Import 5.22.2's perldelta

4 files changed, 392 insertions, 0 deletions

diff --git a/MANIFEST b/MANIFEST
index 3da311992a..c847f60e66 100644
--- a/MANIFEST
+++ b/MANIFEST
@@ -4644,6 +4644,7 @@ pod/perl5202delta.pod		Perl changes in version 5.20.2
 pod/perl5203delta.pod		Perl changes in version 5.20.3
 pod/perl5220delta.pod		Perl changes in version 5.22.0
 pod/perl5221delta.pod		Perl changes in version 5.22.1
+pod/perl5222delta.pod		Perl changes in version 5.22.2
 pod/perl561delta.pod		Perl changes in version 5.6.1
 pod/perl56delta.pod		Perl changes in version 5.6
 pod/perl581delta.pod		Perl changes in version 5.8.1
diff --git a/pod/perl.pod b/pod/perl.pod
index 638e8c935e..f6b7d79a87 100644
--- a/pod/perl.pod
+++ b/pod/perl.pod
@@ -180,6 +180,7 @@ aux c2ph h2ph h2xs perlbug pl2pm pod2html pod2man splain xsubpp
 
     perlhist		Perl history records
     perldelta		Perl changes since previous version
+    perl5222delta	Perl changes in version 5.22.2
     perl5221delta	Perl changes in version 5.22.1
     perl5220delta	Perl changes in version 5.22.0
     perl5203delta	Perl changes in version 5.20.3
diff --git a/pod/perl5222delta.pod b/pod/perl5222delta.pod
new file mode 100644
index 0000000000..034d5bc47c
--- /dev/null
+++ b/pod/perl5222delta.pod
@@ -0,0 +1,386 @@
+=encoding utf8
+
+=head1 NAME
+
+perl5222delta - what is new for perl v5.22.2
+
+=head1 DESCRIPTION
+
+This document describes differences between the 5.22.1 release and the 5.22.2
+release.
+
+If you are upgrading from an earlier release such as 5.22.0, first read
+L<perl5221delta>, which describes differences between 5.22.0 and 5.22.1.
+
+=head1 Security
+
+=head2 Fix out of boundary access in Win32 path handling
+
+This is CVE-2015-8608.  For more information see
+L<[perl #126755]|https://rt.perl.org/Ticket/Display.html?id=126755>.
+
+=head2 Fix loss of taint in C<canonpath()>
+
+This is CVE-2015-8607.  For more information see
+L<[perl #126862]|https://rt.perl.org/Ticket/Display.html?id=126862>.
+
+=head2 Set proper umask before calling C<mkstemp(3)>
+
+In 5.22.0 perl started setting umask to C<0600> before calling C<mkstemp(3)>
+and restoring it afterwards.  This wrongfully tells C<open(2)> to strip the
+owner read and write bits from the given mode before applying it, rather than
+the intended negation of leaving only those bits in place.
+
+Systems that use mode C<0666> in C<mkstemp(3)> (like old versions of glibc)
+create a file with permissions C<0066>, leaving world read and write permissions
+regardless of current umask.
+
+This has been fixed by using umask C<0177> instead.
+
+L<[perl #127322]|https://rt.perl.org/Ticket/Display.html?id=127322>
+
+=head2 Avoid accessing uninitialized memory in Win32 C<crypt()>
+
+Validation that will detect both a short salt and invalid characters in the
+salt has been added.
+
+L<[perl #126922]|https://rt.perl.org/Ticket/Display.html?id=126922>
+
+=head2 Remove duplicate environment variables from C<environ>
+
+Previously, if an environment variable appeared more than once in C<environ[]>,
+L<C<%ENV>|perlvar/%ENV> would contain the last entry for that name, while a
+typical C<getenv()> would return the first entry.  We now make sure C<%ENV>
+contains the same as what C<getenv()> returns.
+
+Secondly, we now remove duplicates from C<environ[]>, so if a setting with that
+name is set in C<%ENV> we won't pass an unsafe value to a child process.
+
+This is CVE-2016-2381.
+
+=head1 Incompatible Changes
+
+There are no changes intentionally incompatible with Perl 5.22.1.  If any
+exist, they are bugs, and we request that you submit a report.  See
+L</Reporting Bugs> below.
