Accepting request 841517 from home:tinita:branches:devel:languages:perl
- updated to 3.15
see /usr/share/doc/packages/perl-Storable/ChangeLog
2019-04-23 16:00:00 xsawyerx
version 3.15
* Fix leaking.
unreleased
version 3.14
* (perl #133708) don't build-time probe for stack limits at all
unreleased
version 3.12
* (perl #133411) don't probe for stack limits with -Dusecrosscompile
2018-04-27 20:40:00 xsawyerx
version 3.11
* Fix Strawberry Perl build failures.
2018-04-21 22:00:00 xsawyerx
Version 3.10
* Fix binary artifacts from distribution.
2018-04-21 16:49:00 xsawyerx
Version 3.09
* Fix "provides" in metadata (META.yml/META.json) to use the Storable
template instead of a small other file (which also didn't exist).
2018-04-21 11:23:00 xsawyerx
Version 3.08
* (perl #132849) try to disable core files when deliberatly segfaulting.
* (perl #127743) don't probe Storable limits so much.
* (perl #132893) don't probe for Storable recursion limits on old Win32.
* (perl #132870) workaround VC2017 compiler bug.
* (perl #127743) re-work for debugging builds with MSVC.
* (perl #133039) dont build a Storable.so/.dll with a static perl build.
2018-02-07 15:08:00 tonyc
Version 3.06
* support large object ids. The code in theory supported arrays
with more than 2**32 elements, but references to the elements
emitted at the end of the array with be retrieved as references to
the wrong elements.
* 32-bit object ids over 2**31-1 weren't correctly handled.
* hook object id generation now supports 64-bit ids where needed
* writing 64-bit lengths in network order now works
* reading 64-bit lengths in network order now reads the components
in the correct order.
* retrieving large object tags are now only handled on 64-bit
platforms, large object tags should only be emitted for objects
that are too large for the 32-bit address space, so it was only
wasted code.
* reading 32-bit lengths for LSCALAR and LUTF8STR as unsigned
(perl #131990)
* reading flagged large object hashes didn't read the flags
* treat the 32-bit size of hook data as unsigned, values over 2GB
were treated as large (close to 2**64) parameters to NEWSV().
(perl #131999)
* added support for hook data over 4GB in size
* zero length data receievd from STORABLE_freeze() no longer
results in an invalid SV being passed to STORABLE_thaw/_attach()
(perl #118551)
* where practical, padding is now cleared when emitting a long
double (perl #131136)
* cache the value of $Storable::DEBUGME (since cperl enabled
Storable TRACEME builds for all -DDEBUGGING builds)
* no longer discard exceptions thrown by
STORABLE_freeze/_thaw/attach() (perl #25933)
* fix dependencies used to build Storable.pm from __Storable__.pm
* add experimental support for freezing/thawing regular
expressions (perl #50608)
* re-work recursion limiting to store the limit in a perl variable
instead of baked into Storable.$so. This allows static Storable
builds to work, and avoids the kind of circular reference on
Storable.$so.
2017-07-24 13:57:13 rurban
Version 3.05_13
* mingw fix: use safe defaults, not segfaulting defaults.
mingw fails on the stacksize binary search, leaving it empty.
Version 3.05_12
* enhance stack reserve from 8 to 16
* fix LD_LIBRARY_PATH usage for CORE
* fixed some coverity warnings and leaks
* added a release make target
Version 3.05_11
* croak on sizes read > I32_MAX
* simplify last_op_in_netorder
* protect from empty retrieve_vstring
* protect store_other error buf, potential static
buffer overflow.
Version 3.05_10
* CORE-only improvements to stacksize
Version 3.05_09
* compute the stacksizes, improve cleanup within croak
from stack exhaustion.
* added stack_depth and stack_depth_hash getters.
Version 3.05_08
* finetune the max stack limit, for C++, DEBUGGING and 32bit.
* fix t/blessed.t for cperl5.22
Version 3.05_07
* Fixed a podchecker issue
Version 3.05_06
* Fixed wrong recursion depth error with large arrays containing
another array.
L<[cperl #257]|https://github.com/perl11/cperl/issues/257>
Version 3.05_05
* Add leak tests for [cpan #97316], [perl #121928]
* Limit the max recursion depth to 1200 on 32bit systems.
