Home Debian Debian Unstable Upgrades To Perl 5.40

Debian Unstable Upgrades To Perl 5.40

By sk
227 views

Debian Unstable has been upgraded to Perl 5.40.0, bringing a range of new features, security updates, and bug fixes. Debian Developer Niko Tyni announced the transition on the Debian mailing list, noting that users should expect widespread uninstallability in sid (the codename for Debian Unstable) for a few days until the necessary rebuilds are completed.

The new Perl packages will first appear in Debian's Unstable branch. From there, they'll move to the Testing branch and are likely to be included in Debian's next stable release, probably next year.

Debian Unstable's upgrade to Perl 5.40.0 is a notable advancement. It introduces new language features, improves security, and fixes many bugs. Let us discuss some new features, enhancements and notable changes in Perl 5.40.

New Features in Perl 5.40.0

Perl 5.40.0 is a major release with several enhancements, including:

  • The class keyword: This new keyword enables developers to write more modern and object-oriented Perl code. Inside a method, ADJUST block, or field initializer expression, the __CLASS__ keyword yields the class name of the current object instance. This facilitates method dispatch, particularly within constructors where accessing $self is not permitted.
  • Space in -M command-line option: Perl now permits a space between the -M switch and the subsequent module name, mirroring the behaviour of the -I option.
  • Logical XOR operator (^^): A new logical XOR operator (^^) has been introduced, completing the set of logical and bitwise operators.
  • Stabilisation of try/catch and multi-value for iteration: Features introduced in previous versions, try/catch for exception handling and iterating over multiple values with for, are now considered stable and no longer trigger warnings.
  • Stabilisation of builtin module: The builtin module, introduced in Perl 5.36.0, is now deemed stable. However, some functions within the module remain experimental.
  • use v5.40 feature bundle: Using use v5.40; (or later) imports the corresponding feature bundle, including the recently stabilised try feature. Additionally, it imports the relevant builtin version bundle.

Security Enhancements

Two notable security vulnerabilities have been addressed in this release:

  • CVE-2023-47038: This vulnerability involved potential buffer overflow via a crafted regular expression. It has been patched in versions 5.30.0 through 5.38.0.
  • CVE-2023-47039: A binary hijacking vulnerability specific to Perl for Windows has been addressed. This vulnerability arose from Perl's reliance on the system path to locate cmd.exe, making it susceptible to exploitation by placing a malicious cmd.exe in a directory with weak permissions.

Notable Changes

The upgrade also includes some incompatible changes:

  • reset EXPR behaviour: reset EXPR now invokes "set-magic" on scalars, potentially causing changes to propagate to internal states or trigger exceptions.
  • Calling the import method of an undefined package: Calling import or unimport on an undefined class with an argument now generates a warning, aiding in the detection of typos and potential misuse.
  • Disallowing indirect objects with return: The return operator no longer permits indirect objects, eliminating a source of confusion.
  • Restriction on class barewords in method calls: Class barewords are no longer interpreted as file handles in specific method calls under the no feature "bareword_filehandles" condition.

Module Updates

Several core modules have been updated, with notable upgrades including:

  • Archive::Tar upgraded from 2.40 to 3.02_001.
  • Term::Table added to the core (version 0.018).
  • Test2::Suite added to the core (version 0.000162), providing tools for comprehensive unit testing.
  • builtin module: The load_module() function added.

Various other modules have received updates, including but not limited to bytes, Compress::Raw::Bzip2, Compress::Raw::Zlib, Data::Dumper, DB_File, Devel::Peek, Devel::PPPort, diagnostics, and many more.

The comprehensive list of changes is documented in the Perl delta document, which provides in-depth information for developers. If you encounter issues that you believe might be bugs, please follow the reporting instructions in https://github.com/Perl/perl5/issues.

Resource:

You May Also Like

Leave a Comment

* By using this form you agree with the storage and handling of your data by this website.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

This website uses cookies to improve your experience. By using this site, we will assume that you're OK with it. Accept Read More