolve conflicts, remove old files, merge local changes
|
Revision tags: OPENBSD_3_0_BASE OPENBSD_3_1_BASE OPENBSD_3_2_BASE
|
#
1.5 |
|
24-May-2001 |
millert |
merge in perl 5.6.1 with our local changes
|
Revision tags: OPENBSD_2_7_BASE OPENBSD_2_8_BASE OPENBSD_2_9_BASE
|
#
1.4 |
|
06-Apr-2000 |
millert |
perl-5.6.0 + local changes
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.3 |
|
29-Apr-1999 |
millert |
perl5.005_03 (stock)
|
Revision tags: OPENBSD_2_3_BASE OPENBSD_2_4_BASE OPENBSD_2_5_BASE
|
#
1.2 |
|
30-Nov-1997 |
millert |
perl 5.004_04
|
#
1.1 |
|
19-Aug-1996 |
downsj |
branches: 1.1.1; Initial revision
|
#
1.28 |
|
30-Dec-2019 |
afresh1 |
Fix merge issues, remove excess files - match perl-5.30.1 dist
Timing is good deraadt@, OK sthen@
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE
|
#
1.27 |
|
13-Feb-2019 |
afresh1 |
Fix merge issues, remove excess files - match perl-5.28.1 dist
looking good sthen@, Great! bluhm@
|
#
1.26 |
|
29-Nov-2018 |
afresh1 |
Fix various overflows in perl
Addresses: * CVE-2018-18311 (Perl RT #133204) * CVE-2018-18312 (Perl RT #133423) * CVE-2018-18313 (Perl RT #133192) * CVE-2018-18314 (Perl RT #131649)
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.25 |
|
14-Apr-2018 |
afresh1 |
branches: 1.25.2; Correct heap overflow bugs in perl
* RT #131844: [CVE-2018-6913] heap-buffer-overflow in S_pack_rec
Reported by GwanYeong Kim, fixed by Tony Cook.
* RT #132063: [CVE-2018-6798] Heap-buffer-overflow in Perl__byte_dump_string (utf8.c)
Reported by Nguyen Duc Manh, fixed by Karl Williamson, Yves Orton, and Tony Cook.
* RT #132227: [CVE-2018-6797] heap-buffer-overflow (WRITE of size 1) in S_regatom (regcomp.c)
Reported by Brian Carpenter, fixed by Yves Orton, Karl Williamson, and Tony Cook.
Many thanks to deraadt@ tj@ bluhm@ tb@ robert@
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.24 |
|
29-Oct-2017 |
afresh1 |
branches: 1.24.2; Fix merge issues, remove excess files - match perl-5.24.3 dist
ok bluhm@
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.23 |
|
22-Sep-2017 |
afresh1 |
branches: 1.23.4; A buffer over-read and heap overflow in perl's regexp may result in a crash or memory leak.
Fixes * CVE-2017-12883 (Buffer over-read) * CVE-2017-12837 (Heap overflow when compiling case-insensitive regexp)
Patches by Karl Williamson
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.22 |
|
05-Feb-2017 |
afresh1 |
branches: 1.22.4; Fix merge issues, remove excess files - match perl-5.24.1 dist
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.21 |
|
03-Jul-2016 |
afresh1 |
branches: 1.21.4; Update to perl 5.20.3
OK bluhm@
|
Revision tags: OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.20 |
|
25-Apr-2015 |
afresh1 |
Fix merge issues, remove excess files - match perl-5.20.2 dist
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.19 |
|
17-Nov-2014 |
afresh1 |
Fix merge conflicts, remove extra files, match upstream perl-5.20.1
ok deraadt@ sthen@ espie@ miod@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.18 |
|
24-Mar-2014 |
afresh1 |
Merge perl-5.18.2 plus local patches, remove old files
OK espie@ sthen@ deraadt@
|
Revision tags: OPENBSD_5_4_BASE OPENBSD_5_5_BASE
|
#
1.17 |
|
25-Mar-2013 |
sthen |
merge/resolve conflicts (some more to do after this one)
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.16 |
|
24-Sep-2010 |
millert |
merge in perl 5.12.2 plus local changes
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.15 |
|
03-Nov-2009 |
jasper |
- apply fix from upstream git for CVE-2009-3626, which could cause perl to crash on certain invalid UTF-8 codes.
ok millert@ sthen@
|
#
1.14 |
|
12-Oct-2009 |
millert |
Merge in perl 5.10.1
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.13 |
|
29-Sep-2008 |
millert |
fix conflicts and merge in local changes to perl 5.10.0
|
Revision tags: OPENBSD_4_3_BASE OPENBSD_4_4_BASE
|
#
1.12 |
|
07-Nov-2007 |
millert |
Fix potential heap overflow given a specially crafted regexp. From Tavis Ormandy; adapted from fixes in the perl 5.9.x codebase.