We have no max_depth option yet, as in JSON::XS.
Version 3.05_04
* Fix retrieve_tied_array which fails since 5.16
[cpan #84705]
* Improve t/blessed.t in the creation of sv_yes/sv_no
with threaded perls.
Version 3.05_03
* Tune t/recurse.t stack-overflow limit more.
Version 3.05_02
* Tune t/recurse.t stack-overflow limit. Small 64bit systems overflow
even with depth 3000, where 32bit are ok.
Version 3.05_01
* Protect against stack overflows with nested arrays and hashes
[cpan #97526]. This imposes a new limit to your nested structures,
but JSON::XS has a limit of 512. We use a max_depth of 3000 for the
typical stack limit of 8k.
Version 3.05
* Protect against classname len overflow on the stack
and 2x on the heap with retrieve_bless and retrieve_hook.
A serious security issue with malcrafted storable files or buffers,
but p5p accepts no CVE on Storable attacks. See RT #130635
(reported by JD).
* Fix NULL ptr SEGVs with retrieve_code and retrieve_other.
See RT #130098 (reported and fixed by JD)
* Fix wrong huge LOBJECT support, broken since 3.00c.
Repro with `export PERL_TEST_MEMORY=8`
* Fix the few remaining 2-arg open calls.
* Portability and backport fixes back to 5.6.2
Version 3.04c
* fix printf types and warnings, esp. for 32bit use64bitint
* Change sv_setpvn(…, "…", …) to sv_setpvs(…, "…")
Version 3.03c
* remove . from @INC when loading optional modules
Version 3.02c
* Fix -Wc++11-compat warnings, fix -Wchar-subscripts
Version 3.01c
* Added warn_security("Movable-Type CVE-2015-1592 Storable metasploit attack")
when detecting the third destructive metasploit vector,
thawing bless \"mt-config.cgi", "CGITempFile".
Version 3.00c
* Added support for u64 strings, arrays and hashes >2G
via a new LOBJECT tag. This is for 32bit systems and lengths
between 2GB and 4GB (I32-U32), and 64bit (>I32).
* Bumped STORABLE_BIN_MINOR and STORABLE_BIN_WRITE_MINOR from 10 to 11
* fix parallel tests, use unique filenames.
* fixed 2 instances of 2arg open,
* added optional flag arguments to skip tie and bless on retrieve/thaw,
* added SECURITY WARNING and Large data support to docs
* compute CAN_FLOCK at compile-time
* reformat everything consistently
* enable DEBUGME tracing and asserts with -DDEBUGGING
* fix all 64 bit compiler warnings
* added some abstraction methods to avoid code duplication
?????? p5p <perl5-porters@perl.org>
Version 2.65
* Replace multiple 'use vars' by 'our'
* remove Config dependency
Version 2.51
* [perl #121928] Fix memory leak for dclone inside freeze hook
(Alex Solovey)
* Do not call DESTROY for empty objects
(Vladimir Timofeev)
* Other bugfixes
OBS-URL: https://build.opensuse.org/request/show/841517
OBS-URL: https://build.opensuse.org/package/show/devel:languages:perl/perl-Storable?expand=0&rev=4
2020-10-13 11:46:03 +00:00
|
|
|
-------------------------------------------------------------------
|
2021-09-06 09:05:32 +00:00
|
|
|
Tue Aug 31 03:06:22 UTC 2021 - Tina Müller <timueller+perl@suse.de>
|
|
|
|
|
|
|
|
|
|
- updated to 3.25
|
|
|
|
|
see /usr/share/doc/packages/perl-Storable/ChangeLog
|
|
|
|
|
|
|
|
|
|
2021-08-30 07:46:52 nwclark
|
|
|
|
|
version 3.25
|
|
|
|
|
* No changes from previous version
|
|
|
|
|
2021-08-25 08:05:16 nwclark
|
|
|
|
|
version 3.24_50
|
|
|
|
|
* Remove code and tests only present to support perls before 5.6.1
|
|
|
|
|
Storable implicitly needs >= v5.6.1.