+
+=head1 Modules and Pragmata
+
+=head2 Updated Modules and Pragmata
+
+=over 4
+
+=item *
+
+L<File::Spec> has been upgraded from version 3.56 to 3.56_01.
+
+C<canonpath()> now preserves taint.  See L</"Fix loss of taint in
+C<canonpath()>">.
+
+=item *
+
+L<Module::CoreList> has been upgraded from version 5.20151213 to 5.20160429.
+
+The version number of L<Digest::SHA> listed for Perl 5.18.4 was wrong and has
+been corrected.  Likewise for the version number of L<Config> in 5.18.3 and
+5.18.4.
+L<[perl #127624]|https://rt.perl.org/Ticket/Display.html?id=127624>
+
+=back
+
+=head1 Documentation
+
+=head2 Changes to Existing Documentation
+
+=head3 L<perldiag>
+
+=over 4
+
+=item *
+
+The explanation of the warning "unable to close filehandle %s properly: %s"
+which can occur when doing an implicit close of a filehandle has been expanded
+and improved.
+
+=back
+
+=head3 L<perlfunc>
+
+=over 4
+
+=item *
+
+The documentation of L<C<hex()>|perlfunc/hex> has been revised to clarify valid
+inputs.
+
+=back
+
+=head1 Configuration and Compilation
+
+=over 4
+
+=item *
+
+Dtrace builds now build successfully on systems with a newer dtrace that
+require an input object file that uses the probes in the F<.d> file.
+
+Previously the probe would fail and cause a build failure.
+
+L<[perl #122287]|https://rt.perl.org/Ticket/Display.html?id=122287>
+
+=item *
+
+F<Configure> no longer probes for F<libnm> by default.  Originally this was the
+"New Math" library, but the name has been re-used by the GNOME NetworkManager.
+
+L<[perl #127131]|https://rt.perl.org/Ticket/Display.html?id=127131>
+
+=item *
+
+F<Configure> now knows about gcc 5.
+
+=item *
+
+Compiling perl with B<-DPERL_MEM_LOG> now works again.
+
+=back
+
+=head1 Platform Support
+
+=head2 Platform-Specific Notes
+
+=over 4
+
+=item Darwin
+
+Compiling perl with B<-Dusecbacktrace> on Darwin now works again.
+
+L<[perl #127764]|https://rt.perl.org/Ticket/Display.html?id=127764>
+
+=item OS X/Darwin
+
+Builds with both B<-DDEBUGGING> and threading enabled would fail with a "panic:
+free from wrong pool" error when built or tested from Terminal on OS X.  This
+was caused by perl's internal management of the environment conflicting with an
+atfork handler using the libc C<setenv()> function to update the environment.
+
+Perl now uses C<setenv()>/C<unsetenv()> to update the environment on OS X.
+
+L<[perl #126240]|https://rt.perl.org/Ticket/Display.html?id=126240>
+
+=item ppc64el
+
+The floating point format of ppc64el (Debian naming for little-endian PowerPC)
+is now detected correctly.
+
+=item Tru64
+
+A test failure in F<t/porting/extrefs.t> has been fixed.
+
+=back
+
+=head1 Internal Changes
+
+=over 4
+
+=item *
+
+An unwarranted assertion in C<Perl_newATTRSUB_x()> has been removed.  If a stub
+subroutine definition with a prototype has been seen, then any subsequent stub
+(or definition) of the same subroutine with an attribute was causing an
+assertion failure because of a null pointer.
+
+L<[perl #126845]|https://rt.perl.org/Ticket/Display.html?id=126845>
+
+=back
+
+=head1 Selected Bug Fixes
+
+=over 4
+
+=item *
+
+Calls to the placeholder C<&PL_sv_yes> used internally when an C<import()> or
+C<unimport()> method isn't found now correctly handle scalar context.
+L<[perl #126042]|https://rt.perl.org/Ticket/Display.html?id=126042>
+
+=item *
+
+The L<C<pipe()>|perlfunc/pipe> operator would assert for C<DEBUGGING> builds
+instead of producing the correct error message.  The condition asserted on is
+detected and reported on correctly without the assertions, so the assertions
+were removed.
+L<[perl #126480]|https://rt.perl.org/Ticket/Display.html?id=126480>
+
+=item *
+
+In some cases, failing to parse a here-doc would attempt to use freed memory.
+This was caused by a pointer not being restored correctly.
