-
perl (5.34.0-5ubuntu1.2) kinetic-security; urgency=medium
* SECURITY UPDATE: insecure default TLS configuration in HTTP::Tiny module
- debian/patches/CVE-2023-31484.patch: add verify_SSL=>1 to HTTP::Tiny to
verify https server identity.
- CVE-2023-31484
-- Camila Camargo de Matos <email address hidden> Tue, 23 May 2023 14:18:57 -0300
-
perl (5.34.0-5ubuntu1.1) kinetic-security; urgency=medium
* SECURITY UPDATE: Signature verification bypass
- debian/patches/CVE-2020-16156-1.patch: signature
verification type CANNOT_VERIFY was not recognized
in cpan/CPAN/lib/CPAN/Distribution.pm.
- debia/patches/CVE-2020-16156-2.patch: add two new failure modes
in cpan/CPAN/lib/CPAN/Distribution.pm.
- debian/patches/CVE-2020-16156-3.patch: use gpg
to disentangle data and signature in cpan/CPAN/lib/CPAN/Distribution.pm.
- debian/patches/CVE-2020-16156-4.patch: replacing die with mydie in
three spots in cpan/CPAN/lib/CPAN/Distribution.pm.
- debian/patches/CVE-2020-16156-5.patch: disambiguate the call
to gpg --output by adding --verify in
cpan/CPAN/lib/CPAN/Distribution.pm.
- debian/patches/CVE-2020-16156-6.patch: corrects typo
in cpan/CPAN/lib/CPAN/Distribution.pm.
- debian/patches/CVE-2020-16156-7.patch: corrects typo
in cpan/CPAN/lib/CPAN/Distribution.pm.
- CVE-2020-16156
-- Leonidas Da Silva Barbosa <email address hidden> Tue, 04 Oct 2022 09:36:22 -0300
-
perl (5.34.0-5ubuntu1) kinetic; urgency=medium
* Merge with Debian; remaining changes:
- Disable two porting/libperl.t tests, only run on x86*, and only
testing the static libperl.a.
- Disable the same porting/libperl.t tests on x86*, as on the other
Linux architectures.
perl (5.34.0-5) unstable; urgency=medium
* Add Provides/Breaks/Replaces for libtext-balanced-perl.
(Closes: #1014282)
* Fix the Perl debugger 'view code' command. (Closes: #1010866)
perl (5.34.0-4) unstable; urgency=medium
* Refresh cross build support files for all architectures.
* Fix massively parallel builds by first making 'depend'.
(Closes: #996953)
* Backport upstream patch to perl.h fixing build warnings on clang.
(Closes: #1009149)
-- Matthias Klose <email address hidden> Thu, 07 Jul 2022 15:02:05 +0200
-
perl (5.34.0-3ubuntu1) jammy; urgency=medium
* Merge with Debian; remaining changes:
- Disable two porting/libperl.t tests, only run on x86*, and only
testing the static libperl.a.
- Disable the same porting/libperl.t tests on x86*, as on the other
Linux architectures.
perl (5.34.0-3) unstable; urgency=medium
* Add 5.34.0 to debian/released-versions.
* Upload to unstable.
perl (5.34.0-2) experimental; urgency=medium
* Apply upstream patch fixing issues with gdbm 1.20. (Closes: #993514)
perl (5.34.0-1) experimental; urgency=medium
* Update to new upstream version 5.34.0.
* Add a build time sanity check to make sure we filter away generated
files from the regen-configure tarball. (Closes: #992200)
* Fix usrmerge related reproducibility issues. Thanks to Vagrant
Cascadian. (Closes: #914128)
* Update cross build support files.
* Skip io/msg.t on x32 due to broken System V message queues.
(See #988900)
* [SECURITY] CVE-2021-36770: Encode loading code from working directory
perl (5.34.0~rc2-1) experimental; urgency=medium
* Update to upstream release candidate 5.34.0-RC2.
+ File::Temp file creation permissions are documented now.
(Closes: #987995)
perl (5.32.1-6ubuntu1) jammy; urgency=medium
* Merge with Debian; remaining changes:
- Disable two porting/libperl.t tests, only run on x86*, and only
testing the static libperl.a.
- Disable the same porting/libperl.t tests on x86*, as on the other
Linux architectures.
perl (5.32.1-4) unstable; urgency=medium
* Add perl Breaks: perl-modules-5.22 and early versions of
perl-modules-5.26. They had the same issue as perl-modules-5.24,
which perl already Breaks since 5.32.0-6. (Closes: #976704)
-- Matthias Klose <email address hidden> Sun, 06 Feb 2022 12:02:58 +0100