|
|
|
|
|
* Use SvPVCLEAR from ppport.h
|
|
|
|
|
* Remove XS code "commented" out with #if 0
|
|
|
|
|
* Refactor store_lhash() to remove some code duplication
|
|
|
|
|
* Avoid calling hv_iterval() twice for each hash entry
|
|
|
|
|
* Fix a bug in the recursion depth check in store_lhash()
|
|
|
|
|
unreleased
|
|
|
|
|
version 3.24
|
|
|
|
|
* Fix a (possible) typo in Sntohl
|
|
|
|
|
unreleased
|
|
|
|
|
version 3.23
|
|
|
|
|
* Fix typos
|
|
|
|
|
* avoid stderr noise in t/canonical.t
|
|
|
|
|
2020-07-31 19:36:37 atoomic
|
|
|
|
|
version 3.22
|
|
|
|
|
* use PERL_COMPARE macros
|
|
|
|
|
2020-04-23 13:33:05 ilmari
|
|
|
|
|
version 3.21
|
|
|
|
|
* fix repeated-word typos
|
|
|
|
|
* fix t/huge.t PERL_TEST_MEMORY diagnostic messages
|
|
|
|
|
2020-01-27 10:27:00 TonyC
|
|
|
|
|
version 3.20
|
|
|
|
|
* fix a format string and arguments for some debugging text
|
|
|
|
|
* linkify references to alternatives to Storable
|
|
|
|
|
2020-01-27 11:01:00 TonyC
|
|
|
|
|
version 3.19
|
|
|
|
|
* add casts to match some I32 parameters to "%d" formats (#17339)
|
|
|
|
|
* fix dependencies in Makefile.PL -> META (#17422)
|
|
|
|
|
* make use of note() optional, this requires a newer version of
|
|
|
|
|
Test::More and there's a circular dependency between later
|
|
|
|
|
versions of Test::More and Storable (#17422)
|
|
|
|
|
2019-11-19 07:59:39 TonyC
|
|
|
|
|
version 3.18
|
|
|
|
|
* update bug tracker to point at github (#17298)
|
|
|
|
|
* disallow vstring magic strings over 2GB-1 (#17306)
|
|
|
|
|
* mark some ASCII dependent tests as ASCII platform only
|
|
|
|
|
2019-08-08 11:48:00 TonyC
|
|
|
|
|
version 3.17
|
|
|
|
|
* correct a data type to ensure the check for too large results from
|
|
|
|
|
STORABLE_freeze() are detected correctly (detected by Coverity)
|
|
|
|
|
* removed remains of stack size detection from the build process.
|
|
|
|
|
* moved CAN_FLOCK detection into XS to simplify the build process.
|
|
|
|
|
2019-06-11 10:43:00 TonyC
|
|
|
|
|
version 3.16
|
|
|
|
|
* (perl #134179) fix self-referencing structures that include regexps
|
|
|
|
|
* bless regexps to preserve bless qr//, "Foo"
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
Accepting request 841517 from home:tinita:branches:devel:languages:perl
- updated to 3.15
see /usr/share/doc/packages/perl-Storable/ChangeLog
2019-04-23 16:00:00 xsawyerx
version 3.15
* Fix leaking.
unreleased
version 3.14
* (perl #133708) don't build-time probe for stack limits at all
unreleased
version 3.12
* (perl #133411) don't probe for stack limits with -Dusecrosscompile
2018-04-27 20:40:00 xsawyerx
version 3.11
* Fix Strawberry Perl build failures.
2018-04-21 22:00:00 xsawyerx
Version 3.10
* Fix binary artifacts from distribution.
2018-04-21 16:49:00 xsawyerx
Version 3.09
* Fix "provides" in metadata (META.yml/META.json) to use the Storable
template instead of a small other file (which also didn't exist).
2018-04-21 11:23:00 xsawyerx
Version 3.08
* (perl #132849) try to disable core files when deliberatly segfaulting.
* (perl #127743) don't probe Storable limits so much.
* (perl #132893) don't probe for Storable recursion limits on old Win32.
* (perl #132870) workaround VC2017 compiler bug.
* (perl #127743) re-work for debugging builds with MSVC.
* (perl #133039) dont build a Storable.so/.dll with a static perl build.
2018-02-07 15:08:00 tonyc
Version 3.06
* support large object ids. The code in theory supported arrays
with more than 2**32 elements, but references to the elements
emitted at the end of the array with be retrieved as references to
the wrong elements.
