--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: buster-pu: package perl/5.28.1-6+deb10u1
- From: Dominic Hargreaves <dom@earth.li>
- Date: Thu, 04 Jun 2020 22:34:29 +0100
- Message-id: <159130646969.831.2847979854396815482.reportbug@urchin.earth.li>
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian.org@packages.debian.org
Usertags: pu
As per #962234 for stretch and my remarks on #961443 I'd like to
uploaded a targeted fix for these no-dsa security issues:
https://metacpan.org/pod/release/XSAWYERX/perl-5.28.3/pod/perldelta.pod
We can come back to #961443 when we're happy that the upgrade issues
have been solved.
Cheers
Dominic
diff --git a/cpan/IO-Socket-IP/t/01local-client-v4.t b/cpan/IO-Socket-IP/t/01local-client-v4.t
index 7ab7156993..f6aeac4c3b 100644
--- a/cpan/IO-Socket-IP/t/01local-client-v4.t
+++ b/cpan/IO-Socket-IP/t/01local-client-v4.t
@@ -8,7 +8,7 @@ use Test::More;
use IO::Socket::IP;
use IO::Socket::INET;
-use Socket qw( inet_aton inet_ntoa pack_sockaddr_in unpack_sockaddr_in );
+use Socket qw( inet_aton inet_ntoa pack_sockaddr_in unpack_sockaddr_in AI_NUMERICHOST );
# Some odd locations like BSD jails might not like INADDR_LOOPBACK. We'll
# establish a baseline first to test against
@@ -29,12 +29,14 @@ foreach my $socktype (qw( SOCK_STREAM SOCK_DGRAM )) {
LocalHost => "127.0.0.1",
Type => Socket->$socktype,
Proto => ( $socktype eq "SOCK_STREAM" ? "tcp" : "udp" ), # Because IO::Socket::INET is stupid and always presumes tcp
+ GetAddrInfoFlags => AI_NUMERICHOST,
) or die "Cannot listen on PF_INET - $@";
my $socket = IO::Socket::IP->new(
PeerHost => "127.0.0.1",
PeerService => $testserver->sockport,
Type => Socket->$socktype,
+ GetAddrInfoFlags => AI_NUMERICHOST,
);
ok( defined $socket, "IO::Socket::IP->new constructs a $socktype socket" ) or
diff --git a/cpan/IO-Socket-IP/t/02local-server-v4.t b/cpan/IO-Socket-IP/t/02local-server-v4.t
index c0d349f573..fb711f08bd 100644
--- a/cpan/IO-Socket-IP/t/02local-server-v4.t
+++ b/cpan/IO-Socket-IP/t/02local-server-v4.t
@@ -8,7 +8,7 @@ use Test::More;
use IO::Socket::IP;
use IO::Socket::INET;
-use Socket qw( inet_aton inet_ntoa pack_sockaddr_in unpack_sockaddr_in );
+use Socket qw( inet_aton inet_ntoa pack_sockaddr_in unpack_sockaddr_in AI_NUMERICHOST );
# Some odd locations like BSD jails might not like INADDR_LOOPBACK. We'll
# establish a baseline first to test against
@@ -29,6 +29,7 @@ foreach my $socktype (qw( SOCK_STREAM SOCK_DGRAM )) {
LocalHost => "127.0.0.1",
LocalPort => "0",
Type => Socket->$socktype,
+ GetAddrInfoFlags => AI_NUMERICHOST,
);
ok( defined $testserver, "IO::Socket::IP->new constructs a $socktype socket" ) or
diff --git a/cpan/IO-Socket-IP/t/03local-cross-v4.t b/cpan/IO-Socket-IP/t/03local-cross-v4.t
index 8cac72a95b..3e8174ee08 100644
--- a/cpan/IO-Socket-IP/t/03local-cross-v4.t
+++ b/cpan/IO-Socket-IP/t/03local-cross-v4.t
@@ -6,6 +6,7 @@ use warnings;
use Test::More;
use IO::Socket::IP;
+use Socket qw(AI_NUMERICHOST);
foreach my $socktype (qw( SOCK_STREAM SOCK_DGRAM )) {
my $testserver = IO::Socket::IP->new(
@@ -13,12 +14,14 @@ foreach my $socktype (qw( SOCK_STREAM SOCK_DGRAM )) {
LocalHost => "127.0.0.1",
LocalPort => "0",
Type => Socket->$socktype,
+ GetAddrInfoFlags => AI_NUMERICHOST,
) or die "Cannot listen on PF_INET - $@";
my $socket = IO::Socket::IP->new(
PeerHost => "127.0.0.1",
PeerService => $testserver->sockport,
Type => Socket->$socktype,
+ GetAddrInfoFlags => AI_NUMERICHOST,
) or die "Cannot connect on PF_INET - $@";
my $testclient = ( $socktype eq "SOCK_STREAM" ) ?
diff --git a/cpan/IO-Socket-IP/t/11sockopts.t b/cpan/IO-Socket-IP/t/11sockopts.t
index 5b850924dd..28daada89f 100644
--- a/cpan/IO-Socket-IP/t/11sockopts.t
+++ b/cpan/IO-Socket-IP/t/11sockopts.t
@@ -8,7 +8,7 @@ use Test::More;
use IO::Socket::IP;
use Errno qw( EACCES );
-use Socket qw( SOL_SOCKET SO_REUSEADDR SO_REUSEPORT SO_BROADCAST );
+use Socket qw( SOL_SOCKET SO_REUSEADDR SO_REUSEPORT SO_BROADCAST AI_NUMERICHOST);
TODO: {
local $TODO = "SO_REUSEADDR doesn't appear to work on cygwin smokers" if $^O eq "cygwin";
@@ -21,6 +21,7 @@ TODO: {
Type => SOCK_STREAM,
Listen => 1,
ReuseAddr => 1,
+ GetAddrInfoFlags => AI_NUMERICHOST,
) or die "Cannot socket() - $@";
ok( $sock->getsockopt( SOL_SOCKET, SO_REUSEADDR ), 'SO_REUSEADDR set' );
@@ -32,6 +33,7 @@ TODO: {
Sockopts => [
[ SOL_SOCKET, SO_REUSEADDR ],
],
+ GetAddrInfoFlags => AI_NUMERICHOST,
) or die "Cannot socket() - $@";
ok( $sock->getsockopt( SOL_SOCKET, SO_REUSEADDR ), 'SO_REUSEADDR set via Sockopts' );
@@ -50,6 +52,7 @@ SKIP: {
Type => SOCK_STREAM,
Listen => 1,
ReusePort => 1,
+ GetAddrInfoFlags => AI_NUMERICHOST,
) or die "Cannot socket() - $@";
ok( $sock->getsockopt( SOL_SOCKET, SO_REUSEPORT ), 'SO_REUSEPORT set' );
@@ -62,6 +65,7 @@ SKIP: {
LocalHost => "127.0.0.1",
Type => SOCK_DGRAM,
Broadcast => 1,
+ GetAddrInfoFlags => AI_NUMERICHOST,
);
skip "Privileges required to set broadcast on datagram socket", 1 if !$sock and $! == EACCES;
die "Cannot socket() - $@" unless $sock;
diff --git a/cpan/IO-Socket-IP/t/18fdopen.t b/cpan/IO-Socket-IP/t/18fdopen.t
index 20cbe46d47..6843a2c3d2 100644
--- a/cpan/IO-Socket-IP/t/18fdopen.t
+++ b/cpan/IO-Socket-IP/t/18fdopen.t
@@ -6,12 +6,13 @@ use warnings;
use Test::More;
use IO::Socket::IP;
-use Socket qw( SOCK_STREAM );
+use Socket qw( SOCK_STREAM AI_NUMERICHOST );
my $s1 = IO::Socket::IP->new(
LocalHost => "127.0.0.1",
Type => SOCK_STREAM,
Listen => 1,
+ GetAddrInfoFlags => AI_NUMERICHOST,
) or die "Cannot listen on AF_INET - $@";
my $s2 = IO::Socket::IP->new;
diff --git a/cpan/IO-Socket-IP/t/20subclass.t b/cpan/IO-Socket-IP/t/20subclass.t
index 231bd52cab..fbc9cff23e 100644
--- a/cpan/IO-Socket-IP/t/20subclass.t
+++ b/cpan/IO-Socket-IP/t/20subclass.t
@@ -6,16 +6,19 @@ use warnings;
use Test::More;
use IO::Socket::IP;
+use Socket qw( AI_NUMERICHOST );
my $server = IO::Socket::IP->new(
Listen => 1,
LocalHost => "127.0.0.1",
LocalPort => 0,
+ GetAddrInfoFlags => AI_NUMERICHOST,
) or die "Cannot listen on PF_INET - $!";
my $client = IO::Socket::IP->new(
PeerHost => $server->sockhost,
PeerPort => $server->sockport,
+ GetAddrInfoFlags => AI_NUMERICHOST,
) or die "Cannot connect on PF_INET - $!";
my $accepted = $server->accept( 'MySubclass' )
diff --git a/cpan/IO-Socket-IP/t/21as-inet.t b/cpan/IO-Socket-IP/t/21as-inet.t
index 2b8713d46f..fedb8be538 100644
--- a/cpan/IO-Socket-IP/t/21as-inet.t
+++ b/cpan/IO-Socket-IP/t/21as-inet.t
@@ -6,16 +6,19 @@ use warnings;
use Test::More;
use IO::Socket::IP;
+use Socket qw( AI_NUMERICHOST );
my $server = IO::Socket::IP->new(
Listen => 1,
LocalHost => "127.0.0.1",
LocalPort => 0,
+ GetAddrInfoFlags => AI_NUMERICHOST,
) or die "Cannot listen on PF_INET - $!";
my $client = IO::Socket::IP->new(
PeerHost => $server->sockhost,
PeerPort => $server->sockport,
+ GetAddrInfoFlags => AI_NUMERICHOST,
) or die "Cannot connect on PF_INET - $!";
my $accepted = $server->accept
diff --git a/cpan/IO-Socket-IP/t/22timeout.t b/cpan/IO-Socket-IP/t/22timeout.t
index a4c28b3af0..c4a08f5d1f 100644
--- a/cpan/IO-Socket-IP/t/22timeout.t
+++ b/cpan/IO-Socket-IP/t/22timeout.t
@@ -6,17 +6,20 @@ use warnings;
use Test::More;
use IO::Socket::IP;
+use Socket qw( AI_NUMERICHOST );
my $server = IO::Socket::IP->new(
Listen => 1,
LocalHost => "127.0.0.1",
LocalPort => 0,
+ GetAddrInfoFlags => AI_NUMERICHOST,
) or die "Cannot listen on PF_INET - $!";
my $client = IO::Socket::IP->new(
PeerHost => $server->sockhost,
PeerPort => $server->sockport,
Timeout => 0.1,
+ GetAddrInfoFlags => AI_NUMERICHOST,
) or die "Cannot connect on PF_INET - $!";
ok( defined $client, 'client constructed with Timeout' );
diff --git a/cpan/IO-Socket-IP/t/30nonblocking-connect.t b/cpan/IO-Socket-IP/t/30nonblocking-connect.t
index 518bd2ebd8..ade8349354 100644
--- a/cpan/IO-Socket-IP/t/30nonblocking-connect.t
+++ b/cpan/IO-Socket-IP/t/30nonblocking-connect.t
@@ -8,7 +8,7 @@ use Test::More;
use IO::Socket::IP;
use IO::Socket::INET;
-use Socket qw( inet_aton inet_ntoa pack_sockaddr_in unpack_sockaddr_in );
+use Socket qw( inet_aton inet_ntoa pack_sockaddr_in unpack_sockaddr_in AI_NUMERICHOST );
use Errno qw( EINPROGRESS EWOULDBLOCK );
# Some odd locations like BSD jails might not like INADDR_LOOPBACK. We'll
@@ -27,6 +27,7 @@ my $testserver = IO::Socket::INET->new(
Listen => 1,
LocalHost => "127.0.0.1",
Type => SOCK_STREAM,
+ GetAddrInfoFlags => AI_NUMERICHOST,
) or die "Cannot listen on PF_INET - $@";
my $socket = IO::Socket::IP->new(
@@ -34,6 +35,7 @@ my $socket = IO::Socket::IP->new(
PeerService => $testserver->sockport,
Type => SOCK_STREAM,
Blocking => 0,
+ GetAddrInfoFlags => AI_NUMERICHOST,
);
ok( defined $socket, 'IO::Socket::IP->new( Blocking => 0 ) constructs a socket' ) or
diff --git a/debian/.git-dpm b/debian/.git-dpm
index b25cde2302..61325f837a 100644
--- a/debian/.git-dpm
+++ b/debian/.git-dpm
@@ -1,6 +1,6 @@
# see git-dpm(1) from git-dpm package
-c13d09cc35d629482559ef95109cb92e09f6a8e8
-c13d09cc35d629482559ef95109cb92e09f6a8e8
+b13b2eb99ca0d8286d45d09a5439dc25d39ea18b
+b13b2eb99ca0d8286d45d09a5439dc25d39ea18b
533cd3622b6a61a362e7538a26e25b244ca799f2
533cd3622b6a61a362e7538a26e25b244ca799f2
perl_5.28.1.orig.tar.xz
diff --git a/debian/changelog b/debian/changelog
index b3fe7a3ca0..d6e1f27d66 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,17 @@
+perl (5.28.1-6+deb10u1) UNRELEASED; urgency=medium
+
+ * Multiple regexp security fixes (Closes: #962005)
+ + [SECURITY] CVE-2020-10543: Buffer overflow caused by a crafted
+ regular expression
+ + [SECURITY] CVE-2020-10878: Integer overflow via malformed bytecode
+ produced by a crafted regular expression
+ + [SECURITY] CVE-2020-12723: Buffer overflow caused by a crafted
+ regular expression
+ * Fix FTBFS with IPv6-only host (Closes: #962019)
+ * Fix test failure with certain sbuild configurations (Closes: #930095)
+
+ -- Dominic Hargreaves <dom@earth.li> Wed, 03 Jun 2020 23:08:14 +0100
+
perl (5.28.1-6) unstable; urgency=medium
* Fix NDBM autopkgtests by recreating necessary hardlinks at test time
diff --git a/debian/patches/debian/configure-regen.diff b/debian/patches/debian/configure-regen.diff
index bf586b9bc0..d1e822e593 100644
--- a/debian/patches/debian/configure-regen.diff
+++ b/debian/patches/debian/configure-regen.diff
@@ -10,7 +10,7 @@ Bug-Debian: https://bugs.debian.org/762638
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/Configure b/Configure
-index 3be9f05b7..437b8afc5 100755
+index 3be9f05b7d..437b8afc57 100755
--- a/Configure
+++ b/Configure
@@ -1483,8 +1483,7 @@ archname=''
diff --git a/debian/patches/debian/cpan-missing-site-dirs.diff b/debian/patches/debian/cpan-missing-site-dirs.diff
index d2e43f7083..5df228a1c9 100644
--- a/debian/patches/debian/cpan-missing-site-dirs.diff
+++ b/debian/patches/debian/cpan-missing-site-dirs.diff
@@ -18,7 +18,7 @@ Patch-Name: debian/cpan-missing-site-dirs.diff
1 file changed, 27 insertions(+), 4 deletions(-)
diff --git a/cpan/CPAN/lib/CPAN/FirstTime.pm b/cpan/CPAN/lib/CPAN/FirstTime.pm
-index cdf1dc220..bdb7899bb 100644
+index cdf1dc220d..bdb7899bb9 100644
--- a/cpan/CPAN/lib/CPAN/FirstTime.pm
+++ b/cpan/CPAN/lib/CPAN/FirstTime.pm
@@ -2067,11 +2067,34 @@ sub _print_urllist {
diff --git a/debian/patches/debian/cpan_definstalldirs.diff b/debian/patches/debian/cpan_definstalldirs.diff
index 45b518a0ec..571bd437fa 100644
--- a/debian/patches/debian/cpan_definstalldirs.diff
+++ b/debian/patches/debian/cpan_definstalldirs.diff
@@ -14,7 +14,7 @@ Patch-Name: debian/cpan_definstalldirs.diff
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/cpan/CPAN/lib/CPAN/FirstTime.pm b/cpan/CPAN/lib/CPAN/FirstTime.pm
