Path: usenet.cise.ufl.edu!huron.eel.ufl.edu!usenet.eel.ufl.edu!spool.mu.edu!uwm.edu!vixen.cso.uiuc.edu!news2.chicago.iagnet.net!iagnet.net!128.223.220.30!logbridge.uoregon.edu!newsfeed.direct.ca!news.he.net!news.rain.net!news.teleport.com!not-for-mail
From: [email protected] (Tim Bunce)
Newsgroups: comp.lang.perl.announce,comp.lang.perl.misc
Subject: Perl 5.004_04 is available (Maintenance Release 4 for Perl5.004)
Followup-To: comp.lang.perl.misc
Date: 31 Oct 1997 17:45:49 GMT
Organization: Teleport - Portland's Public Access (503) 220-1016
Lines: 196
Sender: [email protected]
Approved: [email protected] (comp.lang.perl.announce)
Message-ID: <[email protected]>
NNTP-Posting-Host: gadget.cscaper.com
X-Disclaimer: The "Approved" header verifies header information for article transmission and does not imply approval of content.
Xref: usenet.cise.ufl.edu comp.lang.perl.announce:1 comp.lang.perl.misc:533


The Perl development team is pleased to announce the release of
Perl version 5.004_04:  A Maintenance Release for Perl 5.004.


WARNING: If you use tainting (-T and/or set-uid/gid) then security fixes
in this release may break working but possibly insecure scripts. See below.


BACKGROUND INFORMATION

Work on Perl has been split into separate development and maintenance
tracks from Perl 5.004 onwards.

The development track is focused on major enhancements to Perl and will
typically have a fairly long major release cycle. Work on 5.005 (which
will include threading and improved compiler support) is underway now.
Alpha releases for 5.005 have subversion numbers starting from 5.004_50.

The maintenance track is focussed on improving the quality of a given
Perl release (through bug fixes, documentation fixes and greater
portability etc) and will typically have a shorter release cycle.
Maintenance releases have subversion numbers starting from 5.004_01.

One goal of the maintenance track is that users should always feel
confident about installing a maintenance release subversion, such as
5.004_04, as an upgrade for the corresponding major version.


THIS RELEASE

The 5.004_02 and 5.004_03 maintenance releases were not formally
announced because they were found to have some problems soon after they
were made ready for release. The 5.004_04 release has been widely tested
on a great many platforms with no significant problems (but see below).

This release builds on the excellent work that went into the 5.004 and
later maintenance releases and adds these significant enhancements
(relative to 5.004_01):

BUG FIXES

 Major memory growth bug fixed. (Worth upgrading for this alone.)
 Fixed gaps in tainting (readdir, readlink, gecos, bit vector ops).
 Object destruction is more timely and orderly.
 DB_File now sub-classable (and other fixes).
 Fixed memory leak in splice(@_).
 Fixed debugger core dumps.

GREATER PORTABILITY

 Further major enhancements to Win32 support, including:
 Win32 binary compatibility between Visual C++ and Borland C++.
 Win32 handle leak fixed.
 The -S option is now more useful on dos/Win32 (see perlrun).
 Better support for Windows 95.
 Assorted hint file improvements for many platforms.

OTHER FIXES AND ENHANCEMENTS

 Internal integer to string conversions are faster.
 IO::Socket now sets autoflush by default.
 Run-time warnings in while loops now show correct line number.
 Carp can be forced to give stack traces (see perldoc Carp).
 Implicit -p print now checks for write errors.
 Memory usage stats available with perl's malloc (see perldelta).
 'use UNIVERSAL;' deprecated (see perldelta).
 perl --foo no longer silently ignored.
 Many assorted documentation improvements.
 Several perldoc bugs fixed, now faster and more helpful.
 And many many other bug fixes and enhancements.


KNOWN PROBLEMS / ISSUES / LATE BREAKING NEWS

 General: Important notes on taint changes not added to INSTALL.
          (see Changes to Tainting section below)
          Compile-time warnings in while loops may show "line 65535".
          (apply the one-line patch appended to the end of this message)
 Win32:   stat and -* file tests have problems on network drives.
 UNICOS9: Avoid using "Programming Environment version 3.0".
 AIX 4.1: May need to remove "-H512 -T512" from lddlflags in hints/aix.sh.
 IRIX:    Ignore the over-zelous compiler warnings from toke.c.
 GNU make: <=3.62 may say "No way to make target `sdbm/libsdbm.a'".