* 32-bit object ids over 2**31-1 weren't correctly handled.
* hook object id generation now supports 64-bit ids where needed
* writing 64-bit lengths in network order now works
* reading 64-bit lengths in network order now reads the components
in the correct order.
* retrieving large object tags are now only handled on 64-bit
platforms, large object tags should only be emitted for objects
that are too large for the 32-bit address space, so it was only
wasted code.
* reading 32-bit lengths for LSCALAR and LUTF8STR as unsigned
(perl #131990)
* reading flagged large object hashes didn't read the flags
* treat the 32-bit size of hook data as unsigned, values over 2GB
were treated as large (close to 2**64) parameters to NEWSV().
(perl #131999)
* added support for hook data over 4GB in size
* zero length data receievd from STORABLE_freeze() no longer
results in an invalid SV being passed to STORABLE_thaw/_attach()
(perl #118551)
* where practical, padding is now cleared when emitting a long
double (perl #131136)
* cache the value of $Storable::DEBUGME (since cperl enabled
Storable TRACEME builds for all -DDEBUGGING builds)
* no longer discard exceptions thrown by
STORABLE_freeze/_thaw/attach() (perl #25933)
* fix dependencies used to build Storable.pm from __Storable__.pm
* add experimental support for freezing/thawing regular
expressions (perl #50608)
* re-work recursion limiting to store the limit in a perl variable
instead of baked into Storable.$so. This allows static Storable
builds to work, and avoids the kind of circular reference on
Storable.$so.
2017-07-24 13:57:13 rurban
Version 3.05_13
* mingw fix: use safe defaults, not segfaulting defaults.
mingw fails on the stacksize binary search, leaving it empty.
Version 3.05_12
* enhance stack reserve from 8 to 16
* fix LD_LIBRARY_PATH usage for CORE
* fixed some coverity warnings and leaks
* added a release make target
Version 3.05_11
* croak on sizes read > I32_MAX
* simplify last_op_in_netorder
* protect from empty retrieve_vstring
* protect store_other error buf, potential static
buffer overflow.
Version 3.05_10
* CORE-only improvements to stacksize
Version 3.05_09
* compute the stacksizes, improve cleanup within croak
from stack exhaustion.
* added stack_depth and stack_depth_hash getters.
Version 3.05_08
* finetune the max stack limit, for C++, DEBUGGING and 32bit.
* fix t/blessed.t for cperl5.22
Version 3.05_07
* Fixed a podchecker issue
Version 3.05_06
* Fixed wrong recursion depth error with large arrays containing
another array.
L<[cperl #257]|https://github.com/perl11/cperl/issues/257>
Version 3.05_05
* Add leak tests for [cpan #97316], [perl #121928]
* Limit the max recursion depth to 1200 on 32bit systems.
We have no max_depth option yet, as in JSON::XS.
Version 3.05_04
* Fix retrieve_tied_array which fails since 5.16
[cpan #84705]
* Improve t/blessed.t in the creation of sv_yes/sv_no
with threaded perls.
Version 3.05_03
* Tune t/recurse.t stack-overflow limit more.
Version 3.05_02
* Tune t/recurse.t stack-overflow limit. Small 64bit systems overflow
even with depth 3000, where 32bit are ok.
Version 3.05_01
* Protect against stack overflows with nested arrays and hashes
[cpan #97526]. This imposes a new limit to your nested structures,
but JSON::XS has a limit of 512. We use a max_depth of 3000 for the
typical stack limit of 8k.
Version 3.05
* Protect against classname len overflow on the stack
and 2x on the heap with retrieve_bless and retrieve_hook.
A serious security issue with malcrafted storable files or buffers,
but p5p accepts no CVE on Storable attacks. See RT #130635
(reported by JD).
* Fix NULL ptr SEGVs with retrieve_code and retrieve_other.
See RT #130098 (reported and fixed by JD)
* Fix wrong huge LOBJECT support, broken since 3.00c.
Repro with `export PERL_TEST_MEMORY=8`
* Fix the few remaining 2-arg open calls.
