Add perldelta for 5.24.3

(manually cherry picked from commit c592f515473287ef2f6de4cec0ef64415c5c4960)

2 files changed, 336 insertions, 0 deletions

diff --git a/pod/perl.pod b/pod/perl.pod
index 8957d1d69f..4e4661e312 100644
--- a/pod/perl.pod
+++ b/pod/perl.pod
@@ -183,6 +183,7 @@ aux h2ph h2xs perlbug pl2pm pod2html pod2man splain xsubpp
     perldelta		Perl changes since previous version
     perl5261delta	Perl changes in version 5.26.1
     perl5260delta	Perl changes in version 5.26.0
+    perl5243delta	Perl changes in version 5.24.3
     perl5242delta	Perl changes in version 5.24.2
     perl5241delta	Perl changes in version 5.24.1
     perl5240delta	Perl changes in version 5.24.0
diff --git a/pod/perl5243delta.pod b/pod/perl5243delta.pod
new file mode 100644
index 0000000000..7aabed92b9
--- /dev/null
+++ b/pod/perl5243delta.pod
@@ -0,0 +1,335 @@
+=encoding utf8
+
+=head1 NAME
+
+perl5243delta - what is new for perl v5.24.3
+
+=head1 DESCRIPTION
+
+This document describes differences between the 5.24.2 release and the 5.24.3
+release.
+
+If you are upgrading from an earlier release such as 5.24.1, first read
+L<perl5242delta>, which describes differences between 5.24.1 and 5.24.2.
+
+=head1 Security
+
+=head2 [CVE-2017-12837] Heap buffer overflow in regular expression compiler
+
+Compiling certain regular expression patterns with the case-insensitive
+modifier could cause a heap buffer overflow and crash perl.  This has now been
+fixed.
+L<[perl #131582]|https://rt.perl.org/Public/Bug/Display.html?id=131582>
+
+=head2 [CVE-2017-12883] Buffer over-read in regular expression parser
+
+For certain types of syntax error in a regular expression pattern, the error
+message could either contain the contents of a random, possibly large, chunk of
+memory, or could crash perl.  This has now been fixed.
+L<[perl #131598]|https://rt.perl.org/Public/Bug/Display.html?id=131598>
+
+=head2 [CVE-2017-12814] C<$ENV{$key}> stack buffer overflow on Windows
+
+A possible stack buffer overflow in the C<%ENV> code on Windows has been fixed
+by removing the buffer completely since it was superfluous anyway.
+L<[perl #131665]|https://rt.perl.org/Public/Bug/Display.html?id=131665>
+
+=head1 Incompatible Changes
+
+There are no changes intentionally incompatible with 5.24.2.  If any exist,
+they are bugs, and we request that you submit a report.  See L</Reporting
+Bugs> below.
+
+=head1 Modules and Pragmata
+
+=head2 Updated Modules and Pragmata
+
+=over 4
+
+=item *
+
+L<Module::CoreList> has been upgraded from version 5.20170715_24 to
+5.20170922_24.
+
+=item *
+
+L<POSIX> has been upgraded from version 1.65 to 1.65_01.
+
+=item *
+
+L<Time::HiRes> has been upgraded from version 1.9733 to 1.9741.
+
+L<[perl #128427]|https://rt.perl.org/Public/Bug/Display.html?id=128427>
+L<[perl #128445]|https://rt.perl.org/Public/Bug/Display.html?id=128445>
+L<[perl #128972]|https://rt.perl.org/Public/Bug/Display.html?id=128972>
+L<[cpan #120032]|https://rt.cpan.org/Public/Bug/Display.html?id=120032>
+
+=back
+
+=head1 Configuration and Compilation
+
+=over 4
+
+=item *
+
+When building with GCC 6 and link-time optimization (the B<-flto> option to
+B<gcc>), F<Configure> was treating all probed symbols as present on the system,
+regardless of whether they actually exist.  This has been fixed.
+L<[perl #128131]|https://rt.perl.org/Public/Bug/Display.html?id=128131>
+
+=item *
+
+F<Configure> now aborts if both C<-Duselongdouble> and C<-Dusequadmath> are
+requested.
+L<[perl #126203]|https://rt.perl.org/Public/Bug/Display.html?id=126203>
+
+=item *
+
+Fixed a bug in which F<Configure> could append C<-quadmath> to the archname
+even if it was already present.
+L<[perl #128538]|https://rt.perl.org/Public/Bug/Display.html?id=128538>
+
+=item *
+
+Clang builds with C<-DPERL_GLOBAL_STRUCT> or C<-DPERL_GLOBAL_STRUCT_PRIVATE>
+have been fixed (by disabling Thread Safety Analysis for these configurations).