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE
|
#
1.11 |
|
28-Mar-2006 |
millert |
merge in perl 5.8.8
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE
|
#
1.10 |
|
15-Jan-2005 |
millert |
sync in-tree perl with 5.8.6
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.9 |
|
09-Aug-2004 |
millert |
merge 5.8.5 into HEAD remove now-unused files crank libperl shared library major number update Makefile.bsd-wrapper tweak openbsd hints file for arm and m68k
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.8 |
|
03-Dec-2003 |
millert |
Resolve conflicts for perl 5.8.2, remove old files, and add OpenBSD-specific scaffolding
|
Revision tags: OPENBSD_3_3_BASE OPENBSD_3_4_BASE
|
#
1.7 |
|
06-Jan-2003 |
miod |
syncronous -> synchronous
|
#
1.6 |
|
27-Oct-2002 |
millert |
Resolve conflicts, remove old files, merge local changes
|
Revision tags: OPENBSD_3_0_BASE OPENBSD_3_1_BASE OPENBSD_3_2_BASE
|
#
1.5 |
|
24-May-2001 |
millert |
merge in perl 5.6.1 with our local changes
|
Revision tags: OPENBSD_2_7_BASE OPENBSD_2_8_BASE OPENBSD_2_9_BASE
|
#
1.4 |
|
06-Apr-2000 |
millert |
perl-5.6.0 + local changes
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.3 |
|
29-Apr-1999 |
millert |
perl5.005_03 (stock)
|
Revision tags: OPENBSD_2_3_BASE OPENBSD_2_4_BASE OPENBSD_2_5_BASE
|
#
1.2 |
|
30-Nov-1997 |
millert |
perl 5.004_04
|
#
1.1 |
|
19-Aug-1996 |
downsj |
branches: 1.1.1; Initial revision
|
#
1.27 |
|
13-Feb-2019 |
afresh1 |
Fix merge issues, remove excess files - match perl-5.28.1 dist
looking good sthen@, Great! bluhm@
|
#
1.26 |
|
29-Nov-2018 |
afresh1 |
Fix various overflows in perl
Addresses: * CVE-2018-18311 (Perl RT #133204) * CVE-2018-18312 (Perl RT #133423) * CVE-2018-18313 (Perl RT #133192) * CVE-2018-18314 (Perl RT #131649)
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.25 |
|
14-Apr-2018 |
afresh1 |
branches: 1.25.2; Correct heap overflow bugs in perl
* RT #131844: [CVE-2018-6913] heap-buffer-overflow in S_pack_rec
Reported by GwanYeong Kim, fixed by Tony Cook.
* RT #132063: [CVE-2018-6798] Heap-buffer-overflow in Perl__byte_dump_string (utf8.c)
Reported by Nguyen Duc Manh, fixed by Karl Williamson, Yves Orton, and Tony Cook.
* RT #132227: [CVE-2018-6797] heap-buffer-overflow (WRITE of size 1) in S_regatom (regcomp.c)
Reported by Brian Carpenter, fixed by Yves Orton, Karl Williamson, and Tony Cook.
Many thanks to deraadt@ tj@ bluhm@ tb@ robert@
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.24 |
|
29-Oct-2017 |
afresh1 |
branches: 1.24.2; Fix merge issues, remove excess files - match perl-5.24.3 dist
ok bluhm@
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.23 |
|
22-Sep-2017 |
afresh1 |
branches: 1.23.4; A buffer over-read and heap overflow in perl's regexp may result in a crash or memory leak.