* Portability and backport fixes back to 5.6.2
Version 3.04c
* fix printf types and warnings, esp. for 32bit use64bitint
* Change sv_setpvn(…, "…", …) to sv_setpvs(…, "…")
Version 3.03c
* remove . from @INC when loading optional modules
Version 3.02c
* Fix -Wc++11-compat warnings, fix -Wchar-subscripts
Version 3.01c
* Added warn_security("Movable-Type CVE-2015-1592 Storable metasploit attack")
when detecting the third destructive metasploit vector,
thawing bless \"mt-config.cgi", "CGITempFile".
Version 3.00c
* Added support for u64 strings, arrays and hashes >2G
via a new LOBJECT tag. This is for 32bit systems and lengths
between 2GB and 4GB (I32-U32), and 64bit (>I32).
* Bumped STORABLE_BIN_MINOR and STORABLE_BIN_WRITE_MINOR from 10 to 11
* fix parallel tests, use unique filenames.
* fixed 2 instances of 2arg open,
* added optional flag arguments to skip tie and bless on retrieve/thaw,
* added SECURITY WARNING and Large data support to docs
* compute CAN_FLOCK at compile-time
* reformat everything consistently
* enable DEBUGME tracing and asserts with -DDEBUGGING
* fix all 64 bit compiler warnings
* added some abstraction methods to avoid code duplication
?????? p5p <perl5-porters@perl.org>
Version 2.65
* Replace multiple 'use vars' by 'our'
* remove Config dependency
Version 2.51
* [perl #121928] Fix memory leak for dclone inside freeze hook
(Alex Solovey)
* Do not call DESTROY for empty objects
(Vladimir Timofeev)
* Other bugfixes
OBS-URL: https://build.opensuse.org/request/show/841517
OBS-URL: https://build.opensuse.org/package/show/devel:languages:perl/perl-Storable?expand=0&rev=4
2020-10-13 11:46:03 +00:00
|
|
|
Tue Oct 13 11:39:34 UTC 2020 - Tina Müller <tina.mueller@suse.com>
|
|
|
|
|
|
|
|
|
|
- updated to 3.15
|
|
|
|
|
see /usr/share/doc/packages/perl-Storable/ChangeLog
|
|
|
|
|
|
|
|
|
|
2019-04-23 16:00:00 xsawyerx
|
|
|
|
|
version 3.15
|
|
|
|
|
* Fix leaking.
|
|
|
|
|
unreleased
|
|
|
|
|
version 3.14
|
|
|
|
|
* (perl #133708) don't build-time probe for stack limits at all
|
|
|
|
|
unreleased
|
|
|
|
|
version 3.12
|
|
|
|
|
* (perl #133411) don't probe for stack limits with -Dusecrosscompile
|
|
|
|
|
2018-04-27 20:40:00 xsawyerx
|
|
|
|
|
version 3.11
|
|
|
|
|
* Fix Strawberry Perl build failures.
|
|
|
|
|
2018-04-21 22:00:00 xsawyerx
|
|
|
|
|
Version 3.10
|
|
|
|
|
* Fix binary artifacts from distribution.
|
|
|
|
|
2018-04-21 16:49:00 xsawyerx
|
|
|
|
|
Version 3.09
|
|
|
|
|
* Fix "provides" in metadata (META.yml/META.json) to use the Storable
|
|
|
|
|
template instead of a small other file (which also didn't exist).
|
|
|
|
|
2018-04-21 11:23:00 xsawyerx
|
|
|
|
|
Version 3.08
|
|
|
|
|
* (perl #132849) try to disable core files when deliberatly segfaulting.
|
|
|
|
|
* (perl #127743) don't probe Storable limits so much.
|
|
|
|
|
* (perl #132893) don't probe for Storable recursion limits on old Win32.
|
|
|
|
|
* (perl #132870) workaround VC2017 compiler bug.
|
|
|
|
|
* (perl #127743) re-work for debugging builds with MSVC.
|
|
|
|
|
* (perl #133039) dont build a Storable.so/.dll with a static perl build.
|
|
|
|
|
2018-02-07 15:08:00 tonyc
|
|
|
|
|
Version 3.06
|
|
|
|
|
* support large object ids. The code in theory supported arrays
|
|
|
|
|
with more than 2**32 elements, but references to the elements
|
|
|
|
|
emitted at the end of the array with be retrieved as references to
|
|
|
|
|
the wrong elements.
