Leo Lapworth

May 192013
 

The release of Perl 5.18.0 has been announced

You can find a full list of changes in the file “perldelta.pod” located in the “pod” directory inside the release and on the web.

Perl v5.18.0 represents approximately 12 months of development since Perl v5.16.0 and contains approximately 400,000 lines of changes across 2,100 files from 113 authors.

Perl continues to flourish into its third decade thanks to a vibrant community of users and developers.

Strawberry Perl 5.18.0.1 is available at http://strawberryperl.com (all editions: MSI, ZIP, PortableZIP for both: 32/64bit MS Windows)

May 052013
 

The Perlfoundation has announced the 2013Q2 Grant Proposals.

For this quarter, TPF Grants Committee have four different proposals. They invite the Perl Community to comment on the proposals and their relevance to the community. Comments on each grant on their specific page…

To submit your own proposal for the next round of grants see the guidelines and the current rules of operation. Then send your proposal to tpf-proposals@perl-foundation.org.

Apr 212013
 

Andy Lester has announced the release of ack 2.0. ack is designed to help programmers who need to search large amounts source code – fast.

ack was originally developed to be better than the unix grep (file pattern searcher) command, and as pointed out in the announcement is now trying to focus on going beyond even that.

ack is cross-platform and pure Perl – so will run on all platforms, including Windows, and is very easy to install.

For more information visit the ack website.

Apr 102013
 

Best Practical have announced an upgrade and new features for https://rt.cpan.org/.

https://rt.cpan.org/ is the issue tracking system available for every one of the 27,000+ open source distributions released through CPAN.

New features include:

  • Mobile support (also accessible from https://rt.cpan.org/m)
  • Preferred bug tracker information displayed prominently – if the module author wants to use a different tracker it is clearly displayed and linked to

See the announcement for the full list of improvements.

Mar 162013
 

PrePAN provides a place to discuss your modules.

It’s aim is to help with questions like…

  • Are there any similar modules?
  • I’m not confident about the implementation…
  • How can I distribute the module in keeping with CPAN’s conventions?
  • I want someone to review my module..

The PrePAN team recently made two announcements – PrePAN is now on AWS hosting, and they have also joined the MetaCPAN team.

MetaCPAN is an open source search engine for the Comprehensive Perl Archive Network (CPAN), an ever growing archive of code and documentation for the Perl programming language.

Mar 042013
 

The following message concerns a hash-related flaw in perl 5

This issue affects all production versions of perl from 5.8.2 to 5.16.x. It does not affect the upcoming perl 5.18.

In order to prevent an algorithmic complexity attack against its hashing mechanism, perl will sometimes recalculate keys and redistribute the contents of a hash.  This mechanism has made perl robust against attacks that have been demonstrated against other systems.

Research by Yves Orton has recently uncovered a flaw in the rehashing code which can result in pathological behavior.  This flaw could be exploited to carry out a denial of service attack against code that uses arbitrary user input as hash keys.

Because using user-provided strings as hash keys is a very common operation, we urge users of perl to update their perl executable as soon as possible.

Updates to address this issue have been pushed to maint-5.8, maint-5.10maint-5.12, maint-5.14, and maint-5.16 branches today, perl 5.14.4 and 5.16.3 will be released soon, including these fixes. There is no plan to make a new release of any other version.

Vendors* were informed of this problem two weeks ago and are expected to be shipping updates today (or otherwise very soon).

bleadperl is not affected.

This issue has been assigned the identifier CVE-2013-1667.