Fixes * CVE-2017-12883 (Buffer over-read) * CVE-2017-12837 (Heap overflow when compiling case-insensitive regexp)
Patches by Karl Williamson
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.22 |
|
05-Feb-2017 |
afresh1 |
branches: 1.22.4; Fix merge issues, remove excess files - match perl-5.24.1 dist
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.21 |
|
03-Jul-2016 |
afresh1 |
branches: 1.21.4; Update to perl 5.20.3
OK bluhm@
|
Revision tags: OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.20 |
|
25-Apr-2015 |
afresh1 |
Fix merge issues, remove excess files - match perl-5.20.2 dist
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.19 |
|
17-Nov-2014 |
afresh1 |
Fix merge conflicts, remove extra files, match upstream perl-5.20.1
ok deraadt@ sthen@ espie@ miod@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.18 |
|
24-Mar-2014 |
afresh1 |
Merge perl-5.18.2 plus local patches, remove old files
OK espie@ sthen@ deraadt@
|
Revision tags: OPENBSD_5_4_BASE OPENBSD_5_5_BASE
|
#
1.17 |
|
25-Mar-2013 |
sthen |
merge/resolve conflicts (some more to do after this one)
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.16 |
|
24-Sep-2010 |
millert |
merge in perl 5.12.2 plus local changes
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.15 |
|
03-Nov-2009 |
jasper |
- apply fix from upstream git for CVE-2009-3626, which could cause perl to crash on certain invalid UTF-8 codes.
ok millert@ sthen@
|
#
1.14 |
|
12-Oct-2009 |
millert |
Merge in perl 5.10.1
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.13 |
|
29-Sep-2008 |
millert |
fix conflicts and merge in local changes to perl 5.10.0
|
Revision tags: OPENBSD_4_3_BASE OPENBSD_4_4_BASE
|
#
1.12 |
|
07-Nov-2007 |
millert |
Fix potential heap overflow given a specially crafted regexp. From Tavis Ormandy; adapted from fixes in the perl 5.9.x codebase.
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE
|
#
1.11 |
|
28-Mar-2006 |
millert |
merge in perl 5.8.8
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE
|
#
1.10 |
|
15-Jan-2005 |
millert |
sync in-tree perl with 5.8.6
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.9 |
|
09-Aug-2004 |
millert |
merge 5.8.5 into HEAD remove now-unused files crank libperl shared library major number update Makefile.bsd-wrapper tweak openbsd hints file for arm and m68k
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.8 |
|
03-Dec-2003 |
millert |
Resolve conflicts for perl 5.8.2, remove old files, and add OpenBSD-specific scaffolding
|
Revision tags: OPENBSD_3_3_BASE OPENBSD_3_4_BASE
|
#
1.7 |
|
06-Jan-2003 |
miod |
syncronous -> synchronous
|
#
1.6 |
|
27-Oct-2002 |
millert |
Resolve conflicts, remove old files, merge local changes
|
Revision tags: OPENBSD_3_0_BASE OPENBSD_3_1_BASE OPENBSD_3_2_BASE
|
#
1.5 |
|
24-May-2001 |
millert |
merge in perl 5.6.1 with our local changes
|
Revision tags: OPENBSD_2_7_BASE OPENBSD_2_8_BASE OPENBSD_2_9_BASE
|
#
1.4 |
|
06-Apr-2000 |
millert |
perl-5.6.0 + local changes
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.3 |
|
29-Apr-1999 |
millert |
perl5.005_03 (stock)
|
Revision tags: OPENBSD_2_3_BASE OPENBSD_2_4_BASE OPENBSD_2_5_BASE
|
#
1.2 |
|
30-Nov-1997 |
millert |
perl 5.004_04
|
#
1.1 |
|
19-Aug-1996 |
downsj |
branches: 1.1.1; Initial revision
|
#
1.26 |
|
29-Nov-2018 |
afresh1 |
Fix various overflows in perl
Addresses: * CVE-2018-18311 (Perl RT #133204) * CVE-2018-18312 (Perl RT #133423) * CVE-2018-18313 (Perl RT #133192) * CVE-2018-18314 (Perl RT #131649)
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.25 |
|
14-Apr-2018 |
afresh1 |
branches: 1.25.2; Correct heap overflow bugs in perl
* RT #131844: [CVE-2018-6913] heap-buffer-overflow in S_pack_rec
Reported by GwanYeong Kim, fixed by Tony Cook.
* RT #132063: [CVE-2018-6798] Heap-buffer-overflow in Perl__byte_dump_string (utf8.c)
Reported by Nguyen Duc Manh, fixed by Karl Williamson, Yves Orton, and Tony Cook.
* RT #132227: [CVE-2018-6797] heap-buffer-overflow (WRITE of size 1) in S_regatom (regcomp.c)
Reported by Brian Carpenter, fixed by Yves Orton, Karl Williamson, and Tony Cook.