|
|
|
|
|
* 32-bit object ids over 2**31-1 weren't correctly handled.
|
|
|
|
|
* hook object id generation now supports 64-bit ids where needed
|
|
|
|
|
* writing 64-bit lengths in network order now works
|
|
|
|
|
* reading 64-bit lengths in network order now reads the components
|
|
|
|
|
in the correct order.
|
|
|
|
|
* retrieving large object tags are now only handled on 64-bit
|
|
|
|
|
platforms, large object tags should only be emitted for objects
|
|
|
|
|
that are too large for the 32-bit address space, so it was only
|
|
|
|
|
wasted code.
|
|
|
|
|
* reading 32-bit lengths for LSCALAR and LUTF8STR as unsigned
|
|
|
|
|
(perl #131990)
|
|
|
|
|
* reading flagged large object hashes didn't read the flags
|
|
|
|
|
* treat the 32-bit size of hook data as unsigned, values over 2GB
|
|
|
|
|
were treated as large (close to 2**64) parameters to NEWSV().
|
|
|
|
|
(perl #131999)
|
|
|
|
|
* added support for hook data over 4GB in size
|
|
|
|
|
* zero length data receievd from STORABLE_freeze() no longer
|
|
|
|
|
results in an invalid SV being passed to STORABLE_thaw/_attach()
|
|
|
|
|
(perl #118551)
|
|
|
|
|
* where practical, padding is now cleared when emitting a long
|
|
|
|
|
double (perl #131136)
|
|
|
|
|
* cache the value of $Storable::DEBUGME (since cperl enabled
|
|
|
|
|
Storable TRACEME builds for all -DDEBUGGING builds)
|
|
|
|
|
* no longer discard exceptions thrown by
|
|
|
|
|
STORABLE_freeze/_thaw/attach() (perl #25933)
|
|
|
|
|
* fix dependencies used to build Storable.pm from __Storable__.pm
|
|
|
|
|
* add experimental support for freezing/thawing regular
|
|
|
|
|
expressions (perl #50608)
|
|
|
|
|
* re-work recursion limiting to store the limit in a perl variable
|
|
|
|
|
instead of baked into Storable.$so. This allows static Storable
|
|
|
|
|
builds to work, and avoids the kind of circular reference on
|
|
|
|
|
Storable.$so.
|
|
|
|
|
2017-07-24 13:57:13 rurban
|
|
|
|
|
Version 3.05_13
|
|
|
|
|
* mingw fix: use safe defaults, not segfaulting defaults.
|
|
|
|
|
mingw fails on the stacksize binary search, leaving it empty.
|
|
|
|
|
Wed Apr 19 09:11:07 2017 +0200 Reini Urban <rurban@cpan.org>
|
|
|
|
|
Version 3.05_12
|
|
|
|
|
* enhance stack reserve from 8 to 16
|
|
|
|
|
* fix LD_LIBRARY_PATH usage for CORE
|
|
|
|
|
* fixed some coverity warnings and leaks
|
|
|
|
|
* added a release make target
|
|
|
|
|
Wed Mar 29 21:04:28 2017 +0200 Reini Urban <rurban@cpan.org>
|
|
|
|
|
Version 3.05_11
|
|
|
|
|
* croak on sizes read > I32_MAX
|
|
|
|
|
* simplify last_op_in_netorder
|
|
|
|
|
* protect from empty retrieve_vstring
|
|
|
|
|
* protect store_other error buf, potential static
|
|
|
|
|
buffer overflow.
|
|
|
|
|
Tue Mar 14 09:52:20 2017 +0100 Reini Urban <rurban@cpan.org>
|
|
|
|
|
Version 3.05_10
|
|
|
|
|
* CORE-only improvements to stacksize
|
|
|
|
|
Thu Mar 9 19:20:19 2017 +0100 Reini Urban <rurban@cpan.org>
|
|
|
|
|
Version 3.05_09
|
|
|
|
|
* compute the stacksizes, improve cleanup within croak
|
|
|
|
|
from stack exhaustion.
|
|
|
|
|
* added stack_depth and stack_depth_hash getters.