Many, if not all, will be fixed in the next maintenance release.


CHANGES TO TAINTING ** IMPORTANT - MAY 'BREAK' YOUR SCRIPTS **

This section is important to you if you use perl with tainting enabled
(either by running set-uid/set-gid script or using the -T flag).

Perl versions prior to 5.004_04 did not taint the results of readdir,
readlink or the gecos field of the getpw*() builtins. There were also
gaps in the handling of tainted data by bit vector ops.

Perl version 5.004_04 fixes these bugs and thus closes some potential
security holes. However, it is probable that these fixes will break a
number of existing working (but potentially insecure) scripts. The most
common cause of breakage being the tainting of readdir results.

If you run scripts with tainting enabled you should check those scripts
and, if required, carefully untaint the newly tainted data using the
methods described in the perlsec manual.

As an alternative you can compile perl with the -DINCOMPLETE_TAINTS
compiler option to remain 'bug compatible' with previous versions.
This is not recommended and will not be available with perl 5.005.


THINGS YOU NEED TO KNOW AND THINGS YOU NEED TO DO

[ These notes are primarily for people installing Perl for the first time
or upgrading from Perl 5.003 (or earlier). If you are upgrading a successful
5.004 installation then you should be able to follow the same procedure you
used before. ]

As usual it is *vital* that you read the file "INSTALL" before building this
release; it contains information you absolutely need to know.  For example,
"INSTALL" explains how you can install Perl without removing previous
version(s) of Perl, and how you can make this Perl binary-compatible with
Perl 5.003 (and why you have a choice).

There are several new functions and features in Perl 5.004, including a
small number of unavoidable incompatibilities.  See the change notices for
details, in the file "pod/perldelta.pod".  It is *highly* recommended that
you read "pod/perldelta.pod" before using this release if you have any
previous experience with Perl.

IF YOU HAVE ANY PROBLEMS

If you find a bug, please report it to us with the "perlbug" script in the
"utils" directory of the distribution.  Since you may have older versions
of "perlbug" installed, run it as "./perl utils/perlbug"; to display its
documentation, use the "-h" flag.  If you cannot send external E-Mail from
your development platform, you can still use "perlbug" to prepare the bug
report and save it to a file, which you should then mail to
<[email protected]>.

If Perl didn't even compile, then you won't be able to use "perlbug".
Instead, compose your bug report by hand, being sure to include the output
of the "myconfig" shell script included in the distribution, and mail it
to <[email protected]>. (Being sure to include the OUTPUT of the "myconfig"
shell script, NOT the myconfig script itself, and avoiding MIME or
uuencoding the result if possible.)

We re-emphasize: *Please* read "INSTALL" and "pod/perldelta.pod" carefully.
We are happy to answer questions, but our time is limited.  By reading the
excellent documentation included with Perl before asking for help, you will
save yourself time, you will save us time, and you will help us debug the
documentation.


WHERE TO FIND IT

You will find this release on CPAN, the Comprehensive Perl Archive Network.
The following URL at Tom Christiansen's web server (perl.com) will
automatically direct your request to a CPAN FTP site appropriate for your
location:

   http://www.perl.com/CPAN/src/5.0/perl5.004_04.tar.gz
   http://www.perl.com/CPAN/src/5.0/perl5.004_04.patch.gz

If you wish to retrieve the file entirely with HTTP, you can use this URL
at The Perl Institute (perl.org):

   http://www.perl.org/CPAN/src/5.0/perl5.004_04.tar.gz
   http://www.perl.org/CPAN/src/5.0/perl5.004_04.patch.gz

MD5 checksums:
   perl5.004_04.tar.gz   => '2618029201ad19cfb9a7d02a498eb1f4'
   perl5.004_04.patch.gz => '0e3b122cb100abd6286e1a08fd15ffa7'


Finally, to quote Douglas Adams: "Share and enjoy!"

       Signed,

       The Perl Development Team



Patch for compile-time warnings in while loops showing "line 65535":
Index: op.c
*************** OP *cont;
*** 2853,2856 ****
--- 2853,2857 ----

     if (expr) {
+       copline = whileline;
       scalar(listop);
       op = new_logop(OP_AND, 0, &expr, &listop);

You are viewing proxied material from ftp.icm.edu.pl. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.