Many thanks to deraadt@ tj@ bluhm@ tb@ robert@
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.24 |
|
29-Oct-2017 |
afresh1 |
branches: 1.24.2; Fix merge issues, remove excess files - match perl-5.24.3 dist
ok bluhm@
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.23 |
|
22-Sep-2017 |
afresh1 |
branches: 1.23.4; A buffer over-read and heap overflow in perl's regexp may result in a crash or memory leak.
Fixes * CVE-2017-12883 (Buffer over-read) * CVE-2017-12837 (Heap overflow when compiling case-insensitive regexp)
Patches by Karl Williamson
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.22 |
|
05-Feb-2017 |
afresh1 |
branches: 1.22.4; Fix merge issues, remove excess files - match perl-5.24.1 dist
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.21 |
|
03-Jul-2016 |
afresh1 |
branches: 1.21.4; Update to perl 5.20.3
OK bluhm@
|
Revision tags: OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.20 |
|
25-Apr-2015 |
afresh1 |
Fix merge issues, remove excess files - match perl-5.20.2 dist
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.19 |
|
17-Nov-2014 |
afresh1 |
Fix merge conflicts, remove extra files, match upstream perl-5.20.1
ok deraadt@ sthen@ espie@ miod@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.18 |
|
24-Mar-2014 |
afresh1 |
Merge perl-5.18.2 plus local patches, remove old files
OK espie@ sthen@ deraadt@
|
Revision tags: OPENBSD_5_4_BASE OPENBSD_5_5_BASE
|
#
1.17 |
|
25-Mar-2013 |
sthen |
merge/resolve conflicts (some more to do after this one)
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.16 |
|
24-Sep-2010 |
millert |
merge in perl 5.12.2 plus local changes
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.15 |
|
03-Nov-2009 |
jasper |
- apply fix from upstream git for CVE-2009-3626, which could cause perl to crash on certain invalid UTF-8 codes.
ok millert@ sthen@
|
#
1.14 |
|
12-Oct-2009 |
millert |
Merge in perl 5.10.1
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.13 |
|
29-Sep-2008 |
millert |
fix conflicts and merge in local changes to perl 5.10.0
|
Revision tags: OPENBSD_4_3_BASE OPENBSD_4_4_BASE
|
#
1.12 |
|
07-Nov-2007 |
millert |
Fix potential heap overflow given a specially crafted regexp. From Tavis Ormandy; adapted from fixes in the perl 5.9.x codebase.
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE
|
#
1.11 |
|
28-Mar-2006 |
millert |
merge in perl 5.8.8
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE
|
#
1.10 |
|
15-Jan-2005 |
millert |
sync in-tree perl with 5.8.6
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.9 |
|
09-Aug-2004 |
millert |
merge 5.8.5 into HEAD remove now-unused files crank libperl shared library major number update Makefile.bsd-wrapper tweak openbsd hints file for arm and m68k
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.8 |
|
03-Dec-2003 |
millert |
Resolve conflicts for perl 5.8.2, remove old files, and add OpenBSD-specific scaffolding
|
Revision tags: OPENBSD_3_3_BASE OPENBSD_3_4_BASE
|
#
1.7 |
|
06-Jan-2003 |
miod |
syncronous -> synchronous
|
#
1.6 |
|
27-Oct-2002 |
millert |
Resolve conflicts, remove old files, merge local changes
|
Revision tags: OPENBSD_3_0_BASE OPENBSD_3_1_BASE OPENBSD_3_2_BASE
|
#
1.5 |
|
24-May-2001 |
millert |
merge in perl 5.6.1 with our local changes
|
Revision tags: OPENBSD_2_7_BASE OPENBSD_2_8_BASE OPENBSD_2_9_BASE
|
#
1.4 |
|
06-Apr-2000 |
millert |
perl-5.6.0 + local changes
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.3 |
|
29-Apr-1999 |
millert |
perl5.005_03 (stock)
|
Revision tags: OPENBSD_2_3_BASE OPENBSD_2_4_BASE OPENBSD_2_5_BASE
|
#
1.2 |
|
30-Nov-1997 |
millert |
perl 5.004_04
|
#
1.1 |
|
19-Aug-1996 |
downsj |
branches: 1.1.1; Initial revision
|
#
1.25 |
|
14-Apr-2018 |
afresh1 |
Correct heap overflow bugs in perl
* RT #131844: [CVE-2018-6913] heap-buffer-overflow in S_pack_rec
Reported by GwanYeong Kim, fixed by Tony Cook.