+L<[perl #126443]|https://rt.perl.org/Ticket/Display.html?id=126443>
+
+=item *
+
+Perl now reports more context when it sees an array where it expects to see an
+operator, and avoids an assertion failure.
+L<[perl #123737]|https://rt.perl.org/Ticket/Display.html?id=123737>
+
+=item *
+
+If a here-doc was found while parsing another operator, the parser had already
+read end of file, and the here-doc was not terminated, perl could produce an
+assertion or a segmentation fault.  This now reliably complains about the
+unterminated here-doc.
+L<[perl #125540]|https://rt.perl.org/Ticket/Display.html?id=125540>
+
+=item *
+
+Parsing beyond the end of the buffer when processing a C<#line> directive with
+no filename is now avoided.
+L<[perl #127334]|https://rt.perl.org/Ticket/Display.html?id=127334>
+
+=item *
+
+Perl 5.22.0 added support for the C99 hexadecimal floating point notation, but
+sometimes misparsed hex floats.  This has been fixed.
+L<[perl #127183]|https://rt.perl.org/Ticket/Display.html?id=127183>
+
+=item *
+
+Certain regex patterns involving a complemented posix class in an inverted
+bracketed character class, and matching something else optionally would
+improperly fail to match.  An example of one that could fail is
+C<qr/_?[^\Wbar]\x{100}/>.  This has been fixed.
+L<[perl #127537]|https://rt.perl.org/Ticket/Display.html?id=127537>
+
+=item *
+
+Fixed an issue with L<C<pack()>|perlfunc/pack> where C<< pack "H" >> (and
+C<< pack "h" >>) could read past the source when given a non-utf8 source and a
+utf8 target.
+L<[perl #126325]|https://rt.perl.org/Ticket/Display.html?id=126325>
+
+=item *
+
+Fixed some cases where perl would abort due to a segmentation fault, or a
+C-level assert.
+L<[perl #126193]|https://rt.perl.org/Ticket/Display.html?id=126193>
+L<[perl #126257]|https://rt.perl.org/Ticket/Display.html?id=126257>
+L<[perl #126258]|https://rt.perl.org/Ticket/Display.html?id=126258>
+L<[perl #126405]|https://rt.perl.org/Ticket/Display.html?id=126405>
+L<[perl #126602]|https://rt.perl.org/Ticket/Display.html?id=126602>
+L<[perl #127773]|https://rt.perl.org/Ticket/Display.html?id=127773>
+L<[perl #127786]|https://rt.perl.org/Ticket/Display.html?id=127786>
+
+=item *
+
+A memory leak when setting C<$ENV{foo}> on Darwin has been fixed.
+L<[perl #126240]|https://rt.perl.org/Ticket/Display.html?id=126240>
+
+=item *
+
+Perl now correctly raises an error when trying to compile patterns with
+unterminated character classes while there are trailing backslashes.
+L<[perl #126141]|https://rt.perl.org/Ticket/Display.html?id=126141>
+
+=item *
+
+C<NOTHING> regops and C<EXACTFU_SS> regops in C<make_trie()> are now handled
+properly.
+L<[perl #126206]|https://rt.perl.org/Ticket/Display.html?id=126206>
+
+=item *
+
+Perl now only tests C<semctl()> if we have everything needed to use it.  In
+FreeBSD the C<semctl()> entry point may exist, but it can be disabled by
+policy.
+L<[perl #127533]|https://rt.perl.org/Ticket/Display.html?id=127533>
+
+=item *
+
+A regression that allowed undeclared barewords as hash keys to work despite
+strictures has been fixed.
+L<[perl #126981]|https://rt.perl.org/Ticket/Display.html?id=126981>
+
+=item *
+
+As an optimization (introduced in Perl 5.20.0), L<C<uc()>|perlfunc/uc>,
+L<C<lc()>|perlfunc/lc>, L<C<ucfirst()>|perlfunc/ucfirst> and
+L<C<lcfirst()>|perlfunc/lcfirst> sometimes modify their argument in-place
+rather than returning a modified copy.  The criteria for this optimization has
+been made stricter to avoid these functions accidentally modifying in-place
+when they should not, which has been happening in some cases, e.g. in
+L<List::Util>.
+
+=item *
+
+Excessive memory usage in the compilation of some regular expressions involving
+non-ASCII characters has been reduced.  A more complete fix is forthcoming in
+Perl 5.24.0.