+
+=back
+
+=head1 Platform Support
+
+=head2 Platform-Specific Notes
+
+=over 4
+
+=item VMS
+
+=over 4
+
+=item *
+
+C<configure.com> now recognizes the VSI-branded C compiler.
+
+=back
+
+=item Windows
+
+=over 4
+
+=item *
+
+Building XS modules with GCC 6 in a 64-bit build of Perl failed due to
+incorrect mapping of C<strtoll> and C<strtoull>.  This has now been fixed.
+L<[perl #131726]|https://rt.perl.org/Public/Bug/Display.html?id=131726>
+L<[cpan #121683]|https://rt.cpan.org/Public/Bug/Display.html?id=121683>
+L<[cpan #122353]|https://rt.cpan.org/Public/Bug/Display.html?id=122353>
+
+=back
+
+=back
+
+=head1 Selected Bug Fixes
+
+=over 4
+
+=item *
+
+C<< /@0{0*-E<gt>@*/*0 >> and similar contortions used to crash, but no longer
+do, but merely produce a syntax error.
+L<[perl #128171]|https://rt.perl.org/Public/Bug/Display.html?id=128171>
+
+=item *
+
+C<do> or C<require> with an argument which is a reference or typeglob which,
+when stringified, contains a null character, started crashing in Perl 5.20, but
+has now been fixed.
+L<[perl #128182]|https://rt.perl.org/Public/Bug/Display.html?id=128182>
+
+=item *
+
+Expressions containing an C<&&> or C<||> operator (or their synonyms C<and> and
+C<or>) were being compiled incorrectly in some cases.  If the left-hand side
+consisted of either a negated bareword constant or a negated C<do {}> block
+containing a constant expression, and the right-hand side consisted of a
+negated non-foldable expression, one of the negations was effectively ignored.
+The same was true of C<if> and C<unless> statement modifiers, though with the
+left-hand and right-hand sides swapped.  This long-standing bug has now been
+fixed.
+L<[perl #127952]|https://rt.perl.org/Public/Bug/Display.html?id=127952>
+
+=item *
+
+C<reset> with an argument no longer crashes when encountering stash entries
+other than globs.
+L<[perl #128106]|https://rt.perl.org/Public/Bug/Display.html?id=128106>
+
+=item *
+
+Assignment of hashes to, and deletion of, typeglobs named C<*::::::> no longer
+causes crashes.
+L<[perl #128086]|https://rt.perl.org/Public/Bug/Display.html?id=128086>
+
+=item *
+
+Assignment variants of any bitwise ops under the C<bitwise> feature would crash
+if the left-hand side was an array or hash.
+L<[perl #128204]|https://rt.perl.org/Public/Bug/Display.html?id=128204>
+
+=item *
+
+C<socket> now leaves the error code returned by the system in C<$!> on failure.
+L<[perl #128316]|https://rt.perl.org/Public/Bug/Display.html?id=128316>
+
+=item *
+
+Parsing bad POSIX charclasses no longer leaks memory.
+L<[perl #128313]|https://rt.perl.org/Public/Bug/Display.html?id=128313>
+
+=item *
+
+Since Perl 5.20, line numbers have been off by one when perl is invoked with
+the B<-x> switch.  This has been fixed.
+L<[perl #128508]|https://rt.perl.org/Public/Bug/Display.html?id=128508>
+
+=item *
+
+Some obscure cases of subroutines and file handles being freed at the same time
+could result in crashes, but have been fixed.  The crash was introduced in Perl
+5.22.
+L<[perl #128597]|https://rt.perl.org/Public/Bug/Display.html?id=128597>
+
+=item *
+
+Some regular expression parsing glitches could lead to assertion failures with
+regular expressions such as C</(?E<lt>=/> and C</(?E<lt>!/>.  This has now been
+fixed.
+L<[perl #128170]|https://rt.perl.org/Public/Bug/Display.html?id=128170>
+
+=item *
+
+C<gethostent> and similar functions now perform a null check internally, to
+avoid crashing with the torsocks library.  This was a regression from Perl
+5.22.
+L<[perl #128740]|https://rt.perl.org/Public/Bug/Display.html?id=128740>
+
+=item *
+
+Mentioning the same constant twice in a row (which is a syntax error) no longer
+fails an assertion under debugging builds.  This was a regression from Perl
+5.20.
+L<[perl #126482]|https://rt.perl.org/Public/Bug/Display.html?id=126482>
+
+=item *
+
+In Perl 5.24 C<fchown> was changed not to accept negative one as an argument
+because in some platforms that is an error.  However, in some other platforms
+that is an acceptable argument.  This change has been reverted.
+L<[perl #128967]|https://rt.perl.org/Public/Bug/Display.html?id=128967>.
+
+=item *
+
+C<@{x> followed by a newline where C<"x"> represents a control or non-ASCII
+character no longer produces a garbled syntax error message or a crash.
