perl584delta(category14-security-amp-firewalls.html) - phpMan

PERL584DELTA(1)        Perl Programmers Reference Guide        PERL584DELTA(1)
NAME
       perl584delta - what is new for perl v5.8.4
DESCRIPTION
       This document describes differences between the 5.8.3 release and the
       5.8.4 release.
Incompatible Changes
       Many minor bugs have been fixed. Scripts which happen to rely on
       previously erroneous behaviour will consider these fixes as
       incompatible changes :-) You are advised to perform sufficient
       acceptance testing on this release to satisfy yourself that this does
       not affect you, before putting this release into production.
       The diagnostic output of Carp has been changed slightly, to add a space
       after the comma between arguments. This makes it much easier for tools
       such as web browsers to wrap it, but might confuse any automatic tools
       which perform detailed parsing of Carp output.
       The internal dump output has been improved, so that non-printable
       characters such as newline and backspace are output in "\x" notation,
       rather than octal. This might just confuse non-robust tools which parse
       the output of modules such as Devel::Peek.
Core Enhancements
   Malloc wrapping
       Perl can now be built to detect attempts to assign pathologically large
       chunks of memory.  Previously such assignments would suffer from
       integer wrap-around during size calculations causing a misallocation,
       which would crash perl, and could theoretically be used for "stack
       smashing" attacks.  The wrapping defaults to enabled on platforms where
       we know it works (most AIX configurations, BSDi, Darwin, DEC OSF/1,
       FreeBSD, HP/UX, GNU Linux, OpenBSD, Solaris, VMS and most Win32
       compilers) and defaults to disabled on other platforms.
   Unicode Character Database 4.0.1
       The copy of the Unicode Character Database included in Perl 5.8 has
       been updated to 4.0.1 from 4.0.0.
   suidperl less insecure
       Paul Szabo has analysed and patched "suidperl" to remove existing known
       insecurities. Currently there are no known holes in "suidperl", but
       previous experience shows that we cannot be confident that these were
       the last. You may no longer invoke the set uid perl directly, so to
       preserve backwards compatibility with scripts that invoke
       #!/usr/bin/suidperl the only set uid binary is now "sperl5.8."n
       ("sperl5.8.4" for this release). "suidperl" is installed as a hard link
       to "perl"; both "suidperl" and "perl" will invoke "sperl5.8.4"
       automatically the set uid binary, so this change should be completely
       transparent.
       For new projects the core perl team would strongly recommend that you
       use dedicated, single purpose security tools such as "sudo" in
       preference to "suidperl".
   format
       In addition to bug fixes, "format"'s features have been enhanced. See
       perlform
Modules and Pragmata
       The (mis)use of "/tmp" in core modules and documentation has been
       tidied up.  Some modules available both within the perl core and
       independently from CPAN ("dual-life modules") have not yet had these
       changes applied; the changes will be integrated into future stable perl
       releases as the modules are updated on CPAN.
   Updated modules
       Attribute::Handlers
       B
       Benchmark
       CGI
       Carp
       Cwd
       Exporter
       File::Find
       IO
       IPC::Open3
       Local::Maketext
       Math::BigFloat
       Math::BigInt
       Math::BigRat
       MIME::Base64
       ODBM_File
       POSIX
       Shell
       Socket
           There is experimental support for Linux abstract Unix domain
           sockets.
       Storable
       Switch
           Synced with its CPAN version 2.10
       Sys::Syslog
           "syslog()" can now use numeric constants for facility names and
           priorities, in addition to strings.
       Term::ANSIColor
       Time::HiRes
       Unicode::UCD
       Win32
           Win32.pm/Win32.xs has moved from the libwin32 module to core Perl
       base
       open
       threads
           Detached threads are now also supported on Windows.
       utf8
Performance Enhancements
       o   Accelerated Unicode case mappings ("/i", "lc", "uc", etc).
       o   In place sort optimised (eg "@a = sort @a")
       o   Unnecessary assignment optimised away in
             my $s = undef;
             my @a = ();
             my %h = ();
       o   Optimised "map" in scalar context
Utility Changes
       The Perl debugger (lib/perl5db.pl) can now save all debugger commands
       for sourcing later, and can display the parent inheritance tree of a
       given class.
Installation and Configuration Improvements
       The build process on both VMS and Windows has had several minor
       improvements made. On Windows Borland's C compiler can now compile perl
       with PerlIO and/or USE_LARGE_FILES enabled.
       "perl.exe" on Windows now has a "Camel" logo icon. The use of a camel
       with the topic of Perl is a trademark of O'Reilly and Associates Inc.,
       and is used with their permission (ie distribution of the source,
       compiling a Windows executable from it, and using that executable
       locally). Use of the supplied camel for anything other than a perl
       executable's icon is specifically not covered, and anyone wishing to
       redistribute perl binaries with the icon should check directly with
       O'Reilly beforehand.
       Perl should build cleanly on Stratus VOS once more.
Selected Bug Fixes
       More utf8 bugs fixed, notably in how "chomp", "chop", "send", and
       "syswrite" and interact with utf8 data. Concatenation now works
       correctly when "use bytes;" is in scope.
       Pragmata are now correctly propagated into (?{...}) constructions in
       regexps.  Code such as
          my $x = qr{ ... (??{ $x }) ... };
       will now (correctly) fail under use strict. (As the inner $x is and has
       always referred to $::x)
       The "const in void context" warning has been suppressed for a constant
       in an optimised-away boolean expression such as "5 || print;"
       "perl -i" could "fchmod(stdin)" by mistake. This is serious if stdin is
       attached to a terminal, and perl is running as root. Now fixed.
New or Changed Diagnostics
       "Carp" and the internal diagnostic routines used by "Devel::Peek" have
       been made clearer, as described in "Incompatible Changes"
Changed Internals
       Some bugs have been fixed in the hash internals. Restricted hashes and
       their place holders are now allocated and deleted at slightly different
       times, but this should not be visible to user code.
Future Directions
       Code freeze for the next maintenance release (5.8.5) will be on 30th
       June 2004, with release by mid July.
Platform Specific Problems
       This release is known not to build on Windows 95.
Reporting Bugs
       If you find what you think is a bug, you might check the articles
       recently posted to the comp.lang.perl.misc newsgroup and the perl bug
       database at http://bugs.perl.org.  There may also be information at
       http://www.perl.org, the Perl Home Page.
       If you believe you have an unreported bug, please run the perlbug
       program included with your release.  Be sure to trim your bug down to a
       tiny but sufficient test case.  Your bug report, along with the output
       of "perl -V", will be sent off to perlbug AT perl.org to be analysed by
       the Perl porting team.  You can browse and search the Perl 5 bugs at
       http://bugs.perl.org/
SEE ALSO
       The Changes file for exhaustive details on what changed.
       The INSTALL file for how to build Perl.
       The README file for general stuff.
       The Artistic and Copying files for copyright information.
perl v5.26.3                      2018-03-01                   PERL584DELTA(1)