* RT #132063: [CVE-2018-6798] Heap-buffer-overflow in Perl__byte_dump_string (utf8.c)
Reported by Nguyen Duc Manh, fixed by Karl Williamson, Yves Orton, and Tony Cook.
* RT #132227: [CVE-2018-6797] heap-buffer-overflow (WRITE of size 1) in S_regatom (regcomp.c)
Reported by Brian Carpenter, fixed by Yves Orton, Karl Williamson, and Tony Cook.
Many thanks to deraadt@ tj@ bluhm@ tb@ robert@
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.24 |
|
29-Oct-2017 |
afresh1 |
branches: 1.24.2; Fix merge issues, remove excess files - match perl-5.24.3 dist
ok bluhm@
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.23 |
|
22-Sep-2017 |
afresh1 |
branches: 1.23.4; A buffer over-read and heap overflow in perl's regexp may result in a crash or memory leak.
Fixes * CVE-2017-12883 (Buffer over-read) * CVE-2017-12837 (Heap overflow when compiling case-insensitive regexp)
Patches by Karl Williamson
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.22 |
|
05-Feb-2017 |
afresh1 |
branches: 1.22.4; Fix merge issues, remove excess files - match perl-5.24.1 dist
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.21 |
|
03-Jul-2016 |
afresh1 |
branches: 1.21.4; Update to perl 5.20.3
OK bluhm@
|
Revision tags: OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.20 |
|
25-Apr-2015 |
afresh1 |
Fix merge issues, remove excess files - match perl-5.20.2 dist
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.19 |
|
17-Nov-2014 |
afresh1 |
Fix merge conflicts, remove extra files, match upstream perl-5.20.1
ok deraadt@ sthen@ espie@ miod@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.18 |
|
24-Mar-2014 |
afresh1 |
Merge perl-5.18.2 plus local patches, remove old files
OK espie@ sthen@ deraadt@
|
Revision tags: OPENBSD_5_4_BASE OPENBSD_5_5_BASE
|
#
1.17 |
|
25-Mar-2013 |
sthen |
merge/resolve conflicts (some more to do after this one)
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.16 |
|
24-Sep-2010 |
millert |
merge in perl 5.12.2 plus local changes
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.15 |
|
03-Nov-2009 |
jasper |
- apply fix from upstream git for CVE-2009-3626, which could cause perl to crash on certain invalid UTF-8 codes.
ok millert@ sthen@
|
#
1.14 |
|
12-Oct-2009 |
millert |
Merge in perl 5.10.1
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.13 |
|
29-Sep-2008 |
millert |
fix conflicts and merge in local changes to perl 5.10.0
|
Revision tags: OPENBSD_4_3_BASE OPENBSD_4_4_BASE
|
#
1.12 |
|
07-Nov-2007 |
millert |
Fix potential heap overflow given a specially crafted regexp. From Tavis Ormandy; adapted from fixes in the perl 5.9.x codebase.
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE
|
#
1.11 |
|
28-Mar-2006 |
millert |
merge in perl 5.8.8
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE
|
#
1.10 |
|
15-Jan-2005 |
millert |
sync in-tree perl with 5.8.6
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.9 |
|
09-Aug-2004 |
millert |
merge 5.8.5 into HEAD remove now-unused files crank libperl shared library major number update Makefile.bsd-wrapper tweak openbsd hints file for arm and m68k
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.8 |
|
03-Dec-2003 |
millert |
Resolve conflicts for perl 5.8.2, remove old files, and add OpenBSD-specific scaffolding
|
Revision tags: OPENBSD_3_3_BASE OPENBSD_3_4_BASE
|
#
1.7 |
|
06-Jan-2003 |
miod |
syncronous -> synchronous
|
#
1.6 |
|
27-Oct-2002 |
millert |
Resolve conflicts, remove old files, merge local changes
|
Revision tags: OPENBSD_3_0_BASE OPENBSD_3_1_BASE OPENBSD_3_2_BASE
|
#
1.5 |
|
24-May-2001 |
millert |
merge in perl 5.6.1 with our local changes
|
Revision tags: OPENBSD_2_7_BASE OPENBSD_2_8_BASE OPENBSD_2_9_BASE
|
#
1.4 |
|
06-Apr-2000 |
millert |
perl-5.6.0 + local changes
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.3 |
|
29-Apr-1999 |
millert |
perl5.005_03 (stock)
|
Revision tags: OPENBSD_2_3_BASE OPENBSD_2_4_BASE OPENBSD_2_5_BASE
|
#
1.2 |
|
30-Nov-1997 |
millert |
perl 5.004_04
|
#
1.1 |
|
19-Aug-1996 |
downsj |
branches: 1.1.1; Initial revision
|
#
1.24 |
|
29-Oct-2017 |
afresh1 |
Fix merge issues, remove excess files - match perl-5.24.3 dist
ok bluhm@
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.23 |
|
22-Sep-2017 |
afresh1 |
A buffer over-read and heap overflow in perl's regexp may result in a crash or memory leak.