-index 49fa8ab7b..cdf1dc220 100644
+index 49fa8ab7b9..cdf1dc220d 100644
--- a/cpan/CPAN/lib/CPAN/FirstTime.pm
+++ b/cpan/CPAN/lib/CPAN/FirstTime.pm
@@ -1033,7 +1033,7 @@ sub init {
diff --git a/debian/patches/debian/db_file_ver.diff b/debian/patches/debian/db_file_ver.diff
index 89c8a8e0b7..e999e32e40 100644
--- a/debian/patches/debian/db_file_ver.diff
+++ b/debian/patches/debian/db_file_ver.diff
@@ -13,7 +13,7 @@ Patch-Name: debian/db_file_ver.diff
1 file changed, 2 insertions(+)
diff --git a/cpan/DB_File/version.c b/cpan/DB_File/version.c
-index e01f6f6fa..544e6ee8f 100644
+index e01f6f6fa3..544e6ee8fb 100644
--- a/cpan/DB_File/version.c
+++ b/cpan/DB_File/version.c
@@ -48,6 +48,7 @@ __getBerkeleyDBInfo()
diff --git a/debian/patches/debian/deprecate-with-apt.diff b/debian/patches/debian/deprecate-with-apt.diff
index 42a1115d36..64ae29c7d2 100644
--- a/debian/patches/debian/deprecate-with-apt.diff
+++ b/debian/patches/debian/deprecate-with-apt.diff
@@ -10,7 +10,7 @@ Patch-Name: debian/deprecate-with-apt.diff
1 file changed, 17 insertions(+), 1 deletion(-)
diff --git a/lib/deprecate.pm b/lib/deprecate.pm
-index 47bc11253..01d48fa6c 100644
+index 47bc11253e..01d48fa6cc 100644
--- a/lib/deprecate.pm
+++ b/lib/deprecate.pm
@@ -7,6 +7,16 @@ our $VERSION = 0.03;
diff --git a/debian/patches/debian/disable-stack-check.diff b/debian/patches/debian/disable-stack-check.diff
index 113a13ac6e..5ab9649025 100644
--- a/debian/patches/debian/disable-stack-check.diff
+++ b/debian/patches/debian/disable-stack-check.diff
@@ -21,7 +21,7 @@ Patch-Name: debian/disable-stack-check.diff
2 files changed, 6 insertions(+)
diff --git a/dump.c b/dump.c
-index 227eb996e..4e1c594ce 100644
+index 227eb996ee..4e1c594ce8 100644
--- a/dump.c
+++ b/dump.c
@@ -2500,6 +2500,8 @@ Perl_runops_debug(pTHX)
@@ -42,7 +42,7 @@ index 227eb996e..4e1c594ce 100644
if (PL_debug) {
ENTER;
diff --git a/pp_hot.c b/pp_hot.c
-index 56e3cbe6e..f4e1ae726 100644
+index 56e3cbe6e1..f4e1ae726d 100644
--- a/pp_hot.c
+++ b/pp_hot.c
@@ -5232,6 +5232,8 @@ PP(pp_entersub)
diff --git a/debian/patches/debian/doc_info.diff b/debian/patches/debian/doc_info.diff
index 72b85ad5c4..2fa047b7f1 100644
--- a/debian/patches/debian/doc_info.diff
+++ b/debian/patches/debian/doc_info.diff
@@ -11,7 +11,7 @@ Patch-Name: debian/doc_info.diff
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/pod/perl.pod b/pod/perl.pod
-index fbbb952b6..bc0f531f8 100644
+index fbbb952b6b..bc0f531f86 100644
--- a/pod/perl.pod
+++ b/pod/perl.pod
@@ -295,8 +295,16 @@ aux h2ph h2xs perlbug pl2pm pod2html pod2man splain xsubpp
diff --git a/debian/patches/debian/enc2xs_inc.diff b/debian/patches/debian/enc2xs_inc.diff
index aaaaa8e2e2..c91c2b14cb 100644
--- a/debian/patches/debian/enc2xs_inc.diff
+++ b/debian/patches/debian/enc2xs_inc.diff
@@ -17,7 +17,7 @@ Patch-Name: debian/enc2xs_inc.diff
2 files changed, 7 insertions(+), 4 deletions(-)
diff --git a/cpan/Encode/bin/enc2xs b/cpan/Encode/bin/enc2xs
-index 619b64b75..050c863ef 100644
+index 619b64b757..050c863ef9 100644
--- a/cpan/Encode/bin/enc2xs
+++ b/cpan/Encode/bin/enc2xs
@@ -1013,11 +1013,11 @@ use vars qw(
@@ -53,7 +53,7 @@ index 619b64b75..050c863ef 100644
for my $enc ( sort keys %LocalMod ) {
$_ModLines .=
diff --git a/t/porting/customized.t b/t/porting/customized.t
-index d425e5b77..d906a8255 100644
+index d425e5b775..d906a82553 100644
--- a/t/porting/customized.t
+++ b/t/porting/customized.t
@@ -108,8 +108,11 @@ foreach my $module ( sort keys %Modules ) {
diff --git a/debian/patches/debian/errno_ver.diff b/debian/patches/debian/errno_ver.diff
index 73b802e147..1a09f063f7 100644
--- a/debian/patches/debian/errno_ver.diff
+++ b/debian/patches/debian/errno_ver.diff
@@ -16,7 +16,7 @@ Patch-Name: debian/errno_ver.diff
1 file changed, 16 deletions(-)
diff --git a/ext/Errno/Errno_pm.PL b/ext/Errno/Errno_pm.PL
-index d565f31b2..6a0031f0f 100644
+index d565f31b2f..6a0031f0f7 100644
--- a/ext/Errno/Errno_pm.PL
+++ b/ext/Errno/Errno_pm.PL
@@ -288,22 +288,6 @@ package Errno;
diff --git a/debian/patches/debian/extutils_set_libperl_path.diff b/debian/patches/debian/extutils_set_libperl_path.diff
index 317221ded5..3b9b715fbb 100644
--- a/debian/patches/debian/extutils_set_libperl_path.diff
+++ b/debian/patches/debian/extutils_set_libperl_path.diff
@@ -12,7 +12,7 @@ Patch-Name: debian/extutils_set_libperl_path.diff
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm b/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm
-index dbb8651a9..780e390cd 100644
+index dbb8651a9f..780e390cd9 100644
--- a/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm
+++ b/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm
@@ -2564,7 +2564,7 @@ MAP_PRELIBS = $Config{perllibs} $Config{cryptlib}
diff --git a/debian/patches/debian/fakeroot.diff b/debian/patches/debian/fakeroot.diff
index 5b4c7c422b..c99a48fcd9 100644
--- a/debian/patches/debian/fakeroot.diff
+++ b/debian/patches/debian/fakeroot.diff
@@ -16,7 +16,7 @@ Patch-Name: debian/fakeroot.diff
1 file changed, 2 insertions(+), 5 deletions(-)
diff --git a/Makefile.SH b/Makefile.SH
-index 519700929..48151bce6 100755
+index 5197009290..48151bce65 100755
--- a/Makefile.SH
+++ b/Makefile.SH
@@ -48,10 +48,7 @@ case "$useshrplib" in
diff --git a/debian/patches/debian/find_html2text.diff b/debian/patches/debian/find_html2text.diff
index cb56d1e692..23fce578f5 100644
--- a/debian/patches/debian/find_html2text.diff
+++ b/debian/patches/debian/find_html2text.diff
@@ -21,7 +21,7 @@ functionality].
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/cpan/CPAN/lib/CPAN/Distribution.pm b/cpan/CPAN/lib/CPAN/Distribution.pm
-index 72101afc7..9f896584d 100644
+index 72101afc7b..9f896584d1 100644
--- a/cpan/CPAN/lib/CPAN/Distribution.pm
+++ b/cpan/CPAN/lib/CPAN/Distribution.pm
@@ -4149,7 +4149,7 @@ sub _display_url {
diff --git a/debian/patches/debian/gdbm-fatal.diff b/debian/patches/debian/gdbm-fatal.diff
index a863e3804b..4414e4c1dd 100644
--- a/debian/patches/debian/gdbm-fatal.diff
+++ b/debian/patches/debian/gdbm-fatal.diff
@@ -11,7 +11,7 @@ Patch-Name: debian/gdbm-fatal.diff
1 file changed, 3 insertions(+)
diff --git a/ext/GDBM_File/t/fatal.t b/ext/GDBM_File/t/fatal.t
-index 0e426d4db..3df6878f8 100644
+index 0e426d4dbc..3df6878f8c 100644
--- a/ext/GDBM_File/t/fatal.t
+++ b/ext/GDBM_File/t/fatal.t
@@ -12,6 +12,9 @@ BEGIN {
diff --git a/debian/patches/debian/hppa_op_optimize_workaround.diff b/debian/patches/debian/hppa_op_optimize_workaround.diff
index e4feb8da14..d8005d554d 100644
--- a/debian/patches/debian/hppa_op_optimize_workaround.diff
+++ b/debian/patches/debian/hppa_op_optimize_workaround.diff
@@ -16,7 +16,7 @@ Patch-Name: debian/hppa_op_optimize_workaround.diff
1 file changed, 6 insertions(+)
diff --git a/cflags.SH b/cflags.SH
-index e60742fed..3e4526ff8 100755
+index e60742fed1..3e4526ff8f 100755
--- a/cflags.SH
+++ b/cflags.SH
@@ -497,6 +497,12 @@ for file do
diff --git a/debian/patches/debian/hppa_opmini_optimize_workaround.diff b/debian/patches/debian/hppa_opmini_optimize_workaround.diff
index b68efca5da..562affe006 100644
--- a/debian/patches/debian/hppa_opmini_optimize_workaround.diff
+++ b/debian/patches/debian/hppa_opmini_optimize_workaround.diff
@@ -14,7 +14,7 @@ Patch-Name: debian/hppa_opmini_optimize_workaround.diff
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/cflags.SH b/cflags.SH
-index 3e4526ff8..c8231e64e 100755
+index 3e4526ff8f..c8231e64e8 100755
--- a/cflags.SH
+++ b/cflags.SH
@@ -497,7 +497,7 @@ for file do
diff --git a/debian/patches/debian/hurd-softupdates.diff b/debian/patches/debian/hurd-softupdates.diff
index 0542c027f9..e36dbd8ce4 100644
--- a/debian/patches/debian/hurd-softupdates.diff
+++ b/debian/patches/debian/hurd-softupdates.diff
@@ -13,7 +13,7 @@ Patch-Name: debian/hurd-softupdates.diff
1 file changed, 1 insertion(+)
diff --git a/t/op/stat.t b/t/op/stat.t
-index 8dcb3d3fd..aa16fe739 100644
+index 8dcb3d3fd5..aa16fe7399 100644
--- a/t/op/stat.t
+++ b/t/op/stat.t
@@ -100,6 +100,7 @@ print FOO "Now is the time for all good men to come to.\n";
diff --git a/debian/patches/debian/installman-utf8.diff b/debian/patches/debian/installman-utf8.diff
index 7e87a5e823..89994c021b 100644
--- a/debian/patches/debian/installman-utf8.diff
+++ b/debian/patches/debian/installman-utf8.diff
@@ -15,7 +15,7 @@ Patch-Name: debian/installman-utf8.diff
1 file changed, 1 insertion(+)
diff --git a/installman b/installman
-index 0154be4d6..fff0ff04a 100755
+index 0154be4d68..fff0ff04a7 100755
--- a/installman
+++ b/installman
@@ -161,6 +161,7 @@ sub pod2man {
diff --git a/debian/patches/debian/instmodsh_doc.diff b/debian/patches/debian/instmodsh_doc.diff
index 5d083cd6e3..b21b35fc55 100644
--- a/debian/patches/debian/instmodsh_doc.diff
+++ b/debian/patches/debian/instmodsh_doc.diff
@@ -9,7 +9,7 @@ Patch-Name: debian/instmodsh_doc.diff
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/cpan/ExtUtils-MakeMaker/bin/instmodsh b/cpan/ExtUtils-MakeMaker/bin/instmodsh
-index ab0f9d1ff..b3b109f47 100644
+index ab0f9d1ffe..b3b109f475 100644
--- a/cpan/ExtUtils-MakeMaker/bin/instmodsh
+++ b/cpan/ExtUtils-MakeMaker/bin/instmodsh
@@ -19,9 +19,11 @@ instmodsh - A shell to examine installed modules
diff --git a/debian/patches/debian/kfreebsd-softupdates.diff b/debian/patches/debian/kfreebsd-softupdates.diff
index 1aa61d2731..dcc7833a13 100644
--- a/debian/patches/debian/kfreebsd-softupdates.diff
+++ b/debian/patches/debian/kfreebsd-softupdates.diff
@@ -16,7 +16,7 @@ Patch-Name: debian/kfreebsd-softupdates.diff
1 file changed, 1 insertion(+)
diff --git a/t/op/stat.t b/t/op/stat.t
-index 905eb85fd..8dcb3d3fd 100644
+index 905eb85fd4..8dcb3d3fd5 100644
--- a/t/op/stat.t
+++ b/t/op/stat.t
@@ -99,6 +99,7 @@ sleep 3 if $funky_FAT_timestamps;
diff --git a/debian/patches/debian/ld_run_path.diff b/debian/patches/debian/ld_run_path.diff
index 8870750b89..ee1933d336 100644
--- a/debian/patches/debian/ld_run_path.diff
+++ b/debian/patches/debian/ld_run_path.diff
@@ -9,7 +9,7 @@ Patch-Name: debian/ld_run_path.diff
1 file changed, 2 insertions(+)
diff --git a/cpan/ExtUtils-MakeMaker/lib/ExtUtils/Liblist/Kid.pm b/cpan/ExtUtils-MakeMaker/lib/ExtUtils/Liblist/Kid.pm
-index a6da85586..fb849b21c 100644
+index a6da855862..fb849b21ca 100644
--- a/cpan/ExtUtils-MakeMaker/lib/ExtUtils/Liblist/Kid.pm
+++ b/cpan/ExtUtils-MakeMaker/lib/ExtUtils/Liblist/Kid.pm
@@ -62,6 +62,8 @@ sub _unix_os2_ext {
diff --git a/debian/patches/debian/libnet_config_path.diff b/debian/patches/debian/libnet_config_path.diff
index 88fdafdd72..98d229f73d 100644
--- a/debian/patches/debian/libnet_config_path.diff
+++ b/debian/patches/debian/libnet_config_path.diff
@@ -10,7 +10,7 @@ Patch-Name: debian/libnet_config_path.diff
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/cpan/libnet/lib/Net/Config.pm b/cpan/libnet/lib/Net/Config.pm
-index 4f822a40a..4b3978113 100644
+index 4f822a40a4..4b39781134 100644
--- a/cpan/libnet/lib/Net/Config.pm
+++ b/cpan/libnet/lib/Net/Config.pm
@@ -72,9 +72,8 @@ my %nc = (
diff --git a/debian/patches/debian/libperl_embed_doc.diff b/debian/patches/debian/libperl_embed_doc.diff
index 826579a666..c87b68e32b 100644
--- a/debian/patches/debian/libperl_embed_doc.diff
+++ b/debian/patches/debian/libperl_embed_doc.diff
@@ -11,7 +11,7 @@ Patch-Name: debian/libperl_embed_doc.diff
1 file changed, 3 insertions(+)
diff --git a/lib/ExtUtils/Embed.pm b/lib/ExtUtils/Embed.pm
-index e75e41f8c..985c35345 100644
+index e75e41f8c4..985c353457 100644
--- a/lib/ExtUtils/Embed.pm
+++ b/lib/ExtUtils/Embed.pm
@@ -293,6 +293,9 @@ and extensions in your C/C++ applications.