+L<[perl #128951]|https://rt.perl.org/Public/Bug/Display.html?id=128951>
+
+=item *
+
+A regression in Perl 5.24 with C<tr/\N{U+...}/foo/> when the code point was
+between 128 and 255 has been fixed.
+L<[perl #128734]|https://rt.perl.org/Public/Bug/Display.html?id=128734>.
+
+=item *
+
+Many issues relating to C<printf "%a"> of hexadecimal floating point were
+fixed.  In addition, the "subnormals" (formerly known as "denormals") floating
+point numbers are now supported both with the plain IEEE 754 floating point
+numbers (64-bit or 128-bit) and the x86 80-bit "extended precision".  Note that
+subnormal hexadecimal floating point literals will give a warning about
+"exponent underflow".
+L<[perl #128843]|https://rt.perl.org/Public/Bug/Display.html?id=128843>
+L<[perl #128888]|https://rt.perl.org/Public/Bug/Display.html?id=128888>
+L<[perl #128889]|https://rt.perl.org/Public/Bug/Display.html?id=128889>
+L<[perl #128890]|https://rt.perl.org/Public/Bug/Display.html?id=128890>
+L<[perl #128893]|https://rt.perl.org/Public/Bug/Display.html?id=128893>
+L<[perl #128909]|https://rt.perl.org/Public/Bug/Display.html?id=128909>
+L<[perl #128919]|https://rt.perl.org/Public/Bug/Display.html?id=128919>
+
+=item *
+
+The parser could sometimes crash if a bareword came after C<evalbytes>.
+L<[perl #129196]|https://rt.perl.org/Public/Bug/Display.html?id=129196>
+
+=item *
+
+Fixed a place where the regex parser was not setting the syntax error correctly
+on a syntactically incorrect pattern.
+L<[perl #129122]|https://rt.perl.org/Public/Bug/Display.html?id=129122>
+
+=item *
+
+A vulnerability in Perl's C<sprintf> implementation has been fixed by avoiding
+a possible memory wrap.
+L<[perl #131260]|https://rt.perl.org/Public/Bug/Display.html?id=131260>
+
+=back
+
+=head1 Acknowledgements
+
+Perl 5.24.3 represents approximately 2 months of development since Perl 5.24.2
+and contains approximately 3,200 lines of changes across 120 files from 23
+authors.
+
+Excluding auto-generated files, documentation and release tools, there were
+approximately 1,600 lines of changes to 56 .pm, .t, .c and .h files.
+
+Perl continues to flourish into its third decade thanks to a vibrant community
+of users and developers.  The following people are known to have contributed
+the improvements that became Perl 5.24.3:
+
+Aaron Crane, Craig A. Berry, Dagfinn Ilmari Mannsåker, Dan Collins, Daniel
+Dragan, Dave Cross, David Mitchell, Eric Herman, Father Chrysostomos, H.Merijn
+Brand, Hugo van der Sanden, James E Keenan, Jarkko Hietaniemi, John SJ
+Anderson, Karl Williamson, Ken Brown, Lukas Mai, Matthew Horsfall, Stevan
+Little, Steve Hay, Steven Humphrey, Tony Cook, Yves Orton.
+
+The list above is almost certainly incomplete as it is automatically generated
+from version control history.  In particular, it does not include the names of
+the (very much appreciated) contributors who reported issues to the Perl bug
+tracker.
+
+Many of the changes included in this version originated in the CPAN modules
+included in Perl's core.  We're grateful to the entire CPAN community for
+helping Perl to flourish.
+
+For a more complete list of all of Perl's historical contributors, please see
+the F<AUTHORS> file in the Perl source distribution.
+
+=head1 Reporting Bugs
+
+If you find what you think is a bug, you might check the articles recently
+posted to the comp.lang.perl.misc newsgroup and the perl bug database at
+L<https://rt.perl.org/> .  There may also be information at
+L<http://www.perl.org/> , the Perl Home Page.
+
+If you believe you have an unreported bug, please run the L<perlbug> program
+included with your release.  Be sure to trim your bug down to a tiny but
+sufficient test case.  Your bug report, along with the output of C<perl -V>,
+will be sent off to perlbug@perl.org to be analysed by the Perl porting team.
+
+If the bug you are reporting has security implications which make it
+inappropriate to send to a publicly archived mailing list, then see
+L<perlsec/SECURITY VULNERABILITY CONTACT INFORMATION> for details of how to
+report the issue.
+
+=head1 SEE ALSO
+
+The F<Changes> file for an explanation of how to view exhaustive details on
+what changed.
+
+The F<INSTALL> file for how to build Perl.
+
+The F<README> file for general stuff.
+
+The F<Artistic> and F<Copying> files for copyright information.
+
+=cut