Fixes * CVE-2017-12883 (Buffer over-read) * CVE-2017-12837 (Heap overflow when compiling case-insensitive regexp)
Patches by Karl Williamson
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.22 |
|
05-Feb-2017 |
afresh1 |
branches: 1.22.4; Fix merge issues, remove excess files - match perl-5.24.1 dist
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.21 |
|
03-Jul-2016 |
afresh1 |
branches: 1.21.4; Update to perl 5.20.3
OK bluhm@
|
Revision tags: OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.20 |
|
25-Apr-2015 |
afresh1 |
Fix merge issues, remove excess files - match perl-5.20.2 dist
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.19 |
|
17-Nov-2014 |
afresh1 |
Fix merge conflicts, remove extra files, match upstream perl-5.20.1
ok deraadt@ sthen@ espie@ miod@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.18 |
|
24-Mar-2014 |
afresh1 |
Merge perl-5.18.2 plus local patches, remove old files
OK espie@ sthen@ deraadt@
|
Revision tags: OPENBSD_5_4_BASE OPENBSD_5_5_BASE
|
#
1.17 |
|
25-Mar-2013 |
sthen |
merge/resolve conflicts (some more to do after this one)
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.16 |
|
24-Sep-2010 |
millert |
merge in perl 5.12.2 plus local changes
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.15 |
|
03-Nov-2009 |
jasper |
- apply fix from upstream git for CVE-2009-3626, which could cause perl to crash on certain invalid UTF-8 codes.
ok millert@ sthen@
|
#
1.14 |
|
12-Oct-2009 |
millert |
Merge in perl 5.10.1
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.13 |
|
29-Sep-2008 |
millert |
fix conflicts and merge in local changes to perl 5.10.0
|
Revision tags: OPENBSD_4_3_BASE OPENBSD_4_4_BASE
|
#
1.12 |
|
07-Nov-2007 |
millert |
Fix potential heap overflow given a specially crafted regexp. From Tavis Ormandy; adapted from fixes in the perl 5.9.x codebase.
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE
|
#
1.11 |
|
28-Mar-2006 |
millert |
merge in perl 5.8.8
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE
|
#
1.10 |
|
15-Jan-2005 |
millert |
sync in-tree perl with 5.8.6
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.9 |
|
09-Aug-2004 |
millert |
merge 5.8.5 into HEAD remove now-unused files crank libperl shared library major number update Makefile.bsd-wrapper tweak openbsd hints file for arm and m68k
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.8 |
|
03-Dec-2003 |
millert |
Resolve conflicts for perl 5.8.2, remove old files, and add OpenBSD-specific scaffolding
|
Revision tags: OPENBSD_3_3_BASE OPENBSD_3_4_BASE
|
#
1.7 |
|
06-Jan-2003 |
miod |
syncronous -> synchronous
|
#
1.6 |
|
27-Oct-2002 |
millert |
Resolve conflicts, remove old files, merge local changes
|
Revision tags: OPENBSD_3_0_BASE OPENBSD_3_1_BASE OPENBSD_3_2_BASE
|
#
1.5 |
|
24-May-2001 |
millert |
merge in perl 5.6.1 with our local changes
|
Revision tags: OPENBSD_2_7_BASE OPENBSD_2_8_BASE OPENBSD_2_9_BASE
|
#
1.4 |
|
06-Apr-2000 |
millert |
perl-5.6.0 + local changes
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.3 |
|
29-Apr-1999 |
millert |
perl5.005_03 (stock)
|
Revision tags: OPENBSD_2_3_BASE OPENBSD_2_4_BASE OPENBSD_2_5_BASE
|
#
1.2 |
|
30-Nov-1997 |
millert |
perl 5.004_04
|
#
1.1 |
|
19-Aug-1996 |
downsj |
branches: 1.1.1; Initial revision
|