|
|
|
|
|
Wed Mar 8 21:03:43 CET 2017 Reini Urban <rurban@cpan.org>
|
|
|
|
|
Version 3.05_08
|
|
|
|
|
* finetune the max stack limit, for C++, DEBUGGING and 32bit.
|
|
|
|
|
* fix t/blessed.t for cperl5.22
|
|
|
|
|
Sun Mar 5 13:36:47 2017 +0100 Reini Urban <rurban@cpan.org>
|
|
|
|
|
Version 3.05_07
|
|
|
|
|
* Fixed a podchecker issue
|
|
|
|
|
Sun Mar 5 11:42:04 2017 +0100 Reini Urban <rurban@cpan.org>
|
|
|
|
|
Version 3.05_06
|
|
|
|
|
* Fixed wrong recursion depth error with large arrays containing
|
|
|
|
|
another array.
|
|
|
|
|
L<[cperl #257]|https://github.com/perl11/cperl/issues/257>
|
|
|
|
|
Thu Feb 2 12:40:44 2017 +0100 Reini Urban <rurban@cpanel.net>
|
|
|
|
|
Version 3.05_05
|
|
|
|
|
* Add leak tests for [cpan #97316], [perl #121928]
|
|
|
|
|
* Limit the max recursion depth to 1200 on 32bit systems.
|
|
|
|
|
We have no max_depth option yet, as in JSON::XS.
|
|
|
|
|
Thu Feb 2 11:59:21 2017 +0100 Reini Urban <rurban@cpanel.net>
|
|
|
|
|
Version 3.05_04
|
|
|
|
|
* Fix retrieve_tied_array which fails since 5.16
|
|
|
|
|
[cpan #84705]
|
|
|
|
|
* Improve t/blessed.t in the creation of sv_yes/sv_no
|
|
|
|
|
with threaded perls.
|
|
|
|
|
Tue Jan 31 02:55:30 2017 +0100 Reini Urban <rurban@cpanel.net>
|
|
|
|
|
Version 3.05_03
|
|
|
|
|
* Tune t/recurse.t stack-overflow limit more.
|
|
|
|
|
Mon Jan 30 19:50:29 2017 +0100 Reini Urban <rurban@cpanel.net>
|
|
|
|
|
Version 3.05_02
|
|
|
|
|
* Tune t/recurse.t stack-overflow limit. Small 64bit systems overflow
|
|
|
|
|
even with depth 3000, where 32bit are ok.
|
|
|
|
|
Mon Jan 30 15:13:38 2017 +0100 Reini Urban <rurban@cpanel.net>
|
|
|
|
|
Version 3.05_01
|
|
|
|
|
* Protect against stack overflows with nested arrays and hashes
|
|
|
|
|
[cpan #97526]. This imposes a new limit to your nested structures,
|
|
|
|
|
but JSON::XS has a limit of 512. We use a max_depth of 3000 for the
|
|
|
|
|
typical stack limit of 8k.
|
|
|
|
|
Sun Jan 29 11:36:43 2017 +0100 Reini Urban <rurban@cpanel.net>
|
|
|
|
|
Version 3.05
|
|
|
|
|
* Protect against classname len overflow on the stack
|
|
|
|
|
and 2x on the heap with retrieve_bless and retrieve_hook.
|
|
|
|
|
A serious security issue with malcrafted storable files or buffers,
|
|
|
|
|
but p5p accepts no CVE on Storable attacks. See RT #130635
|
|
|
|
|
(reported by JD).
|
|
|
|
|
* Fix NULL ptr SEGVs with retrieve_code and retrieve_other.
|
|
|
|
|
See RT #130098 (reported and fixed by JD)
|
|
|
|
|
* Fix wrong huge LOBJECT support, broken since 3.00c.
|
|
|
|
|
Repro with `export PERL_TEST_MEMORY=8`
|
|
|
|
|
* Fix the few remaining 2-arg open calls.