diff --git a/debian/patches/debian/makemaker-manext.diff b/debian/patches/debian/makemaker-manext.diff
index 6615efda87..ae785e500a 100644
--- a/debian/patches/debian/makemaker-manext.diff
+++ b/debian/patches/debian/makemaker-manext.diff
@@ -15,7 +15,7 @@ Bug-Debian: https://bugs.debian.org/247370
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Any.pm b/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Any.pm
-index 1a3893c30..8bb0ef2ee 100644
+index 1a3893c30b..8bb0ef2ee9 100644
--- a/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Any.pm
+++ b/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Any.pm
@@ -1090,8 +1090,8 @@ END
diff --git a/debian/patches/debian/makemaker-pasthru.diff b/debian/patches/debian/makemaker-pasthru.diff
index 92bcf854a1..78e1451b04 100644
--- a/debian/patches/debian/makemaker-pasthru.diff
+++ b/debian/patches/debian/makemaker-pasthru.diff
@@ -16,7 +16,7 @@ Patch-Name: debian/makemaker-pasthru.diff
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm b/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm
-index 4977baa15..bb41b274b 100644
+index 4977baa15d..bb41b274b3 100644
--- a/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm
+++ b/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm
@@ -2955,7 +2955,7 @@ sub pasthru {
diff --git a/debian/patches/debian/mod_paths.diff b/debian/patches/debian/mod_paths.diff
index 5628e7d09e..4f297fbc3e 100644
--- a/debian/patches/debian/mod_paths.diff
+++ b/debian/patches/debian/mod_paths.diff
@@ -24,7 +24,7 @@ Patch-Name: debian/mod_paths.diff
1 file changed, 58 insertions(+)
diff --git a/perl.c b/perl.c
-index e6dfa8dc0..c7828e69c 100644
+index e6dfa8dc05..c7828e69ce 100644
--- a/perl.c
+++ b/perl.c
@@ -4674,6 +4674,10 @@ S_init_perllib(pTHX)
diff --git a/debian/patches/debian/no_packlist_perllocal.diff b/debian/patches/debian/no_packlist_perllocal.diff
index 7097e32e38..aac3ccd2fe 100644
--- a/debian/patches/debian/no_packlist_perllocal.diff
+++ b/debian/patches/debian/no_packlist_perllocal.diff
@@ -9,7 +9,7 @@ Patch-Name: debian/no_packlist_perllocal.diff
1 file changed, 3 insertions(+), 32 deletions(-)
diff --git a/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm b/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm
-index 780e390cd..4977baa15 100644
+index 780e390cd9..4977baa15d 100644
--- a/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm
+++ b/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm
@@ -2232,11 +2232,6 @@ pure_perl_install :: all
diff --git a/debian/patches/debian/patchlevel.diff b/debian/patches/debian/patchlevel.diff
index e980292d26..9fd86fca45 100644
--- a/debian/patches/debian/patchlevel.diff
+++ b/debian/patches/debian/patchlevel.diff
@@ -15,7 +15,7 @@ Patch-Name: debian/patchlevel.diff
1 file changed, 3 insertions(+)
diff --git a/patchlevel.h b/patchlevel.h
-index a5ca94bcc..d126b0df1 100644
+index a5ca94bcc0..d126b0df1f 100644
--- a/patchlevel.h
+++ b/patchlevel.h
@@ -137,6 +137,9 @@ static const char * const local_patches[] = {
diff --git a/debian/patches/debian/perl5db-x-terminal-emulator.patch b/debian/patches/debian/perl5db-x-terminal-emulator.patch
index b55b991d7c..bf46cea1a1 100644
--- a/debian/patches/debian/perl5db-x-terminal-emulator.patch
+++ b/debian/patches/debian/perl5db-x-terminal-emulator.patch
@@ -15,7 +15,7 @@ Patch-Name: debian/perl5db-x-terminal-emulator.patch
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/perl5db.pl b/lib/perl5db.pl
-index ecc49a814..6eb03d7c1 100644
+index ecc49a814d..6eb03d7c11 100644
--- a/lib/perl5db.pl
+++ b/lib/perl5db.pl
@@ -6987,7 +6987,7 @@ properly set up.
diff --git a/debian/patches/debian/perlbug-editor.diff b/debian/patches/debian/perlbug-editor.diff
index bbb5b33cbe..a566ab6b8e 100644
--- a/debian/patches/debian/perlbug-editor.diff
+++ b/debian/patches/debian/perlbug-editor.diff
@@ -10,7 +10,7 @@ Patch-Name: debian/perlbug-editor.diff
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/utils/perlbug.PL b/utils/perlbug.PL
-index d1eb1e04a..4555d0449 100644
+index d1eb1e04a8..4555d04494 100644
--- a/utils/perlbug.PL
+++ b/utils/perlbug.PL
@@ -272,7 +272,7 @@ sub Init {
diff --git a/debian/patches/debian/perldoc-pager.diff b/debian/patches/debian/perldoc-pager.diff
index 9b14d38d0d..97231557a3 100644
--- a/debian/patches/debian/perldoc-pager.diff
+++ b/debian/patches/debian/perldoc-pager.diff
@@ -14,7 +14,7 @@ Patch-Name: debian/perldoc-pager.diff
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/cpan/Pod-Perldoc/lib/Pod/Perldoc/ToTerm.pm b/cpan/Pod-Perldoc/lib/Pod/Perldoc/ToTerm.pm
-index 9501d6310..a5aedf630 100644
+index 9501d6310e..a5aedf6302 100644
--- a/cpan/Pod-Perldoc/lib/Pod/Perldoc/ToTerm.pm
+++ b/cpan/Pod-Perldoc/lib/Pod/Perldoc/ToTerm.pm
@@ -32,7 +32,7 @@ sub pager_configuration {
diff --git a/debian/patches/debian/perlivp.diff b/debian/patches/debian/perlivp.diff
index 7797295c1f..4c85cad8fa 100644
--- a/debian/patches/debian/perlivp.diff
+++ b/debian/patches/debian/perlivp.diff
@@ -26,7 +26,7 @@ Patch-Name: debian/perlivp.diff
1 file changed, 1 insertion(+)
diff --git a/utils/perlivp.PL b/utils/perlivp.PL
-index 50d187a54..bd8091c54 100644
+index 50d187a544..bd8091c548 100644
--- a/utils/perlivp.PL
+++ b/utils/perlivp.PL
@@ -155,6 +155,7 @@ my $INC_total = 0;
diff --git a/debian/patches/debian/prune_libs.diff b/debian/patches/debian/prune_libs.diff
index 053ac6dce7..696a18c472 100644
--- a/debian/patches/debian/prune_libs.diff
+++ b/debian/patches/debian/prune_libs.diff
@@ -17,7 +17,7 @@ Patch-Name: debian/prune_libs.diff
2 files changed, 2 insertions(+), 3 deletions(-)
diff --git a/regen-configure/U/modified/Myinit.U b/regen-configure/U/modified/Myinit.U
-index 0e3155aec..e1d58c207 100644
+index 0e3155aecd..e1d58c2077 100644
--- a/regen-configure/U/modified/Myinit.U
+++ b/regen-configure/U/modified/Myinit.U
@@ -32,8 +32,7 @@
@@ -31,7 +31,7 @@ index 0e3155aec..e1d58c207 100644
: This is only used by the lib/ExtUtils/MakeMaker.pm routine extliblist.
glibpth=`echo " $glibpth " | sed -e 's! /usr/shlib ! !'`
diff --git a/regen-configure/U/perl/End.U b/regen-configure/U/perl/End.U
-index 352071422..9716623ae 100644
+index 352071422f..9716623ae0 100644
--- a/regen-configure/U/perl/End.U
+++ b/regen-configure/U/perl/End.U
@@ -37,7 +37,7 @@ sunos*X4*)
diff --git a/debian/patches/debian/sh4_op_optimize_workaround.diff b/debian/patches/debian/sh4_op_optimize_workaround.diff
index 3dee288c34..4ec2b01ef5 100644
--- a/debian/patches/debian/sh4_op_optimize_workaround.diff
+++ b/debian/patches/debian/sh4_op_optimize_workaround.diff
@@ -14,7 +14,7 @@ Patch-Name: debian/sh4_op_optimize_workaround.diff
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/cflags.SH b/cflags.SH
-index c8231e64e..3bb0c3e93 100755
+index c8231e64e8..3bb0c3e937 100755
--- a/cflags.SH
+++ b/cflags.SH
@@ -497,9 +497,9 @@ for file do
diff --git a/debian/patches/debian/squelch-locale-warnings.diff b/debian/patches/debian/squelch-locale-warnings.diff
index 676395e0f8..7026a5f841 100644
--- a/debian/patches/debian/squelch-locale-warnings.diff
+++ b/debian/patches/debian/squelch-locale-warnings.diff
@@ -20,7 +20,7 @@ Patch-Name: debian/squelch-locale-warnings.diff
2 files changed, 11 insertions(+)
diff --git a/locale.c b/locale.c
-index 765334047..aedd7da0c 100644
+index 7653340477..aedd7da0c5 100644
--- a/locale.c
+++ b/locale.c
@@ -3142,6 +3142,9 @@ Perl_init_i18nl10n(pTHX_ int printwarn)
@@ -34,7 +34,7 @@ index 765334047..aedd7da0c 100644
|| (
/* disallow with "" or "0" */
diff --git a/pod/perllocale.pod b/pod/perllocale.pod
-index a32f72c88..e12b81cc4 100644
+index a32f72c88e..e12b81cc4c 100644
--- a/pod/perllocale.pod
+++ b/pod/perllocale.pod
@@ -1293,6 +1293,14 @@ B<NOTE>: C<PERL_BADLANG> only gives you a way to hide the warning message.
diff --git a/debian/patches/debian/writable_site_dirs.diff b/debian/patches/debian/writable_site_dirs.diff
index 285bbeb661..e1b1fcdb15 100644
--- a/debian/patches/debian/writable_site_dirs.diff
+++ b/debian/patches/debian/writable_site_dirs.diff
@@ -11,7 +11,7 @@ Patch-Name: debian/writable_site_dirs.diff
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm b/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm
-index 274e35c6f..dbb8651a9 100644
+index 274e35c6fc..dbb8651a9f 100644
--- a/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm
+++ b/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm
@@ -2249,7 +2249,7 @@ q{ "$(INST_LIB)" "$(DESTINSTALLPRIVLIB)" \
diff --git a/debian/patches/fixes/CVE-2020-10543.diff b/debian/patches/fixes/CVE-2020-10543.diff
new file mode 100644
index 0000000000..33a7fc20be
--- /dev/null
+++ b/debian/patches/fixes/CVE-2020-10543.diff
@@ -0,0 +1,32 @@
+From 3c031d58f421e54cc56bfd023073f08537335de4 Mon Sep 17 00:00:00 2001
+From: John Lightsey <jd@cpanel.net>
+Date: Wed, 20 Nov 2019 20:02:45 -0600
+Subject: regcomp.c: Prevent integer overflow from nested regex quantifiers.
+
+(CVE-2020-10543) On 32bit systems the size calculations for nested regular
+expression quantifiers could overflow causing heap memory corruption.
+
+Bug-Debian: https://bugs.debian.org/962005
+Origin: upstream
+Patch-Name: fixes/CVE-2020-10543.diff
+---
+ regcomp.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/regcomp.c b/regcomp.c
+index e1da15a77c..dd18add1db 100644
+--- a/regcomp.c
++++ b/regcomp.c
+@@ -5181,6 +5181,12 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
+ (void)ReREFCNT_inc(RExC_rx_sv);
+ }
+
++ if ( ( minnext > 0 && mincount >= SSize_t_MAX / minnext )
++ || min >= SSize_t_MAX - minnext * mincount )
++ {
++ FAIL("Regexp out of space");
++ }
++
+ min += minnext * mincount;
+ is_inf_internal |= deltanext == SSize_t_MAX
+ || (maxcount == REG_INFTY && minnext + deltanext > 0);
diff --git a/debian/patches/fixes/CVE-2020-10878.diff b/debian/patches/fixes/CVE-2020-10878.diff
new file mode 100644
index 0000000000..3ebc4ad609
--- /dev/null
+++ b/debian/patches/fixes/CVE-2020-10878.diff
@@ -0,0 +1,150 @@
+From c9023d134e4800e43e8bcb83266aa0380321a05c Mon Sep 17 00:00:00 2001
+From: Hugo van der Sanden <hv@crypt.org>
+Date: Tue, 18 Feb 2020 13:51:16 +0000
+Subject: study_chunk: extract rck_elide_nothing
+
+(CVE-2020-10878)
+
+Bug-Debian: https://bugs.debian.org/962005
+Origin: upstream
+Patch-Name: fixes/CVE-2020-10878.diff
+---
+ embed.fnc | 1 +
+ embed.h | 1 +
+ proto.h | 3 +++
+ regcomp.c | 70 ++++++++++++++++++++++++++++++++++---------------------
+ 4 files changed, 48 insertions(+), 27 deletions(-)
+
+diff --git a/embed.fnc b/embed.fnc
+index e762fe1eec..cf89277163 100644
+--- a/embed.fnc
++++ b/embed.fnc
+@@ -2477,6 +2477,7 @@ Es |SSize_t|study_chunk |NN RExC_state_t *pRExC_state \
+ |I32 stopparen|U32 recursed_depth \
+ |NULLOK regnode_ssc *and_withp \
+ |U32 flags|U32 depth
++Es |void |rck_elide_nothing|NN regnode *node
+ EsR |SV * |get_ANYOFM_contents|NN const regnode * n
+ EsRn |U32 |add_data |NN RExC_state_t* const pRExC_state \
+ |NN const char* const s|const U32 n
+diff --git a/embed.h b/embed.h
+index a5416a1148..886551ce5c 100644
+--- a/embed.h
++++ b/embed.h
+@@ -1202,6 +1202,7 @@
+ #define output_or_return_posix_warnings(a,b,c) S_output_or_return_posix_warnings(aTHX_ a,b,c)
+ #define parse_lparen_question_flags(a) S_parse_lparen_question_flags(aTHX_ a)
+ #define populate_ANYOF_from_invlist(a,b) S_populate_ANYOF_from_invlist(aTHX_ a,b)
++#define rck_elide_nothing(a) S_rck_elide_nothing(aTHX_ a)
+ #define reg(a,b,c,d) S_reg(aTHX_ a,b,c,d)
+ #define reg2Lanode(a,b,c,d) S_reg2Lanode(aTHX_ a,b,c,d)
+ #define reg_node(a,b) S_reg_node(aTHX_ a,b)
+diff --git a/proto.h b/proto.h
+index 66bb29b132..d3f8802c1d 100644
+--- a/proto.h
++++ b/proto.h
+@@ -5485,6 +5485,9 @@ STATIC void S_parse_lparen_question_flags(pTHX_ RExC_state_t *pRExC_state);
+ STATIC void S_populate_ANYOF_from_invlist(pTHX_ regnode *node, SV** invlist_ptr);
+ #define PERL_ARGS_ASSERT_POPULATE_ANYOF_FROM_INVLIST \
+ assert(node); assert(invlist_ptr)
++STATIC void S_rck_elide_nothing(pTHX_ regnode *node);
++#define PERL_ARGS_ASSERT_RCK_ELIDE_NOTHING \
++ assert(node)
+ PERL_STATIC_NO_RET void S_re_croak2(pTHX_ bool utf8, const char* pat1, const char* pat2, ...)
+ __attribute__noreturn__;
+ #define PERL_ARGS_ASSERT_RE_CROAK2 \
+diff --git a/regcomp.c b/regcomp.c
+index dd18add1db..0a9c6a8085 100644
+--- a/regcomp.c
++++ b/regcomp.c
+@@ -4178,6 +4178,44 @@ S_unwind_scan_frames(pTHX_ const void *p)
+ } while (f);
+ }
+
++/* Follow the next-chain of the current node and optimize away
++ all the NOTHINGs from it.
++ */
++STATIC void
++S_rck_elide_nothing(pTHX_ regnode *node)
++{
++ dVAR;
++
++ PERL_ARGS_ASSERT_RCK_ELIDE_NOTHING;
++
++ if (OP(node) != CURLYX) {
++ const int max = (reg_off_by_arg[OP(node)]
++ ? I32_MAX
++ /* I32 may be smaller than U16 on CRAYs! */
++ : (I32_MAX < U16_MAX ? I32_MAX : U16_MAX));
++ int off = (reg_off_by_arg[OP(node)] ? ARG(node) : NEXT_OFF(node));
++ int noff;
++ regnode *n = node;
++
++ /* Skip NOTHING and LONGJMP. */
++ while (
++ (n = regnext(n))
++ && (
++ (PL_regkind[OP(n)] == NOTHING && (noff = NEXT_OFF(n)))
++ || ((OP(n) == LONGJMP) && (noff = ARG(n)))
++ )
++ && off + noff < max
++ ) {
++ off += noff;
++ }
++ if (reg_off_by_arg[OP(node)])
++ ARG(node) = off;
++ else
++ NEXT_OFF(node) = off;
++ }
++ return;
++}
++
+ /* the return from this sub is the minimum length that could possibly match */
+ STATIC SSize_t
+ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
+@@ -4277,28 +4315,10 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
+ */
+ JOIN_EXACT(scan,&min_subtract, &unfolded_multi_char, 0);
+
+- /* Follow the next-chain of the current node and optimize
+- away all the NOTHINGs from it. */
+- if (OP(scan) != CURLYX) {
+- const int max = (reg_off_by_arg[OP(scan)]
+- ? I32_MAX
+- /* I32 may be smaller than U16 on CRAYs! */
+- : (I32_MAX < U16_MAX ? I32_MAX : U16_MAX));
+- int off = (reg_off_by_arg[OP(scan)] ? ARG(scan) : NEXT_OFF(scan));
+- int noff;
+- regnode *n = scan;
+-
+- /* Skip NOTHING and LONGJMP. */
+- while ((n = regnext(n))
+- && ((PL_regkind[OP(n)] == NOTHING && (noff = NEXT_OFF(n)))
+- || ((OP(n) == LONGJMP) && (noff = ARG(n))))
+- && off + noff < max)
+- off += noff;
+- if (reg_off_by_arg[OP(scan)])
+- ARG(scan) = off;
+- else
+- NEXT_OFF(scan) = off;
+- }
++ /* Follow the next-chain of the current node and optimize
++ away all the NOTHINGs from it.