+
+=back
+
+=head1 Acknowledgements
+
+Perl 5.22.2 represents approximately 5 months of development since Perl 5.22.1
+and contains approximately 3,000 lines of changes across 110 files from 24
+authors.
+
+Excluding auto-generated files, documentation and release tools, there were
+approximately 1,500 lines of changes to 52 .pm, .t, .c and .h files.
+
+Perl continues to flourish into its third decade thanks to a vibrant community
+of users and developers.  The following people are known to have contributed
+the improvements that became Perl 5.22.2:
+
+Aaron Crane, Abigail, Andreas König, Aristotle Pagaltzis, Chris 'BinGOs'
+Williams, Craig A. Berry, Dagfinn Ilmari Mannsåker, David Golden, David
+Mitchell, H.Merijn Brand, James E Keenan, Jarkko Hietaniemi, Karen Etheridge,
+Karl Williamson, Matthew Horsfall, Niko Tyni, Ricardo Signes, Sawyer X, Stevan
+Little, Steve Hay, Todd Rinaldo, Tony Cook, Vladimir Timofeev, Yves Orton.
+
+The list above is almost certainly incomplete as it is automatically generated
+from version control history.  In particular, it does not include the names of
+the (very much appreciated) contributors who reported issues to the Perl bug
+tracker.
+
+Many of the changes included in this version originated in the CPAN modules
+included in Perl's core.  We're grateful to the entire CPAN community for
+helping Perl to flourish.
+
+For a more complete list of all of Perl's historical contributors, please see
+the F<AUTHORS> file in the Perl source distribution.
+
+=head1 Reporting Bugs
+
+If you find what you think is a bug, you might check the articles recently
+posted to the comp.lang.perl.misc newsgroup and the perl bug database at
+https://rt.perl.org/ .  There may also be information at http://www.perl.org/ ,
+the Perl Home Page.
+
+If you believe you have an unreported bug, please run the L<perlbug> program
+included with your release.  Be sure to trim your bug down to a tiny but
+sufficient test case.  Your bug report, along with the output of C<perl -V>,
+will be sent off to perlbug@perl.org to be analysed by the Perl porting team.
+
+If the bug you are reporting has security implications, which make it
+inappropriate to send to a publicly archived mailing list, then please send it
+to perl5-security-report@perl.org.  This points to a closed subscription
+unarchived mailing list, which includes all the core committers, who will be
+able to help assess the impact of issues, figure out a resolution, and help
+co-ordinate the release of patches to mitigate or fix the problem across all
+platforms on which Perl is supported.  Please only use this address for
+security issues in the Perl core, not for modules independently distributed on
+CPAN.
+
+=head1 SEE ALSO
+
+The F<Changes> file for an explanation of how to view exhaustive details on
+what changed.
+
+The F<INSTALL> file for how to build Perl.
+
+The F<README> file for general stuff.
+
+The F<Artistic> and F<Copying> files for copyright information.
+
+=cut
diff --git a/win32/pod.mak b/win32/pod.mak
index 775af655e4..d143a52ea9 100644
--- a/win32/pod.mak
+++ b/win32/pod.mak
@@ -42,6 +42,7 @@ POD = perl.pod	\
 	perl5203delta.pod	\
 	perl5220delta.pod	\
 	perl5221delta.pod	\
+	perl5222delta.pod	\
 	perl5240delta.pod	\
 	perl561delta.pod	\
 	perl56delta.pod	\
@@ -179,6 +180,7 @@ MAN = perl.man	\
 	perl5203delta.man	\
 	perl5220delta.man	\
 	perl5221delta.man	\
+	perl5222delta.man	\
 	perl5240delta.man	\
 	perl561delta.man	\
 	perl56delta.man	\
@@ -316,6 +318,7 @@ HTML = perl.html	\
 	perl5203delta.html	\
 	perl5220delta.html	\
 	perl5221delta.html	\
+	perl5222delta.html	\
 	perl5240delta.html	\
 	perl561delta.html	\
 	perl56delta.html	\
@@ -453,6 +456,7 @@ TEX = perl.tex	\
 	perl5203delta.tex	\
 	perl5220delta.tex	\
 	perl5221delta.tex	\
+	perl5222delta.tex	\
 	perl5240delta.tex	\
 	perl561delta.tex	\
 	perl56delta.tex	\