VSI-I64VMS-PERL528-V0528-1-1-RELNOTE.PDF

Perl v5.28.1 is a patch release that primarily focuses on security fixes and bug resolutions since v5.28.0.

Key updates include:

• Security: Two critical vulnerabilities have been addressed:

  • [CVE-2018-18311] An integer overflow in Perl_my_setenv() that could lead to a buffer overflow and segmentation fault.
  • [CVE-2018-18312] A heap-buffer-overflow during regular expression compilation in S_regatom which could allow arbitrary code execution.

• Bug Fixes: Several bugs have been resolved, including:

  • A warning caused by an index() optimization in when clauses.
  • Incorrect matching of decimal digits in script runs.
  • A directory handle leak in the in-place editing feature.

• Modules: Module::CoreList has been updated to version 5.20181129_28.

• Compatibility: There are no intentional incompatible changes from v5.28.0.

This release represents approximately five months of development with contributions from 12 authors. The document also provides information on how to report bugs (including security-sensitive ones) and thank contributors.