++ */
++ rck_elide_nothing(scan);
+
+ /* The principal pseudo-switch. Cannot be a switch, since we
+ look into several different things. */
+@@ -5425,11 +5445,7 @@ Perl_re_printf( aTHX_ "LHS=%" UVuf " RHS=%" UVuf "\n",
+ if (data && (fl & SF_HAS_EVAL))
+ data->flags |= SF_HAS_EVAL;
+ optimize_curly_tail:
+- if (OP(oscan) != CURLYX) {
+- while (PL_regkind[OP(next = regnext(oscan))] == NOTHING
+- && NEXT_OFF(next))
+- NEXT_OFF(oscan) += NEXT_OFF(next);
+- }
++ rck_elide_nothing(oscan);
+ continue;
+
+ default:
diff --git a/debian/patches/fixes/CVE-2020-12723.diff b/debian/patches/fixes/CVE-2020-12723.diff
new file mode 100644
index 0000000000..ba9fd1ae4c
--- /dev/null
+++ b/debian/patches/fixes/CVE-2020-12723.diff
@@ -0,0 +1,279 @@
+From 20c1e2be75af0e9f8c13d224110a99d4c591999f Mon Sep 17 00:00:00 2001
+From: Hugo van der Sanden <hv@crypt.org>
+Date: Sat, 11 Apr 2020 14:10:24 +0100
+Subject: study_chunk: avoid mutating regexp program within GOSUB
+
+gh16947 and gh17743: studying GOSUB may restudy in an inner call
+(via a mix of recursion and enframing) something that an outer call
+is in the middle of looking at. Let the outer frame deal with it.
+
+(CVE-2020-12723)
+
+Bug-Debian: https://bugs.debian.org/962005
+Origin: upstream
+Patch-Name: fixes/CVE-2020-12723.diff
+---
+ embed.fnc | 2 +-
+ embed.h | 2 +-
+ proto.h | 2 +-
+ regcomp.c | 48 ++++++++++++++++++++++++++++++++----------------
+ t/re/pat.t | 26 +++++++++++++++++++++++++-
+ 5 files changed, 60 insertions(+), 20 deletions(-)
+
+diff --git a/embed.fnc b/embed.fnc
+index cf89277163..4b1ba28277 100644
+--- a/embed.fnc
++++ b/embed.fnc
+@@ -2476,7 +2476,7 @@ Es |SSize_t|study_chunk |NN RExC_state_t *pRExC_state \
+ |NULLOK struct scan_data_t *data \
+ |I32 stopparen|U32 recursed_depth \
+ |NULLOK regnode_ssc *and_withp \
+- |U32 flags|U32 depth
++ |U32 flags|U32 depth|bool was_mutate_ok
+ Es |void |rck_elide_nothing|NN regnode *node
+ EsR |SV * |get_ANYOFM_contents|NN const regnode * n
+ EsRn |U32 |add_data |NN RExC_state_t* const pRExC_state \
+diff --git a/embed.h b/embed.h
+index 886551ce5c..50fcabc140 100644
+--- a/embed.h
++++ b/embed.h
+@@ -1232,7 +1232,7 @@
+ #define ssc_is_cp_posixl_init S_ssc_is_cp_posixl_init
+ #define ssc_or(a,b,c) S_ssc_or(aTHX_ a,b,c)
+ #define ssc_union(a,b,c) S_ssc_union(aTHX_ a,b,c)
+-#define study_chunk(a,b,c,d,e,f,g,h,i,j,k) S_study_chunk(aTHX_ a,b,c,d,e,f,g,h,i,j,k)
++#define study_chunk(a,b,c,d,e,f,g,h,i,j,k,l) S_study_chunk(aTHX_ a,b,c,d,e,f,g,h,i,j,k,l)
+ # endif
+ # if defined(PERL_IN_REGCOMP_C) || defined (PERL_IN_DUMP_C)
+ #define _invlist_dump(a,b,c,d) Perl__invlist_dump(aTHX_ a,b,c,d)
+diff --git a/proto.h b/proto.h
+index d3f8802c1d..e276f69bd1 100644
+--- a/proto.h
++++ b/proto.h
+@@ -5596,7 +5596,7 @@ PERL_STATIC_INLINE void S_ssc_union(pTHX_ regnode_ssc *ssc, SV* const invlist, c
+ #define PERL_ARGS_ASSERT_SSC_UNION \
+ assert(ssc); assert(invlist)
+ #endif
+-STATIC SSize_t S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp, SSize_t *minlenp, SSize_t *deltap, regnode *last, struct scan_data_t *data, I32 stopparen, U32 recursed_depth, regnode_ssc *and_withp, U32 flags, U32 depth);
++STATIC SSize_t S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp, SSize_t *minlenp, SSize_t *deltap, regnode *last, struct scan_data_t *data, I32 stopparen, U32 recursed_depth, regnode_ssc *and_withp, U32 flags, U32 depth, bool was_mutate_ok);
+ #define PERL_ARGS_ASSERT_STUDY_CHUNK \
+ assert(pRExC_state); assert(scanp); assert(minlenp); assert(deltap); assert(last)
+ #endif
+diff --git a/regcomp.c b/regcomp.c
+index 0a9c6a8085..e66032a16a 100644
+--- a/regcomp.c
++++ b/regcomp.c
+@@ -110,6 +110,7 @@ typedef struct scan_frame {
+ regnode *next_regnode; /* next node to process when last is reached */
+ U32 prev_recursed_depth;
+ I32 stopparen; /* what stopparen do we use */
++ bool in_gosub; /* this or an outer frame is for GOSUB */
+
+ struct scan_frame *this_prev_frame; /* this previous frame */
+ struct scan_frame *prev_frame; /* previous frame */
+@@ -4225,7 +4226,7 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
+ I32 stopparen,
+ U32 recursed_depth,
+ regnode_ssc *and_withp,
+- U32 flags, U32 depth)
++ U32 flags, U32 depth, bool was_mutate_ok)
+ /* scanp: Start here (read-write). */
+ /* deltap: Write maxlen-minlen here. */
+ /* last: Stop before this one. */
+@@ -4303,6 +4304,10 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
+ node length to get a real minimum (because
+ the folded version may be shorter) */
+ bool unfolded_multi_char = FALSE;
++ /* avoid mutating ops if we are anywhere within the recursed or
++ * enframed handling for a GOSUB: the outermost level will handle it.
++ */
++ bool mutate_ok = was_mutate_ok && !(frame && frame->in_gosub);
+ /* Peephole optimizer: */
+ DEBUG_STUDYDATA("Peep", data, depth, is_inf);
+ DEBUG_PEEP("Peep", scan, depth, flags);
+@@ -4313,7 +4318,8 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
+ * parsing code, as each (?:..) is handled by a different invocation of
+ * reg() -- Yves
+ */
+- JOIN_EXACT(scan,&min_subtract, &unfolded_multi_char, 0);
++ if (mutate_ok)
++ JOIN_EXACT(scan,&min_subtract, &unfolded_multi_char, 0);
+
+ /* Follow the next-chain of the current node and optimize
+ away all the NOTHINGs from it.
+@@ -4345,7 +4351,7 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
+ /* DEFINEP study_chunk() recursion */
+ (void)study_chunk(pRExC_state, &scan, &minlen,
+ &deltanext, next, &data_fake, stopparen,
+- recursed_depth, NULL, f, depth+1);
++ recursed_depth, NULL, f, depth+1, mutate_ok);
+
+ scan = next;
+ } else
+@@ -4413,7 +4419,8 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
+ /* recurse study_chunk() for each BRANCH in an alternation */
+ minnext = study_chunk(pRExC_state, &scan, minlenp,
+ &deltanext, next, &data_fake, stopparen,
+- recursed_depth, NULL, f,depth+1);
++ recursed_depth, NULL, f, depth+1,
++ mutate_ok);
+
+ if (min1 > minnext)
+ min1 = minnext;
+@@ -4480,9 +4487,10 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
+ }
+ }
+
+- if (PERL_ENABLE_TRIE_OPTIMISATION &&
+- OP( startbranch ) == BRANCH )
+- {
++ if (PERL_ENABLE_TRIE_OPTIMISATION
++ && OP(startbranch) == BRANCH
++ && mutate_ok
++ ) {
+ /* demq.
+
+ Assuming this was/is a branch we are dealing with: 'scan'
+@@ -4933,6 +4941,9 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
+ newframe->stopparen = stopparen;
+ newframe->prev_recursed_depth = recursed_depth;
+ newframe->this_prev_frame= frame;
++ newframe->in_gosub = (
++ (frame && frame->in_gosub) || OP(scan) == GOSUB
++ );
+
+ DEBUG_STUDYDATA("frame-new", data, depth, is_inf);
+ DEBUG_PEEP("fnew", scan, depth, flags);
+@@ -5153,7 +5164,7 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
+ (mincount == 0
+ ? (f & ~SCF_DO_SUBSTR)
+ : f)
+- ,depth+1);
++ , depth+1, mutate_ok);
+
+ if (flags & SCF_DO_STCLASS)
+ data->start_class = oclass;
+@@ -5221,7 +5232,9 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
+ if ( OP(oscan) == CURLYX && data
+ && data->flags & SF_IN_PAR
+ && !(data->flags & SF_HAS_EVAL)
+- && !deltanext && minnext == 1 ) {
++ && !deltanext && minnext == 1
++ && mutate_ok
++ ) {
+ /* Try to optimize to CURLYN. */
+ regnode *nxt = NEXTOPER(oscan) + EXTRA_STEP_2ARGS;
+ regnode * const nxt1 = nxt;
+@@ -5267,10 +5280,10 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
+ && !(data->flags & SF_HAS_EVAL)
+ && !deltanext /* atom is fixed width */
+ && minnext != 0 /* CURLYM can't handle zero width */
+-
+ /* Nor characters whose fold at run-time may be
+ * multi-character */
+ && ! (RExC_seen & REG_UNFOLDED_MULTI_SEEN)
++ && mutate_ok
+ ) {
+ /* XXXX How to optimize if data == 0? */
+ /* Optimize to a simpler form. */
+@@ -5318,7 +5331,8 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
+ /* Optimize again: */
+ /* recurse study_chunk() on optimised CURLYX => CURLYM */
+ study_chunk(pRExC_state, &nxt1, minlenp, &deltanext, nxt,
+- NULL, stopparen, recursed_depth, NULL, 0,depth+1);
++ NULL, stopparen, recursed_depth, NULL, 0,
++ depth+1, mutate_ok);
+ }
+ else
+ oscan->flags = 0;
+@@ -5735,7 +5749,8 @@ Perl_re_printf( aTHX_ "LHS=%" UVuf " RHS=%" UVuf "\n",
+ /* recurse study_chunk() for lookahead body */
+ minnext = study_chunk(pRExC_state, &nscan, minlenp, &deltanext,
+ last, &data_fake, stopparen,
+- recursed_depth, NULL, f, depth+1);
++ recursed_depth, NULL, f, depth+1,
++ mutate_ok);
+ if (scan->flags) {
+ if (deltanext) {
+ FAIL("Variable length lookbehind not implemented");
+@@ -5827,7 +5842,7 @@ Perl_re_printf( aTHX_ "LHS=%" UVuf " RHS=%" UVuf "\n",
+ *minnextp = study_chunk(pRExC_state, &nscan, minnextp,
+ &deltanext, last, &data_fake,
+ stopparen, recursed_depth, NULL,
+- f,depth+1);
++ f, depth+1, mutate_ok);
+ if (scan->flags) {
+ if (deltanext) {
+ FAIL("Variable length lookbehind not implemented");
+@@ -5988,7 +6003,8 @@ Perl_re_printf( aTHX_ "LHS=%" UVuf " RHS=%" UVuf "\n",
+ /* optimise study_chunk() for TRIE */
+ minnext = study_chunk(pRExC_state, &scan, minlenp,
+ &deltanext, (regnode *)nextbranch, &data_fake,
+- stopparen, recursed_depth, NULL, f,depth+1);
++ stopparen, recursed_depth, NULL, f, depth+1,
++ mutate_ok);
+ }
+ if (nextbranch && PL_regkind[OP(nextbranch)]==BRANCH)
+ nextbranch= regnext((regnode*)nextbranch);
+@@ -7673,7 +7689,7 @@ Perl_re_op_compile(pTHX_ SV ** const patternp, int pat_count,
+ &data, -1, 0, NULL,
+ SCF_DO_SUBSTR | SCF_WHILEM_VISITED_POS | stclass_flag
+ | (restudied ? SCF_TRIE_DOING_RESTUDY : 0),
+- 0);
++ 0, TRUE);
+
+
+ CHECK_RESTUDY_GOTO_butfirst(LEAVE_with_name("study_chunk"));
+@@ -7802,7 +7818,7 @@ Perl_re_op_compile(pTHX_ SV ** const patternp, int pat_count,
+ SCF_DO_STCLASS_AND|SCF_WHILEM_VISITED_POS|(restudied
+ ? SCF_TRIE_DOING_RESTUDY
+ : 0),
+- 0);
++ 0, TRUE);
+
+ CHECK_RESTUDY_GOTO_butfirst(NOOP);
+
+diff --git a/t/re/pat.t b/t/re/pat.t
+index 1d98fe77d7..1488259b02 100644
+--- a/t/re/pat.t
++++ b/t/re/pat.t
+@@ -23,7 +23,7 @@ BEGIN {
+ skip_all('no re module') unless defined &DynaLoader::boot_DynaLoader;
+ skip_all_without_unicode_tables();
+
+-plan tests => 848; # Update this when adding/deleting tests.
++plan tests => 852; # Update this when adding/deleting tests.