|
|
|
|
|
* Portability and backport fixes back to 5.6.2
|
|
|
|
|
Sat Jan 7 09:01:29 2017 +0100 Reini Urban <rurban@cpanel.net>
|
|
|
|
|
Version 3.04c
|
|
|
|
|
* fix printf types and warnings, esp. for 32bit use64bitint
|
|
|
|
|
* Change sv_setpvn(…, "…", …) to sv_setpvs(…, "…")
|
|
|
|
|
Tue Jul 26 11:49:33 2016 +1000 Tony Cook <tony@develop-help.com>
|
|
|
|
|
Version 3.03c
|
|
|
|
|
* remove . from @INC when loading optional modules
|
|
|
|
|
Sun Nov 20 18:06:45 2016 +0100 Reini Urban <rurban@cpanel.net>
|
|
|
|
|
Version 3.02c
|
|
|
|
|
* Fix -Wc++11-compat warnings, fix -Wchar-subscripts
|
|
|
|
|
Fri Sep 16 01:32:59 2016 +0200 Reini Urban <rurban@cpanel.net>
|
|
|
|
|
Version 3.01c
|
|
|
|
|
* Added warn_security("Movable-Type CVE-2015-1592 Storable metasploit attack")
|
|
|
|
|
when detecting the third destructive metasploit vector,
|
|
|
|
|
thawing bless \"mt-config.cgi", "CGITempFile".
|
|
|
|
|
Thu Mar 31 17:10:27 2016 +0200 Reini Urban <rurban@cpanel.net>
|
|
|
|
|
Version 3.00c
|
|
|
|
|
* Added support for u64 strings, arrays and hashes >2G
|
|
|
|
|
via a new LOBJECT tag. This is for 32bit systems and lengths
|
|
|
|
|
between 2GB and 4GB (I32-U32), and 64bit (>I32).
|
|
|
|
|
* Bumped STORABLE_BIN_MINOR and STORABLE_BIN_WRITE_MINOR from 10 to 11
|
|
|
|
|
* fix parallel tests, use unique filenames.
|
|
|
|
|
* fixed 2 instances of 2arg open,
|
|
|
|
|
* added optional flag arguments to skip tie and bless on retrieve/thaw,
|
|
|
|
|
* added SECURITY WARNING and Large data support to docs
|
|
|
|
|
* compute CAN_FLOCK at compile-time
|
|
|
|
|
* reformat everything consistently
|
|
|
|
|
* enable DEBUGME tracing and asserts with -DDEBUGGING
|
|
|
|
|
* fix all 64 bit compiler warnings
|
|
|
|
|
* added some abstraction methods to avoid code duplication
|
|
|
|
|
?????? p5p <perl5-porters@perl.org>
|
|
|
|
|
Version 2.65
|
|
|
|
|
* Replace multiple 'use vars' by 'our'
|
|
|
|
|
* remove Config dependency
|
|
|
|
|
Wed Jul 2 16:25:25 IST 2014 Abhijit Menon-Sen <ams@toroid.org>
|
|
|
|
|
Version 2.51
|
|
|
|
|
* [perl #121928] Fix memory leak for dclone inside freeze hook
|
|
|
|
|
(Alex Solovey)
|
|
|
|
|
* Do not call DESTROY for empty objects
|
|
|
|
|
(Vladimir Timofeev)
|
|
|
|
|
* Other bugfixes
|
|
|
|
|
|
2013-12-01 06:18:21 +00:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Sat Nov 30 18:25:23 UTC 2013 - vjt@openssl.it
|
|
|
|
|
|
|
|
|
|
- Update to 2.45:
|
|
|
|
|
* [perl #118829] Memory leaks in STORABLE_attach (Vladimir Timofeev)
|
|
|
|
|
* [perl #118139] Don't SEGV during global destruction (Nicholas Clark,
|
|
|
|
|
report/test from Reini Urban)
|
|
|
|
|
* Added security warnings section (Steffen Mueller)
|
|
|
|
|
* Update INSTALLDIRS to favour installation in 'site' (James E Keenan)
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Mar 6 13:34:55 UTC 2013 - vjt@openssl.it
|
|
|
|
|
|
|
|
|
|
- Update to 2.39
|
|
|
|
|
* prevent nfreeze from incorrectly stringifying integers (2.29)
|
|
|
|
|
* compatibility fixes for older versions of Perl and vstring handling
|
|
|
|
|
|
2011-06-04 21:31:21 +00:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Sat Jun 4 21:28:29 UTC 2011 - lars@linux-schulserver.de
|
|
|
|
|
|
|
|
|
|
- initial package 2.25
|
|
|
|
|
* created by cpanspec 1.78.03
|
|
|
|
|
|