Opened 3 weeks ago

Closed 3 weeks ago

#5898 closed enhancement (fixed)

perl-5.42.2

Reported by: Bruce Dubbs Owned by: Douglas R. Reno
Priority: high Milestone: 13.1
Component: Book Version: git
Severity: normal Keywords:
Cc:

Description

New point version.

Change History (5)

comment:1 by Bruce Dubbs, 3 weeks ago

Priority: normalhigh

[CVE-2026-4176] Vulnerability in Compress::Raw::Zlib

Compress::Raw::Zlib is included in Perl as a dual-life core module, and was vulnerable to [CVE-2026-3381 <https://www.cve.org/CVERecord?id=CVE-2026-3381>] due to a vendored version of zlib which had several vulnerabilities, including [CVE-2026-27171 <https://www.cve.org/CVERecord?id=CVE-2026-27171>].

comment:2 by Bruce Dubbs, 3 weeks ago

Incompatible Changes

There are no changes intentionally incompatible with 5.42.1. If any exist, they are bugs, and we request that you submit a report. See "Reporting Bugs" below.

Modules and Pragmata

Updated Modules and Pragmata

  • Compress::Raw::Zlib has been upgraded from version 2.213 to 2.222.
  • Module::CoreList has been upgraded from version 5.20260308 to

5.20260329_42.

Changes to Existing Documentation

We have attempted to update the documentation to reflect the changes listed in this document. If you find any we have missed, open an issue at <https://github.com/Perl/perl5/issues>.

Testing

Tests were added and changed to reflect the other additions and changes in this release.

comment:3 by Bruce Dubbs, 3 weeks ago

Fixed at commit 2c1f428b94 but leaving open for SA. 

XML-Parser-2.54
perl-5.42.2

comment:4 by Bruce Dubbs, 3 weeks ago

Owner: changed from lfs-book to Douglas R. Reno

comment:5 by Douglas R. Reno, 3 weeks ago

Resolution: fixed
Status: newclosed

SA-13.0-023 issued

Note: See TracTickets for help on using tickets.