+
+ run_tests() unless caller;
+
+@@ -1948,6 +1948,30 @@ EOP
+ fresh_perl_is('m m0*0+\Rm', "",{},"Undefined behavior in address sanitizer");
+ }
+
++ # gh16947: test regexp corruption (GOSUB)
++ {
++ fresh_perl_is(q{
++ 'xy' =~ /x(?0)|x(?|y|y)/ && print 'ok'
++ }, 'ok', {}, 'gh16947: test regexp corruption (GOSUB)');
++ }
++ # gh16947: test fix doesn't break SUSPEND
++ {
++ fresh_perl_is(q{ 'sx' =~ m{ss++}i; print 'ok' },
++ 'ok', {}, "gh16947: test fix doesn't break SUSPEND");
++ }
++
++ # gh17743: more regexp corruption via GOSUB
++ {
++ fresh_perl_is(q{
++ "0" =~ /((0(?0)|000(?|0000|0000)(?0))|)/; print "ok"
++ }, 'ok', {}, 'gh17743: test regexp corruption (1)');
++
++ fresh_perl_is(q{
++ "000000000000" =~ /(0(())(0((?0)())|000(?|\x{ef}\x{bf}\x{bd}|\x{ef}\x{bf}\x{bd}))|)/;
++ print "ok"
++ }, 'ok', {}, 'gh17743: test regexp corruption (2)');
++ }
++
+ } # End of sub run_tests
+
+ 1;
diff --git a/debian/patches/fixes/autodie-scope.diff b/debian/patches/fixes/autodie-scope.diff
index a9ce874a67..3b3c931b21 100644
--- a/debian/patches/fixes/autodie-scope.diff
+++ b/debian/patches/fixes/autodie-scope.diff
@@ -23,7 +23,7 @@ Patch-Name: fixes/autodie-scope.diff
create mode 100755 cpan/autodie/t/no-default.t
diff --git a/cpan/autodie/lib/Fatal.pm b/cpan/autodie/lib/Fatal.pm
-index 16e174347..2058abdab 100644
+index 16e1743474..2058abdab0 100644
--- a/cpan/autodie/lib/Fatal.pm
+++ b/cpan/autodie/lib/Fatal.pm
@@ -580,7 +580,12 @@ sub unimport {
@@ -42,7 +42,7 @@ index 16e174347..2058abdab 100644
}
diff --git a/cpan/autodie/t/no-all.t b/cpan/autodie/t/no-all.t
new file mode 100755
-index 000000000..1a503f68b
+index 0000000000..1a503f68be
--- /dev/null
+++ b/cpan/autodie/t/no-all.t
@@ -0,0 +1,22 @@
@@ -70,7 +70,7 @@ index 000000000..1a503f68b
+1;
diff --git a/cpan/autodie/t/no-default.t b/cpan/autodie/t/no-default.t
new file mode 100755
-index 000000000..44d2acf27
+index 0000000000..44d2acf27a
--- /dev/null
+++ b/cpan/autodie/t/no-default.t
@@ -0,0 +1,23 @@
diff --git a/debian/patches/fixes/caretx-fallback.diff b/debian/patches/fixes/caretx-fallback.diff
index e88d86c93c..60bad8b59d 100644
--- a/debian/patches/fixes/caretx-fallback.diff
+++ b/debian/patches/fixes/caretx-fallback.diff
@@ -12,7 +12,7 @@ Patch-Name: fixes/caretx-fallback.diff
1 file changed, 16 insertions(+), 12 deletions(-)
diff --git a/caretx.c b/caretx.c
-index d758f730d..247708de8 100644
+index d758f730de..247708de8c 100644
--- a/caretx.c
+++ b/caretx.c
@@ -56,7 +56,19 @@ Perl_set_caret_X(pTHX) {
diff --git a/debian/patches/fixes/cpan_web_link.diff b/debian/patches/fixes/cpan_web_link.diff
index 0aa99086b6..bf1874c393 100644
--- a/debian/patches/fixes/cpan_web_link.diff
+++ b/debian/patches/fixes/cpan_web_link.diff
@@ -11,7 +11,7 @@ Patch-Name: fixes/cpan_web_link.diff
1 file changed, 3 insertions(+)
diff --git a/cpan/CPAN/lib/CPAN.pm b/cpan/CPAN/lib/CPAN.pm
-index 1f69119e5..c472effe1 100644
+index 1f69119e5f..c472effe18 100644
--- a/cpan/CPAN/lib/CPAN.pm
+++ b/cpan/CPAN/lib/CPAN.pm
@@ -3990,6 +3990,9 @@ your operating system) then typing C<cpan> in a console window will
diff --git a/debian/patches/fixes/document_makemaker_ccflags.diff b/debian/patches/fixes/document_makemaker_ccflags.diff
index 5b8009f6fc..e2f86001b6 100644
--- a/debian/patches/fixes/document_makemaker_ccflags.diff
+++ b/debian/patches/fixes/document_makemaker_ccflags.diff
@@ -15,7 +15,7 @@ Patch-Name: fixes/document_makemaker_ccflags.diff
1 file changed, 4 insertions(+)
diff --git a/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MakeMaker.pm b/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MakeMaker.pm
-index 90d9eac49..81bdc9664 100644
+index 90d9eac49c..81bdc96649 100644
--- a/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MakeMaker.pm
+++ b/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MakeMaker.pm
@@ -1838,6 +1838,10 @@ currently used by MakeMaker but may be handy in Makefile.PLs.
diff --git a/debian/patches/fixes/errno-include-path.diff b/debian/patches/fixes/errno-include-path.diff
index be3c1945f4..bb5f58bf24 100644
--- a/debian/patches/fixes/errno-include-path.diff
+++ b/debian/patches/fixes/errno-include-path.diff
@@ -25,7 +25,7 @@ Origin: upstream, https://perl5.git.perl.org/perl.git/commit/6c5080f25fa3dcede39
1 file changed, 14 insertions(+), 10 deletions(-)
diff --git a/ext/Errno/Errno_pm.PL b/ext/Errno/Errno_pm.PL
-index 6a0031f0f..9d1454c96 100644
+index 6a0031f0f7..9d1454c96a 100644
--- a/ext/Errno/Errno_pm.PL
+++ b/ext/Errno/Errno_pm.PL
@@ -2,7 +2,7 @@ use ExtUtils::MakeMaker;
diff --git a/debian/patches/fixes/eumm-usrmerge.diff b/debian/patches/fixes/eumm-usrmerge.diff
index e8281a05f1..98243d139f 100644
--- a/debian/patches/fixes/eumm-usrmerge.diff
+++ b/debian/patches/fixes/eumm-usrmerge.diff
@@ -21,7 +21,7 @@ Patch-Name: fixes/eumm-usrmerge.diff
3 files changed, 55 insertions(+), 3 deletions(-)
diff --git a/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm b/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm
-index bb41b274b..2e33d0a8a 100644
+index bb41b274b3..2e33d0a8ae 100644
--- a/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm
+++ b/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm
@@ -1243,8 +1243,8 @@ sub _fixin_replace_shebang {
@@ -61,7 +61,7 @@ index bb41b274b..2e33d0a8a 100644
# Figure out how to invoke interpreter on this machine.
diff --git a/cpan/ExtUtils-MakeMaker/t/fixin.t b/cpan/ExtUtils-MakeMaker/t/fixin.t
-index 061e45624..872b023c5 100644
+index 061e456247..872b023c55 100644
--- a/cpan/ExtUtils-MakeMaker/t/fixin.t
+++ b/cpan/ExtUtils-MakeMaker/t/fixin.t
@@ -9,7 +9,7 @@ BEGIN {
@@ -109,7 +109,7 @@ index 061e45624..872b023c5 100644
+ );
+}
diff --git a/cpan/ExtUtils-MakeMaker/t/lib/MakeMaker/Test/Setup/BFD.pm b/cpan/ExtUtils-MakeMaker/t/lib/MakeMaker/Test/Setup/BFD.pm
-index 3d093fcfb..cfe49e546 100644
+index 3d093fcfbd..cfe49e5465 100644
--- a/cpan/ExtUtils-MakeMaker/t/lib/MakeMaker/Test/Setup/BFD.pm
+++ b/cpan/ExtUtils-MakeMaker/t/lib/MakeMaker/Test/Setup/BFD.pm
@@ -53,6 +53,9 @@ program - this is a program
diff --git a/debian/patches/fixes/fix-manifest-failures.diff b/debian/patches/fixes/fix-manifest-failures.diff
index 1570cb9801..69ff58e8b4 100644
--- a/debian/patches/fixes/fix-manifest-failures.diff
+++ b/debian/patches/fixes/fix-manifest-failures.diff
@@ -18,7 +18,7 @@ Patch-Name: fixes/fix-manifest-failures.diff
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/t/test.pl b/t/test.pl
-index 868911ce3..4d9af221b 100644
+index 868911ce39..4d9af221b9 100644
--- a/t/test.pl
+++ b/t/test.pl
@@ -199,7 +199,9 @@ sub find_git_or_skip {
diff --git a/debian/patches/fixes/getopt-long-4.diff b/debian/patches/fixes/getopt-long-4.diff
index 6a8200bfe5..f11cc82674 100644
--- a/debian/patches/fixes/getopt-long-4.diff
+++ b/debian/patches/fixes/getopt-long-4.diff
@@ -12,7 +12,7 @@ Patch-Name: fixes/getopt-long-4.diff
1 file changed, 6 insertions(+)
diff --git a/cpan/Getopt-Long/lib/Getopt/Long.pm b/cpan/Getopt-Long/lib/Getopt/Long.pm
-index 664c8b63c..e4e3026db 100644
+index 664c8b63c9..e4e3026db6 100644
--- a/cpan/Getopt-Long/lib/Getopt/Long.pm
+++ b/cpan/Getopt-Long/lib/Getopt/Long.pm
@@ -1123,6 +1123,12 @@ sub FindOption ($$$$$) {
diff --git a/debian/patches/fixes/inplace-editing-bugfix/part1.diff b/debian/patches/fixes/inplace-editing-bugfix/part1.diff
index 6bfdd9d44b..613eee2baf 100644
--- a/debian/patches/fixes/inplace-editing-bugfix/part1.diff
+++ b/debian/patches/fixes/inplace-editing-bugfix/part1.diff
@@ -14,7 +14,7 @@ Patch-Name: fixes/inplace-editing-bugfix/part1.diff
4 files changed, 43 insertions(+), 24 deletions(-)
diff --git a/doio.c b/doio.c
-index 309326b27..39f0c42e7 100644
+index 309326b27a..39f0c42e7e 100644
--- a/doio.c
+++ b/doio.c
@@ -1526,31 +1526,14 @@ S_dir_unchanged(pTHX_ const char *orig_pv, MAGIC *mg) {
@@ -96,7 +96,7 @@ index 309326b27..39f0c42e7 100644
}
else {
diff --git a/embed.fnc b/embed.fnc
-index 454a380e4..e762fe1ee 100644
+index 454a380e4c..e762fe1eec 100644
--- a/embed.fnc
+++ b/embed.fnc
@@ -440,6 +440,7 @@ p |bool|do_exec3 |NN const char *incmd|int fd|int do_report
@@ -108,7 +108,7 @@ index 454a380e4..e762fe1ee 100644
#if defined(HAS_MSG) || defined(HAS_SEM) || defined(HAS_SHM)
: Defined in doio.c, used only in pp_sys.c
diff --git a/embed.h b/embed.h
-index fb93ebc1c..a5416a114 100644
+index fb93ebc1cb..a5416a1148 100644
--- a/embed.h
+++ b/embed.h
@@ -1746,6 +1746,7 @@
@@ -120,7 +120,7 @@ index fb93ebc1c..a5416a114 100644
#define ingroup(a,b) S_ingroup(aTHX_ a,b)
#define openn_cleanup(a,b,c,d,e,f,g,h,i,j,k,l,m) S_openn_cleanup(aTHX_ a,b,c,d,e,f,g,h,i,j,k,l,m)
diff --git a/proto.h b/proto.h
-index c91141b9e..66bb29b13 100644
+index c91141b9e8..66bb29b132 100644
--- a/proto.h
+++ b/proto.h
@@ -4723,6 +4723,9 @@ STATIC void S_deb_stack_n(pTHX_ SV** stack_base, I32 stack_min, I32 stack_max, I
diff --git a/debian/patches/fixes/inplace-editing-bugfix/part2.diff b/debian/patches/fixes/inplace-editing-bugfix/part2.diff
index 07426faebe..9e8dab90d2 100644
--- a/debian/patches/fixes/inplace-editing-bugfix/part2.diff
+++ b/debian/patches/fixes/inplace-editing-bugfix/part2.diff
@@ -12,7 +12,7 @@ Patch-Name: fixes/inplace-editing-bugfix/part2.diff
1 file changed, 27 insertions(+), 1 deletion(-)
diff --git a/t/io/inplace.t b/t/io/inplace.t
-index 98159e06b..ac50f1ab7 100644
+index 98159e06bf..ac50f1ab77 100644
--- a/t/io/inplace.t
+++ b/t/io/inplace.t
@@ -5,7 +5,7 @@ require './test.pl';
diff --git a/debian/patches/fixes/inplace-editing-bugfix/part3.diff b/debian/patches/fixes/inplace-editing-bugfix/part3.diff
index 475e83ccbc..76dbdc410d 100644
--- a/debian/patches/fixes/inplace-editing-bugfix/part3.diff
+++ b/debian/patches/fixes/inplace-editing-bugfix/part3.diff
@@ -31,7 +31,7 @@ Patch-Name: fixes/inplace-editing-bugfix/part3.diff
3 files changed, 28 insertions(+), 23 deletions(-)
diff --git a/doio.c b/doio.c
-index 39f0c42e7..f8be31c84 100644
+index 39f0c42e7e..f8be31c84a 100644
--- a/doio.c
+++ b/doio.c
@@ -1173,34 +1173,39 @@ S_argvout_free(pTHX_ SV *io, MAGIC *mg) {
@@ -95,7 +95,7 @@ index 39f0c42e7..f8be31c84 100644
}
#ifdef ARGV_USE_ATFUNCTIONS
diff --git a/t/io/inplace.t b/t/io/inplace.t
-index ac50f1ab7..0403cd925 100644
+index ac50f1ab77..0403cd9250 100644
--- a/t/io/inplace.t
+++ b/t/io/inplace.t
@@ -96,7 +96,7 @@ SKIP:
@@ -108,7 +108,7 @@ index ac50f1ab7..0403cd925 100644
our $file = tempfile() ;
diff --git a/t/run/switches.t b/t/run/switches.t
-index 7ccef1e06..594cad6e7 100644
+index 7ccef1e063..594cad6e7f 100644
--- a/t/run/switches.t
+++ b/t/run/switches.t
@@ -429,7 +429,7 @@ __EOF__
diff --git a/debian/patches/fixes/io-socket-ip-nov4.diff b/debian/patches/fixes/io-socket-ip-nov4.diff
new file mode 100644
index 0000000000..e5c90653ea
--- /dev/null
+++ b/debian/patches/fixes/io-socket-ip-nov4.diff
@@ -0,0 +1,272 @@
+From f957f72fbf1f8097741f2e7383cb504fb728391d Mon Sep 17 00:00:00 2001
+From: Dominic Hargreaves <dom@earth.li>
+Date: Wed, 3 Jun 2020 22:38:09 +0100
+Subject: Fix test failures in IO::Socket::IP with an IPv6-only host
+
+This can be tested with:
+
+ # unshare -n
+ # ip li set lo up
+ # ip li add dummy0 type dummy
+ # ip li set dummy0 up
+
+Thanks to Julien Cristau and Niko Tyni for contributing the basis
+of the patch and test instructions.
+
+Bug-Debian: https://bugs.debian.org/962019
+Forwarded: https://rt.cpan.org/Ticket/Display.html?id=132760
+Patch-Name: fixes/io-socket-ip-nov4.diff
+---
+ cpan/IO-Socket-IP/t/01local-client-v4.t | 4 +++-
+ cpan/IO-Socket-IP/t/02local-server-v4.t | 3 ++-
+ cpan/IO-Socket-IP/t/03local-cross-v4.t | 3 +++
+ cpan/IO-Socket-IP/t/11sockopts.t | 6 +++++-
+ cpan/IO-Socket-IP/t/18fdopen.t | 3 ++-
+ cpan/IO-Socket-IP/t/20subclass.t | 3 +++
+ cpan/IO-Socket-IP/t/21as-inet.t | 3 +++
+ cpan/IO-Socket-IP/t/22timeout.t | 3 +++
+ cpan/IO-Socket-IP/t/30nonblocking-connect.t | 4 +++-
+ 9 files changed, 27 insertions(+), 5 deletions(-)
+
+diff --git a/cpan/IO-Socket-IP/t/01local-client-v4.t b/cpan/IO-Socket-IP/t/01local-client-v4.t
+index 7ab7156993..f6aeac4c3b 100644
+--- a/cpan/IO-Socket-IP/t/01local-client-v4.t
++++ b/cpan/IO-Socket-IP/t/01local-client-v4.t
+@@ -8,7 +8,7 @@ use Test::More;
+ use IO::Socket::IP;
+
+ use IO::Socket::INET;
+-use Socket qw( inet_aton inet_ntoa pack_sockaddr_in unpack_sockaddr_in );
++use Socket qw( inet_aton inet_ntoa pack_sockaddr_in unpack_sockaddr_in AI_NUMERICHOST );
+
+ # Some odd locations like BSD jails might not like INADDR_LOOPBACK. We'll
+ # establish a baseline first to test against
+@@ -29,12 +29,14 @@ foreach my $socktype (qw( SOCK_STREAM SOCK_DGRAM )) {
+ LocalHost => "127.0.0.1",
+ Type => Socket->$socktype,
+ Proto => ( $socktype eq "SOCK_STREAM" ? "tcp" : "udp" ), # Because IO::Socket::INET is stupid and always presumes tcp
++ GetAddrInfoFlags => AI_NUMERICHOST,
+ ) or die "Cannot listen on PF_INET - $@";
+
+ my $socket = IO::Socket::IP->new(
+ PeerHost => "127.0.0.1",
+ PeerService => $testserver->sockport,
+ Type => Socket->$socktype,
++ GetAddrInfoFlags => AI_NUMERICHOST,
+ );
+
+ ok( defined $socket, "IO::Socket::IP->new constructs a $socktype socket" ) or
+diff --git a/cpan/IO-Socket-IP/t/02local-server-v4.t b/cpan/IO-Socket-IP/t/02local-server-v4.t
+index c0d349f573..fb711f08bd 100644
+--- a/cpan/IO-Socket-IP/t/02local-server-v4.t
++++ b/cpan/IO-Socket-IP/t/02local-server-v4.t
+@@ -8,7 +8,7 @@ use Test::More;
+ use IO::Socket::IP;
+
+ use IO::Socket::INET;
+-use Socket qw( inet_aton inet_ntoa pack_sockaddr_in unpack_sockaddr_in );
++use Socket qw( inet_aton inet_ntoa pack_sockaddr_in unpack_sockaddr_in AI_NUMERICHOST );
+
+ # Some odd locations like BSD jails might not like INADDR_LOOPBACK. We'll
+ # establish a baseline first to test against
+@@ -29,6 +29,7 @@ foreach my $socktype (qw( SOCK_STREAM SOCK_DGRAM )) {
+ LocalHost => "127.0.0.1",
+ LocalPort => "0",
+ Type => Socket->$socktype,
++ GetAddrInfoFlags => AI_NUMERICHOST,
+ );
+
+ ok( defined $testserver, "IO::Socket::IP->new constructs a $socktype socket" ) or
+diff --git a/cpan/IO-Socket-IP/t/03local-cross-v4.t b/cpan/IO-Socket-IP/t/03local-cross-v4.t
+index 8cac72a95b..3e8174ee08 100644
+--- a/cpan/IO-Socket-IP/t/03local-cross-v4.t
++++ b/cpan/IO-Socket-IP/t/03local-cross-v4.t
+@@ -6,6 +6,7 @@ use warnings;
+ use Test::More;
+
+ use IO::Socket::IP;
++use Socket qw(AI_NUMERICHOST);
+
+ foreach my $socktype (qw( SOCK_STREAM SOCK_DGRAM )) {
+ my $testserver = IO::Socket::IP->new(
+@@ -13,12 +14,14 @@ foreach my $socktype (qw( SOCK_STREAM SOCK_DGRAM )) {
+ LocalHost => "127.0.0.1",
+ LocalPort => "0",
+ Type => Socket->$socktype,
++ GetAddrInfoFlags => AI_NUMERICHOST,
+ ) or die "Cannot listen on PF_INET - $@";
+
+ my $socket = IO::Socket::IP->new(
+ PeerHost => "127.0.0.1",
+ PeerService => $testserver->sockport,
+ Type => Socket->$socktype,
++ GetAddrInfoFlags => AI_NUMERICHOST,
+ ) or die "Cannot connect on PF_INET - $@";
+
+ my $testclient = ( $socktype eq "SOCK_STREAM" ) ?
+diff --git a/cpan/IO-Socket-IP/t/11sockopts.t b/cpan/IO-Socket-IP/t/11sockopts.t
+index 5b850924dd..28daada89f 100644
+--- a/cpan/IO-Socket-IP/t/11sockopts.t
++++ b/cpan/IO-Socket-IP/t/11sockopts.t
+@@ -8,7 +8,7 @@ use Test::More;
+ use IO::Socket::IP;
+
+ use Errno qw( EACCES );
+-use Socket qw( SOL_SOCKET SO_REUSEADDR SO_REUSEPORT SO_BROADCAST );
++use Socket qw( SOL_SOCKET SO_REUSEADDR SO_REUSEPORT SO_BROADCAST AI_NUMERICHOST);
+
+ TODO: {
+ local $TODO = "SO_REUSEADDR doesn't appear to work on cygwin smokers" if $^O eq "cygwin";
+@@ -21,6 +21,7 @@ TODO: {
+ Type => SOCK_STREAM,
+ Listen => 1,
+ ReuseAddr => 1,
++ GetAddrInfoFlags => AI_NUMERICHOST,
+ ) or die "Cannot socket() - $@";
+
+ ok( $sock->getsockopt( SOL_SOCKET, SO_REUSEADDR ), 'SO_REUSEADDR set' );
+@@ -32,6 +33,7 @@ TODO: {
+ Sockopts => [
+ [ SOL_SOCKET, SO_REUSEADDR ],
+ ],
++ GetAddrInfoFlags => AI_NUMERICHOST,
+ ) or die "Cannot socket() - $@";
+
+ ok( $sock->getsockopt( SOL_SOCKET, SO_REUSEADDR ), 'SO_REUSEADDR set via Sockopts' );
+@@ -50,6 +52,7 @@ SKIP: {
+ Type => SOCK_STREAM,
+ Listen => 1,
+ ReusePort => 1,
++ GetAddrInfoFlags => AI_NUMERICHOST,
+ ) or die "Cannot socket() - $@";
+
+ ok( $sock->getsockopt( SOL_SOCKET, SO_REUSEPORT ), 'SO_REUSEPORT set' );
+@@ -62,6 +65,7 @@ SKIP: {
+ LocalHost => "127.0.0.1",
+ Type => SOCK_DGRAM,
+ Broadcast => 1,
++ GetAddrInfoFlags => AI_NUMERICHOST,
+ );
+ skip "Privileges required to set broadcast on datagram socket", 1 if !$sock and $! == EACCES;
+ die "Cannot socket() - $@" unless $sock;
+diff --git a/cpan/IO-Socket-IP/t/18fdopen.t b/cpan/IO-Socket-IP/t/18fdopen.t
+index 20cbe46d47..6843a2c3d2 100644
+--- a/cpan/IO-Socket-IP/t/18fdopen.t
++++ b/cpan/IO-Socket-IP/t/18fdopen.t
+@@ -6,12 +6,13 @@ use warnings;
+ use Test::More;
+
+ use IO::Socket::IP;
+-use Socket qw( SOCK_STREAM );
++use Socket qw( SOCK_STREAM AI_NUMERICHOST );
+
+ my $s1 = IO::Socket::IP->new(
+ LocalHost => "127.0.0.1",
+ Type => SOCK_STREAM,
+ Listen => 1,
++ GetAddrInfoFlags => AI_NUMERICHOST,
+ ) or die "Cannot listen on AF_INET - $@";
+
+ my $s2 = IO::Socket::IP->new;
+diff --git a/cpan/IO-Socket-IP/t/20subclass.t b/cpan/IO-Socket-IP/t/20subclass.t
+index 231bd52cab..fbc9cff23e 100644
+--- a/cpan/IO-Socket-IP/t/20subclass.t
++++ b/cpan/IO-Socket-IP/t/20subclass.t
+@@ -6,16 +6,19 @@ use warnings;
+ use Test::More;
+
+ use IO::Socket::IP;
++use Socket qw( AI_NUMERICHOST );
+
+ my $server = IO::Socket::IP->new(
+ Listen => 1,
+ LocalHost => "127.0.0.1",
+ LocalPort => 0,
++ GetAddrInfoFlags => AI_NUMERICHOST,
+ ) or die "Cannot listen on PF_INET - $!";
+
+ my $client = IO::Socket::IP->new(
+ PeerHost => $server->sockhost,
+ PeerPort => $server->sockport,
++ GetAddrInfoFlags => AI_NUMERICHOST,
+ ) or die "Cannot connect on PF_INET - $!";
+
+ my $accepted = $server->accept( 'MySubclass' )
+diff --git a/cpan/IO-Socket-IP/t/21as-inet.t b/cpan/IO-Socket-IP/t/21as-inet.t
+index 2b8713d46f..fedb8be538 100644
+--- a/cpan/IO-Socket-IP/t/21as-inet.t
++++ b/cpan/IO-Socket-IP/t/21as-inet.t
+@@ -6,16 +6,19 @@ use warnings;
+ use Test::More;
+
+ use IO::Socket::IP;
++use Socket qw( AI_NUMERICHOST );
+
+ my $server = IO::Socket::IP->new(
+ Listen => 1,
+ LocalHost => "127.0.0.1",
+ LocalPort => 0,
++ GetAddrInfoFlags => AI_NUMERICHOST,
+ ) or die "Cannot listen on PF_INET - $!";
+
+ my $client = IO::Socket::IP->new(
+ PeerHost => $server->sockhost,
+ PeerPort => $server->sockport,
++ GetAddrInfoFlags => AI_NUMERICHOST,
+ ) or die "Cannot connect on PF_INET - $!";
+
+ my $accepted = $server->accept
+diff --git a/cpan/IO-Socket-IP/t/22timeout.t b/cpan/IO-Socket-IP/t/22timeout.t
+index a4c28b3af0..c4a08f5d1f 100644
+--- a/cpan/IO-Socket-IP/t/22timeout.t
++++ b/cpan/IO-Socket-IP/t/22timeout.t
+@@ -6,17 +6,20 @@ use warnings;
+ use Test::More;
+
+ use IO::Socket::IP;
++use Socket qw( AI_NUMERICHOST );
+
+ my $server = IO::Socket::IP->new(
+ Listen => 1,
+ LocalHost => "127.0.0.1",
+ LocalPort => 0,
++ GetAddrInfoFlags => AI_NUMERICHOST,
+ ) or die "Cannot listen on PF_INET - $!";
+
+ my $client = IO::Socket::IP->new(
+ PeerHost => $server->sockhost,
+ PeerPort => $server->sockport,
+ Timeout => 0.1,
++ GetAddrInfoFlags => AI_NUMERICHOST,
+ ) or die "Cannot connect on PF_INET - $!";
+
+ ok( defined $client, 'client constructed with Timeout' );
+diff --git a/cpan/IO-Socket-IP/t/30nonblocking-connect.t b/cpan/IO-Socket-IP/t/30nonblocking-connect.t
+index 518bd2ebd8..ade8349354 100644
+--- a/cpan/IO-Socket-IP/t/30nonblocking-connect.t
++++ b/cpan/IO-Socket-IP/t/30nonblocking-connect.t
+@@ -8,7 +8,7 @@ use Test::More;
+ use IO::Socket::IP;
+
+ use IO::Socket::INET;
+-use Socket qw( inet_aton inet_ntoa pack_sockaddr_in unpack_sockaddr_in );
++use Socket qw( inet_aton inet_ntoa pack_sockaddr_in unpack_sockaddr_in AI_NUMERICHOST );
+ use Errno qw( EINPROGRESS EWOULDBLOCK );
+
+ # Some odd locations like BSD jails might not like INADDR_LOOPBACK. We'll
+@@ -27,6 +27,7 @@ my $testserver = IO::Socket::INET->new(
+ Listen => 1,
+ LocalHost => "127.0.0.1",
+ Type => SOCK_STREAM,
++ GetAddrInfoFlags => AI_NUMERICHOST,
+ ) or die "Cannot listen on PF_INET - $@";
+
+ my $socket = IO::Socket::IP->new(
+@@ -34,6 +35,7 @@ my $socket = IO::Socket::IP->new(
+ PeerService => $testserver->sockport,
+ Type => SOCK_STREAM,
+ Blocking => 0,
++ GetAddrInfoFlags => AI_NUMERICHOST,
+ );
+
+ ok( defined $socket, 'IO::Socket::IP->new( Blocking => 0 ) constructs a socket' ) or
diff --git a/debian/patches/fixes/kfreebsd-renameat.diff b/debian/patches/fixes/kfreebsd-renameat.diff
index 76dcd2cb60..307966e8f8 100644
--- a/debian/patches/fixes/kfreebsd-renameat.diff
+++ b/debian/patches/fixes/kfreebsd-renameat.diff
@@ -12,7 +12,7 @@ Origin: upstream, https://perl5.git.perl.org/perl.git/commit/a3c63a9402266c2f0e3
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/doio.c b/doio.c
-index 16daf9fd1..309326b27 100644
+index 16daf9fd11..309326b27a 100644
--- a/doio.c
+++ b/doio.c
@@ -1461,7 +1461,7 @@ Perl_nextargv(pTHX_ GV *gv, bool nomagicopen)
diff --git a/debian/patches/fixes/math_complex_doc_angle_units.diff b/debian/patches/fixes/math_complex_doc_angle_units.diff
index 7b1bc195bb..55d40cacc4 100644
--- a/debian/patches/fixes/math_complex_doc_angle_units.diff
+++ b/debian/patches/fixes/math_complex_doc_angle_units.diff
@@ -11,7 +11,7 @@ Patch-Name: fixes/math_complex_doc_angle_units.diff
1 file changed, 5 insertions(+)
diff --git a/cpan/Math-Complex/lib/Math/Trig.pm b/cpan/Math-Complex/lib/Math/Trig.pm
-index acad31ff4..bc7ac780e 100644
+index acad31ff49..bc7ac780e9 100644
--- a/cpan/Math-Complex/lib/Math/Trig.pm
+++ b/cpan/Math-Complex/lib/Math/Trig.pm
@@ -263,6 +263,11 @@ core Perl which defines only the C<sin()> and C<cos()>. The constant
diff --git a/debian/patches/fixes/math_complex_doc_great_circle.diff b/debian/patches/fixes/math_complex_doc_great_circle.diff
index bd92da8c47..0044737926 100644
--- a/debian/patches/fixes/math_complex_doc_great_circle.diff
+++ b/debian/patches/fixes/math_complex_doc_great_circle.diff
@@ -11,7 +11,7 @@ Patch-Name: fixes/math_complex_doc_great_circle.diff
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/cpan/Math-Complex/lib/Math/Trig.pm b/cpan/Math-Complex/lib/Math/Trig.pm
-index 1d9612a41..efc2ff80a 100644
+index 1d9612a41c..efc2ff80ac 100644
--- a/cpan/Math-Complex/lib/Math/Trig.pm
+++ b/cpan/Math-Complex/lib/Math/Trig.pm
@@ -608,7 +608,7 @@ or the midpoint if you know the end points:
diff --git a/debian/patches/fixes/math_complex_doc_see_also.diff b/debian/patches/fixes/math_complex_doc_see_also.diff
index 3fccf3a408..a450510bec 100644
--- a/debian/patches/fixes/math_complex_doc_see_also.diff
+++ b/debian/patches/fixes/math_complex_doc_see_also.diff
@@ -11,7 +11,7 @@ Patch-Name: fixes/math_complex_doc_see_also.diff
1 file changed, 2 insertions(+)
diff --git a/cpan/Math-Complex/lib/Math/Trig.pm b/cpan/Math-Complex/lib/Math/Trig.pm
-index efc2ff80a..acad31ff4 100644
+index efc2ff80ac..acad31ff49 100644
--- a/cpan/Math-Complex/lib/Math/Trig.pm
+++ b/cpan/Math-Complex/lib/Math/Trig.pm
@@ -743,6 +743,8 @@ an answer instead of giving a fatal runtime error.
diff --git a/debian/patches/fixes/memoize-pod.diff b/debian/patches/fixes/memoize-pod.diff
index 0c6fb04c14..66fa487c39 100644
--- a/debian/patches/fixes/memoize-pod.diff
+++ b/debian/patches/fixes/memoize-pod.diff
@@ -11,7 +11,7 @@ Patch-Name: fixes/memoize-pod.diff
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/cpan/Memoize/Memoize.pm b/cpan/Memoize/Memoize.pm
-index f4e6522d4..2f28b361f 100644
+index f4e6522d48..2f28b361f8 100644
--- a/cpan/Memoize/Memoize.pm
+++ b/cpan/Memoize/Memoize.pm
@@ -752,6 +752,8 @@ cache that was populated by the first call. C<complicated> ends up
diff --git a/debian/patches/fixes/memoize_storable_nstore.diff b/debian/patches/fixes/memoize_storable_nstore.diff
index ce29fa254f..942ee01d70 100644
--- a/debian/patches/fixes/memoize_storable_nstore.diff
+++ b/debian/patches/fixes/memoize_storable_nstore.diff
@@ -53,7 +53,7 @@ Patch-Name: fixes/memoize_storable_nstore.diff
2 files changed, 21 insertions(+), 5 deletions(-)
diff --git a/cpan/Memoize/Memoize/Storable.pm b/cpan/Memoize/Memoize/Storable.pm
-index 131479729..87876f227 100644
+index 1314797297..87876f227e 100644
--- a/cpan/Memoize/Memoize/Storable.pm
+++ b/cpan/Memoize/Memoize/Storable.pm
@@ -55,7 +55,7 @@ sub DESTROY {
@@ -66,7 +66,7 @@ index 131479729..87876f227 100644
} else {
Storable::store($self->{H}, $self->{FILENAME});
diff --git a/cpan/Memoize/t/tie_storable.t b/cpan/Memoize/t/tie_storable.t
-index de3b8dc26..a62423850 100644
+index de3b8dc26b..a62423850e 100644
--- a/cpan/Memoize/t/tie_storable.t
+++ b/cpan/Memoize/t/tie_storable.t
@@ -31,18 +31,34 @@ if ($@) {
diff --git a/debian/patches/fixes/pipe-open-bugfix/part1.diff b/debian/patches/fixes/pipe-open-bugfix/part1.diff
index 59a527b1b4..763168dbb5 100644
--- a/debian/patches/fixes/pipe-open-bugfix/part1.diff
+++ b/debian/patches/fixes/pipe-open-bugfix/part1.diff
@@ -23,7 +23,7 @@ Patch-Name: fixes/pipe-open-bugfix/part1.diff
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/util.c b/util.c
-index 842cc953e..17dfda9bc 100644
+index 842cc953e2..17dfda9bc7 100644
--- a/util.c
+++ b/util.c
@@ -2441,8 +2441,10 @@ Perl_my_popen(pTHX_ const char *cmd, const char *mode)
diff --git a/debian/patches/fixes/pipe-open-bugfix/part2.diff b/debian/patches/fixes/pipe-open-bugfix/part2.diff
index cc5ba71bb7..73e160a022 100644
--- a/debian/patches/fixes/pipe-open-bugfix/part2.diff
+++ b/debian/patches/fixes/pipe-open-bugfix/part2.diff
@@ -15,7 +15,7 @@ Patch-Name: fixes/pipe-open-bugfix/part2.diff
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/util.c b/util.c
-index 17dfda9bc..25b5c6601 100644
+index 17dfda9bc7..25b5c6601e 100644
--- a/util.c
+++ b/util.c
@@ -2302,8 +2302,10 @@ Perl_my_popen_list(pTHX_ const char *mode, int n, SV **args)
diff --git a/debian/patches/fixes/posix-mb-sbuild-fix.diff b/debian/patches/fixes/posix-mb-sbuild-fix.diff
new file mode 100644
index 0000000000..ae9c9d71e9
--- /dev/null
+++ b/debian/patches/fixes/posix-mb-sbuild-fix.diff
@@ -0,0 +1,39 @@
+From b13b2eb99ca0d8286d45d09a5439dc25d39ea18b Mon Sep 17 00:00:00 2001
+From: Dominic Hargreaves <dom@earth.li>
+Date: Sun, 17 May 2020 00:14:23 +0100
+Subject: Fix edge case test failure in ext/POSIX/t/mb.t
+
+This new test fails in an environment where LANG is set to one thing and
+LC_ALL is set to another, and where LANG is set to a locale which is
+not installed in the environment in question.
+
+Such a test environment is arguably broken, but appears in common
+chroot setups such as Debian's sbuild tool where LANG is inherited from
+the parent environment, and LC_ALL is used to override it.
+
+Origin: backport, https://github.com/Perl/perl5/commit/8f8f6a18de1ce640a226f841deebf018443f872f
+Patch-Name: fixes/posix-mb-sbuild-fix.diff
+---
+ ext/POSIX/t/mb.t | 8 ++++++--
+ 1 file changed, 6 insertions(+), 2 deletions(-)
+
+diff --git a/ext/POSIX/t/mb.t b/ext/POSIX/t/mb.t
+index 961edf6cf2..cdd0808eee 100644
+--- a/ext/POSIX/t/mb.t
++++ b/ext/POSIX/t/mb.t
+@@ -33,9 +33,13 @@ SKIP: {
+ my $utf8_locale = find_utf8_ctype_locale();
+ skip("no utf8 locale available", 2) unless $utf8_locale;
+
++ # Here we need to influence LC_CTYPE, but it's not enough to just
++ # set this because LC_ALL could override it. It's also not enough
++ # to delete LC_ALL because it could be used to override other
++ # variables such as LANG in the underlying test environment.
++ # Continue to set LC_CTYPE just in case...
+ local $ENV{LC_CTYPE} = $utf8_locale;
+- local $ENV{LC_ALL};
+- delete $ENV{LC_ALL};
++ local $ENV{LC_ALL} = $utf8_locale;
+
+ fresh_perl_is(
+ 'use POSIX; print &POSIX::mblen("\x{c3}\x{28}", &POSIX::MB_CUR_MAX)',
diff --git a/debian/patches/fixes/posix-mbrlen.diff b/debian/patches/fixes/posix-mbrlen.diff
index f7dc1a4140..4e574d4d72 100644
--- a/debian/patches/fixes/posix-mbrlen.diff
+++ b/debian/patches/fixes/posix-mbrlen.diff
@@ -53,7 +53,7 @@ Origin: backport, https://perl5.git.perl.org/perl.git/commit/25d7b7aa379d33ce2e8
create mode 100644 ext/POSIX/t/mb.t
diff --git a/MANIFEST b/MANIFEST
-index fcf3455b2..aa5e9b16b 100644
+index fcf3455b2e..aa5e9b16bd 100644
--- a/MANIFEST
+++ b/MANIFEST
@@ -4233,6 +4233,7 @@ ext/POSIX/POSIX.xs POSIX extension external subroutines
@@ -65,7 +65,7 @@ index fcf3455b2..aa5e9b16b 100644
ext/POSIX/t/sigaction.t See if POSIX::sigaction works
ext/POSIX/t/sigset.t See if POSIX::SigSet works
diff --git a/ext/POSIX/POSIX.xs b/ext/POSIX/POSIX.xs
-index 749730584..395025a86 100644
+index 7497305841..395025a868 100644
--- a/ext/POSIX/POSIX.xs
+++ b/ext/POSIX/POSIX.xs
@@ -3318,7 +3318,7 @@ mblen(s, n)
@@ -79,7 +79,7 @@ index 749730584..395025a86 100644
RETVAL = mblen(s, n);
diff --git a/ext/POSIX/t/mb.t b/ext/POSIX/t/mb.t
new file mode 100644
-index 000000000..961edf6cf
+index 0000000000..961edf6cf2
--- /dev/null
+++ b/ext/POSIX/t/mb.t
@@ -0,0 +1,47 @@
diff --git a/debian/patches/fixes/respect_umask.diff b/debian/patches/fixes/respect_umask.diff
index db0c73036b..e7186f8aae 100644
--- a/debian/patches/fixes/respect_umask.diff
+++ b/debian/patches/fixes/respect_umask.diff
@@ -13,7 +13,7 @@ Patch-Name: fixes/respect_umask.diff
2 files changed, 18 insertions(+), 18 deletions(-)
diff --git a/cpan/ExtUtils-Install/lib/ExtUtils/Install.pm b/cpan/ExtUtils-Install/lib/ExtUtils/Install.pm
-index 047c00714..cd7e4f234 100644
+index 047c007145..cd7e4f234c 100644
--- a/cpan/ExtUtils-Install/lib/ExtUtils/Install.pm
+++ b/cpan/ExtUtils-Install/lib/ExtUtils/Install.pm
@@ -463,7 +463,7 @@ sub _can_write_dir {
@@ -88,7 +88,7 @@ index 047c00714..cd7e4f234 100644
if ($need_filtering) {
run_filter($pm_filter, $from, $to);
diff --git a/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm b/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm
-index fe53be12e..274e35c6f 100644
+index fe53be12ef..274e35c6fc 100644
--- a/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm
+++ b/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm
@@ -2229,7 +2229,7 @@ doc__install : doc_site_install
diff --git a/debian/patches/fixes/storable-probing/disable-probing.diff b/debian/patches/fixes/storable-probing/disable-probing.diff
index eace7c22a7..697344dd31 100644
--- a/debian/patches/fixes/storable-probing/disable-probing.diff
+++ b/debian/patches/fixes/storable-probing/disable-probing.diff
@@ -22,7 +22,7 @@ Patch-Name: fixes/storable-probing/disable-probing.diff
8 files changed, 31 insertions(+), 164 deletions(-)
diff --git a/Makefile.SH b/Makefile.SH
-index 48151bce6..084924dab 100755
+index 48151bce65..084924dab5 100755
--- a/Makefile.SH
+++ b/Makefile.SH
@@ -173,15 +173,11 @@ esac
@@ -77,7 +77,7 @@ index 48151bce6..084924dab 100755
flags="--$name";
flags=`echo $flags | sed -e 's/--all//'`
diff --git a/dist/Storable/Makefile.PL b/dist/Storable/Makefile.PL
-index 69efc8294..60af5d256 100644
+index 69efc82944..60af5d256a 100644
--- a/dist/Storable/Makefile.PL
+++ b/dist/Storable/Makefile.PL
@@ -12,15 +12,7 @@ use Config;
@@ -144,7 +144,7 @@ index 69efc8294..60af5d256 100644
'
all :: Storable.pm
diff --git a/dist/Storable/__Storable__.pm b/dist/Storable/__Storable__.pm
-index 71c669daa..e5a655ecd 100644
+index 71c669daaf..e5a655ecda 100644
--- a/dist/Storable/__Storable__.pm
+++ b/dist/Storable/__Storable__.pm
@@ -32,8 +32,6 @@ our $VERSION = '3.08';
@@ -193,7 +193,7 @@ index 71c669daa..e5a655ecd 100644
modifying C<$Storable::recursion_limit> and
C<$Storable::recursion_limit_hash> respectively. Either can be set to
diff --git a/dist/Storable/stacksize b/dist/Storable/stacksize
-index 14e073973..f93eccce1 100644
+index 14e0739734..f93eccce1a 100644
--- a/dist/Storable/stacksize
+++ b/dist/Storable/stacksize
@@ -1,21 +1,17 @@
@@ -370,7 +370,7 @@ index 14e073973..f93eccce1 100644
- or die "Failed to close $fn: $!\n";
}
diff --git a/dist/Storable/t/recurse.t b/dist/Storable/t/recurse.t
-index 63fde90fd..b5967a072 100644
+index 63fde90fdf..b5967a072c 100644
--- a/dist/Storable/t/recurse.t
+++ b/dist/Storable/t/recurse.t
@@ -318,9 +318,11 @@ is($refcount_ok, 1, "check refcount");
@@ -387,7 +387,7 @@ index 63fde90fd..b5967a072 100644
my $t;
print "# max depth ", MAX_DEPTH, "\n";
diff --git a/win32/GNUmakefile b/win32/GNUmakefile
-index 05193a1f2..afc18ec8a 100644
+index 05193a1f2d..afc18ec8a4 100644
--- a/win32/GNUmakefile
+++ b/win32/GNUmakefile
@@ -1168,7 +1168,7 @@ CFG_VARS = \
@@ -417,7 +417,7 @@ index 05193a1f2..afc18ec8a 100644
# be running in parallel like UNIDATAFILES, this target a placeholder for the
# future
diff --git a/win32/Makefile b/win32/Makefile
-index 1e245f712..a4776dd22 100644
+index 1e245f7128..a4776dd227 100644
--- a/win32/Makefile
+++ b/win32/Makefile
@@ -939,7 +939,7 @@ CFG_VARS = \
@@ -452,7 +452,7 @@ index 1e245f712..a4776dd22 100644
-del /f $(LIBDIR)\Win32CORE.pm
-del /f $(LIBDIR)\Win32API\File.pm
diff --git a/win32/makefile.mk b/win32/makefile.mk
-index a6072a95a..15b148d15 100644
+index a6072a95a6..15b148d155 100644
--- a/win32/makefile.mk
+++ b/win32/makefile.mk
@@ -1139,7 +1139,7 @@ CFG_VARS = \
diff --git a/debian/patches/fixes/storable-probing/prereq1.diff b/debian/patches/fixes/storable-probing/prereq1.diff
index 88e4751b27..18cef04078 100644
--- a/debian/patches/fixes/storable-probing/prereq1.diff
+++ b/debian/patches/fixes/storable-probing/prereq1.diff
@@ -12,7 +12,7 @@ Patch-Name: fixes/storable-probing/prereq1.diff
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/dist/Storable/Makefile.PL b/dist/Storable/Makefile.PL
-index 697750566..4f0213277 100644
+index 697750566d..4f02132776 100644
--- a/dist/Storable/Makefile.PL
+++ b/dist/Storable/Makefile.PL
@@ -14,10 +14,12 @@ use File::Spec;
diff --git a/debian/patches/fixes/storable-probing/prereq2.diff b/debian/patches/fixes/storable-probing/prereq2.diff
index a6fbabce28..7f3175ad36 100644
--- a/debian/patches/fixes/storable-probing/prereq2.diff
+++ b/debian/patches/fixes/storable-probing/prereq2.diff
@@ -12,7 +12,7 @@ Patch-Name: fixes/storable-probing/prereq2.diff
2 files changed, 15 insertions(+), 4 deletions(-)
diff --git a/dist/Storable/Makefile.PL b/dist/Storable/Makefile.PL
-index 4f0213277..69efc8294 100644
+index 4f02132776..69efc82944 100644
--- a/dist/Storable/Makefile.PL
+++ b/dist/Storable/Makefile.PL
@@ -92,11 +92,18 @@ sub depend {
@@ -36,7 +36,7 @@ index 4f0213277..69efc8294 100644
release : dist
git tag \$(VERSION)
diff --git a/dist/Storable/stacksize b/dist/Storable/stacksize
-index 7abd3a84c..14e073973 100644
+index 7abd3a84cc..14e0739734 100644
--- a/dist/Storable/stacksize
+++ b/dist/Storable/stacksize
@@ -7,6 +7,9 @@ use Cwd;
diff --git a/debian/patches/fixes/storable-recursion.diff b/debian/patches/fixes/storable-recursion.diff
index 28a17493ed..8d9dd7aa2c 100644
--- a/debian/patches/fixes/storable-recursion.diff
+++ b/debian/patches/fixes/storable-recursion.diff
@@ -54,7 +54,7 @@ Patch-Name: fixes/storable-recursion.diff
2 files changed, 77 insertions(+), 37 deletions(-)
diff --git a/dist/Storable/Storable.xs b/dist/Storable/Storable.xs
-index 6a90e2481..f6df32b12 100644
+index 6a90e24814..f6df32b121 100644
--- a/dist/Storable/Storable.xs
+++ b/dist/Storable/Storable.xs
@@ -418,6 +418,24 @@ typedef struct stcxt {
@@ -259,7 +259,7 @@ index 6a90e2481..f6df32b12 100644
--cxt->recur_depth;
}
diff --git a/dist/Storable/t/recurse.t b/dist/Storable/t/recurse.t
-index fa8be0b37..63fde90fd 100644
+index fa8be0b374..63fde90fdf 100644
--- a/dist/Storable/t/recurse.t
+++ b/dist/Storable/t/recurse.t
@@ -20,7 +20,7 @@ use Storable qw(freeze thaw dclone);
diff --git a/debian/patches/fixes/time-local-2020.diff b/debian/patches/fixes/time-local-2020.diff
index 6e26e6142f..de58fe2c0d 100644
--- a/debian/patches/fixes/time-local-2020.diff
+++ b/debian/patches/fixes/time-local-2020.diff
@@ -15,7 +15,7 @@ Patch-Name: fixes/time-local-2020.diff
1 file changed, 5 insertions(+), 6 deletions(-)
diff --git a/cpan/Time-Local/t/Local.t b/cpan/Time-Local/t/Local.t
-index 634139695..e28c6d212 100644
+index 634139695f..e28c6d2129 100644
--- a/cpan/Time-Local/t/Local.t
+++ b/cpan/Time-Local/t/Local.t
@@ -96,7 +96,7 @@ SKIP: {
diff --git a/debian/patches/series b/debian/patches/series
index 223bfea376..d0328bc6e9 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -59,3 +59,8 @@ fixes/storable-probing/prereq2.diff
fixes/storable-probing/disable-probing.diff
debian/perlbug-editor.diff
fixes/posix-mbrlen.diff
+fixes/CVE-2020-10543.diff
+fixes/CVE-2020-10878.diff
+fixes/CVE-2020-12723.diff
+fixes/io-socket-ip-nov4.diff
+fixes/posix-mb-sbuild-fix.diff
diff --git a/embed.fnc b/embed.fnc
index e762fe1eec..4b1ba28277 100644
--- a/embed.fnc
+++ b/embed.fnc
@@ -2476,7 +2476,8 @@ Es |SSize_t|study_chunk |NN RExC_state_t *pRExC_state \
|NULLOK struct scan_data_t *data \
|I32 stopparen|U32 recursed_depth \
|NULLOK regnode_ssc *and_withp \
- |U32 flags|U32 depth
+ |U32 flags|U32 depth|bool was_mutate_ok
+Es |void |rck_elide_nothing|NN regnode *node
EsR |SV * |get_ANYOFM_contents|NN const regnode * n
EsRn |U32 |add_data |NN RExC_state_t* const pRExC_state \
|NN const char* const s|const U32 n
diff --git a/embed.h b/embed.h
index a5416a1148..50fcabc140 100644
--- a/embed.h
+++ b/embed.h
@@ -1202,6 +1202,7 @@
#define output_or_return_posix_warnings(a,b,c) S_output_or_return_posix_warnings(aTHX_ a,b,c)
#define parse_lparen_question_flags(a) S_parse_lparen_question_flags(aTHX_ a)
#define populate_ANYOF_from_invlist(a,b) S_populate_ANYOF_from_invlist(aTHX_ a,b)
+#define rck_elide_nothing(a) S_rck_elide_nothing(aTHX_ a)
#define reg(a,b,c,d) S_reg(aTHX_ a,b,c,d)
#define reg2Lanode(a,b,c,d) S_reg2Lanode(aTHX_ a,b,c,d)
#define reg_node(a,b) S_reg_node(aTHX_ a,b)
@@ -1231,7 +1232,7 @@
#define ssc_is_cp_posixl_init S_ssc_is_cp_posixl_init
#define ssc_or(a,b,c) S_ssc_or(aTHX_ a,b,c)
#define ssc_union(a,b,c) S_ssc_union(aTHX_ a,b,c)
-#define study_chunk(a,b,c,d,e,f,g,h,i,j,k) S_study_chunk(aTHX_ a,b,c,d,e,f,g,h,i,j,k)
+#define study_chunk(a,b,c,d,e,f,g,h,i,j,k,l) S_study_chunk(aTHX_ a,b,c,d,e,f,g,h,i,j,k,l)
# endif
# if defined(PERL_IN_REGCOMP_C) || defined (PERL_IN_DUMP_C)
#define _invlist_dump(a,b,c,d) Perl__invlist_dump(aTHX_ a,b,c,d)
diff --git a/ext/POSIX/t/mb.t b/ext/POSIX/t/mb.t
index 961edf6cf2..cdd0808eee 100644
--- a/ext/POSIX/t/mb.t
+++ b/ext/POSIX/t/mb.t
@@ -33,9 +33,13 @@ SKIP: {
my $utf8_locale = find_utf8_ctype_locale();
skip("no utf8 locale available", 2) unless $utf8_locale;
+ # Here we need to influence LC_CTYPE, but it's not enough to just
+ # set this because LC_ALL could override it. It's also not enough
+ # to delete LC_ALL because it could be used to override other
+ # variables such as LANG in the underlying test environment.
+ # Continue to set LC_CTYPE just in case...
local $ENV{LC_CTYPE} = $utf8_locale;
- local $ENV{LC_ALL};
- delete $ENV{LC_ALL};
+ local $ENV{LC_ALL} = $utf8_locale;
fresh_perl_is(
'use POSIX; print &POSIX::mblen("\x{c3}\x{28}", &POSIX::MB_CUR_MAX)',
diff --git a/proto.h b/proto.h
index 66bb29b132..e276f69bd1 100644
--- a/proto.h
+++ b/proto.h
@@ -5485,6 +5485,9 @@ STATIC void S_parse_lparen_question_flags(pTHX_ RExC_state_t *pRExC_state);
STATIC void S_populate_ANYOF_from_invlist(pTHX_ regnode *node, SV** invlist_ptr);
#define PERL_ARGS_ASSERT_POPULATE_ANYOF_FROM_INVLIST \
assert(node); assert(invlist_ptr)
+STATIC void S_rck_elide_nothing(pTHX_ regnode *node);
+#define PERL_ARGS_ASSERT_RCK_ELIDE_NOTHING \
+ assert(node)
PERL_STATIC_NO_RET void S_re_croak2(pTHX_ bool utf8, const char* pat1, const char* pat2, ...)
__attribute__noreturn__;
#define PERL_ARGS_ASSERT_RE_CROAK2 \
@@ -5593,7 +5596,7 @@ PERL_STATIC_INLINE void S_ssc_union(pTHX_ regnode_ssc *ssc, SV* const invlist, c
#define PERL_ARGS_ASSERT_SSC_UNION \
assert(ssc); assert(invlist)
#endif
-STATIC SSize_t S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp, SSize_t *minlenp, SSize_t *deltap, regnode *last, struct scan_data_t *data, I32 stopparen, U32 recursed_depth, regnode_ssc *and_withp, U32 flags, U32 depth);
+STATIC SSize_t S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp, SSize_t *minlenp, SSize_t *deltap, regnode *last, struct scan_data_t *data, I32 stopparen, U32 recursed_depth, regnode_ssc *and_withp, U32 flags, U32 depth, bool was_mutate_ok);
#define PERL_ARGS_ASSERT_STUDY_CHUNK \
assert(pRExC_state); assert(scanp); assert(minlenp); assert(deltap); assert(last)
#endif
diff --git a/regcomp.c b/regcomp.c
index e1da15a77c..e66032a16a 100644
--- a/regcomp.c
+++ b/regcomp.c
@@ -110,6 +110,7 @@ typedef struct scan_frame {
regnode *next_regnode; /* next node to process when last is reached */
U32 prev_recursed_depth;
I32 stopparen; /* what stopparen do we use */
+ bool in_gosub; /* this or an outer frame is for GOSUB */
struct scan_frame *this_prev_frame; /* this previous frame */
struct scan_frame *prev_frame; /* previous frame */
@@ -4178,6 +4179,44 @@ S_unwind_scan_frames(pTHX_ const void *p)
} while (f);
}
+/* Follow the next-chain of the current node and optimize away
+ all the NOTHINGs from it.
+ */
+STATIC void
+S_rck_elide_nothing(pTHX_ regnode *node)
+{
+ dVAR;
+
+ PERL_ARGS_ASSERT_RCK_ELIDE_NOTHING;
+
+ if (OP(node) != CURLYX) {
+ const int max = (reg_off_by_arg[OP(node)]
+ ? I32_MAX
+ /* I32 may be smaller than U16 on CRAYs! */
+ : (I32_MAX < U16_MAX ? I32_MAX : U16_MAX));
+ int off = (reg_off_by_arg[OP(node)] ? ARG(node) : NEXT_OFF(node));
+ int noff;
+ regnode *n = node;
+
+ /* Skip NOTHING and LONGJMP. */
+ while (
+ (n = regnext(n))
+ && (
+ (PL_regkind[OP(n)] == NOTHING && (noff = NEXT_OFF(n)))
+ || ((OP(n) == LONGJMP) && (noff = ARG(n)))
+ )
+ && off + noff < max
+ ) {
+ off += noff;
+ }
+ if (reg_off_by_arg[OP(node)])
+ ARG(node) = off;
+ else
+ NEXT_OFF(node) = off;
+ }
+ return;
+}
+
/* the return from this sub is the minimum length that could possibly match */
STATIC SSize_t
S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
@@ -4187,7 +4226,7 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
I32 stopparen,
U32 recursed_depth,
regnode_ssc *and_withp,
- U32 flags, U32 depth)
+ U32 flags, U32 depth, bool was_mutate_ok)
/* scanp: Start here (read-write). */
/* deltap: Write maxlen-minlen here. */
/* last: Stop before this one. */
@@ -4265,6 +4304,10 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
node length to get a real minimum (because
the folded version may be shorter) */
bool unfolded_multi_char = FALSE;
+ /* avoid mutating ops if we are anywhere within the recursed or
+ * enframed handling for a GOSUB: the outermost level will handle it.
+ */
+ bool mutate_ok = was_mutate_ok && !(frame && frame->in_gosub);
/* Peephole optimizer: */
DEBUG_STUDYDATA("Peep", data, depth, is_inf);
DEBUG_PEEP("Peep", scan, depth, flags);
@@ -4275,30 +4318,13 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
* parsing code, as each (?:..) is handled by a different invocation of
* reg() -- Yves
*/
- JOIN_EXACT(scan,&min_subtract, &unfolded_multi_char, 0);
-
- /* Follow the next-chain of the current node and optimize
- away all the NOTHINGs from it. */
- if (OP(scan) != CURLYX) {
- const int max = (reg_off_by_arg[OP(scan)]
- ? I32_MAX
- /* I32 may be smaller than U16 on CRAYs! */
- : (I32_MAX < U16_MAX ? I32_MAX : U16_MAX));
- int off = (reg_off_by_arg[OP(scan)] ? ARG(scan) : NEXT_OFF(scan));
- int noff;
- regnode *n = scan;
-
- /* Skip NOTHING and LONGJMP. */
- while ((n = regnext(n))
- && ((PL_regkind[OP(n)] == NOTHING && (noff = NEXT_OFF(n)))
- || ((OP(n) == LONGJMP) && (noff = ARG(n))))
- && off + noff < max)
- off += noff;
- if (reg_off_by_arg[OP(scan)])
- ARG(scan) = off;
- else
- NEXT_OFF(scan) = off;
- }
+ if (mutate_ok)
+ JOIN_EXACT(scan,&min_subtract, &unfolded_multi_char, 0);
+
+ /* Follow the next-chain of the current node and optimize
+ away all the NOTHINGs from it.
+ */
+ rck_elide_nothing(scan);
/* The principal pseudo-switch. Cannot be a switch, since we
look into several different things. */
@@ -4325,7 +4351,7 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
/* DEFINEP study_chunk() recursion */
(void)study_chunk(pRExC_state, &scan, &minlen,
&deltanext, next, &data_fake, stopparen,
- recursed_depth, NULL, f, depth+1);
+ recursed_depth, NULL, f, depth+1, mutate_ok);
scan = next;
} else
@@ -4393,7 +4419,8 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
/* recurse study_chunk() for each BRANCH in an alternation */
minnext = study_chunk(pRExC_state, &scan, minlenp,
&deltanext, next, &data_fake, stopparen,
- recursed_depth, NULL, f,depth+1);
+ recursed_depth, NULL, f, depth+1,
+ mutate_ok);
if (min1 > minnext)
min1 = minnext;
@@ -4460,9 +4487,10 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
}
}
- if (PERL_ENABLE_TRIE_OPTIMISATION &&
- OP( startbranch ) == BRANCH )
- {
+ if (PERL_ENABLE_TRIE_OPTIMISATION
+ && OP(startbranch) == BRANCH
+ && mutate_ok
+ ) {
/* demq.
Assuming this was/is a branch we are dealing with: 'scan'
@@ -4913,6 +4941,9 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
newframe->stopparen = stopparen;
newframe->prev_recursed_depth = recursed_depth;
newframe->this_prev_frame= frame;
+ newframe->in_gosub = (
+ (frame && frame->in_gosub) || OP(scan) == GOSUB
+ );
DEBUG_STUDYDATA("frame-new", data, depth, is_inf);
DEBUG_PEEP("fnew", scan, depth, flags);
@@ -5133,7 +5164,7 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
(mincount == 0
? (f & ~SCF_DO_SUBSTR)
: f)
- ,depth+1);
+ , depth+1, mutate_ok);
if (flags & SCF_DO_STCLASS)
data->start_class = oclass;
@@ -5181,6 +5212,12 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
(void)ReREFCNT_inc(RExC_rx_sv);
}
+ if ( ( minnext > 0 && mincount >= SSize_t_MAX / minnext )
+ || min >= SSize_t_MAX - minnext * mincount )
+ {
+ FAIL("Regexp out of space");
+ }
+
min += minnext * mincount;
is_inf_internal |= deltanext == SSize_t_MAX
|| (maxcount == REG_INFTY && minnext + deltanext > 0);
@@ -5195,7 +5232,9 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
if ( OP(oscan) == CURLYX && data
&& data->flags & SF_IN_PAR
&& !(data->flags & SF_HAS_EVAL)
- && !deltanext && minnext == 1 ) {
+ && !deltanext && minnext == 1
+ && mutate_ok
+ ) {
/* Try to optimize to CURLYN. */
regnode *nxt = NEXTOPER(oscan) + EXTRA_STEP_2ARGS;
regnode * const nxt1 = nxt;
@@ -5241,10 +5280,10 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
&& !(data->flags & SF_HAS_EVAL)
&& !deltanext /* atom is fixed width */
&& minnext != 0 /* CURLYM can't handle zero width */
-
/* Nor characters whose fold at run-time may be
* multi-character */
&& ! (RExC_seen & REG_UNFOLDED_MULTI_SEEN)
+ && mutate_ok
) {
/* XXXX How to optimize if data == 0? */
/* Optimize to a simpler form. */
@@ -5292,7 +5331,8 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
/* Optimize again: */
/* recurse study_chunk() on optimised CURLYX => CURLYM */
study_chunk(pRExC_state, &nxt1, minlenp, &deltanext, nxt,
- NULL, stopparen, recursed_depth, NULL, 0,depth+1);
+ NULL, stopparen, recursed_depth, NULL, 0,
+ depth+1, mutate_ok);
}
else
oscan->flags = 0;
@@ -5419,11 +5459,7 @@ Perl_re_printf( aTHX_ "LHS=%" UVuf " RHS=%" UVuf "\n",
if (data && (fl & SF_HAS_EVAL))
data->flags |= SF_HAS_EVAL;
optimize_curly_tail:
- if (OP(oscan) != CURLYX) {
- while (PL_regkind[OP(next = regnext(oscan))] == NOTHING
- && NEXT_OFF(next))
- NEXT_OFF(oscan) += NEXT_OFF(next);
- }
+ rck_elide_nothing(oscan);
continue;
default:
@@ -5713,7 +5749,8 @@ Perl_re_printf( aTHX_ "LHS=%" UVuf " RHS=%" UVuf "\n",
/* recurse study_chunk() for lookahead body */
minnext = study_chunk(pRExC_state, &nscan, minlenp, &deltanext,
last, &data_fake, stopparen,
- recursed_depth, NULL, f, depth+1);
+ recursed_depth, NULL, f, depth+1,
+ mutate_ok);
if (scan->flags) {
if (deltanext) {
FAIL("Variable length lookbehind not implemented");
@@ -5805,7 +5842,7 @@ Perl_re_printf( aTHX_ "LHS=%" UVuf " RHS=%" UVuf "\n",
*minnextp = study_chunk(pRExC_state, &nscan, minnextp,
&deltanext, last, &data_fake,
stopparen, recursed_depth, NULL,
- f,depth+1);
+ f, depth+1, mutate_ok);
if (scan->flags) {
if (deltanext) {
FAIL("Variable length lookbehind not implemented");
@@ -5966,7 +6003,8 @@ Perl_re_printf( aTHX_ "LHS=%" UVuf " RHS=%" UVuf "\n",
/* optimise study_chunk() for TRIE */
minnext = study_chunk(pRExC_state, &scan, minlenp,
&deltanext, (regnode *)nextbranch, &data_fake,
- stopparen, recursed_depth, NULL, f,depth+1);
+ stopparen, recursed_depth, NULL, f, depth+1,
+ mutate_ok);
}
if (nextbranch && PL_regkind[OP(nextbranch)]==BRANCH)
nextbranch= regnext((regnode*)nextbranch);
@@ -7651,7 +7689,7 @@ Perl_re_op_compile(pTHX_ SV ** const patternp, int pat_count,
&data, -1, 0, NULL,
SCF_DO_SUBSTR | SCF_WHILEM_VISITED_POS | stclass_flag
| (restudied ? SCF_TRIE_DOING_RESTUDY : 0),
- 0);
+ 0, TRUE);
CHECK_RESTUDY_GOTO_butfirst(LEAVE_with_name("study_chunk"));
@@ -7780,7 +7818,7 @@ Perl_re_op_compile(pTHX_ SV ** const patternp, int pat_count,
SCF_DO_STCLASS_AND|SCF_WHILEM_VISITED_POS|(restudied
? SCF_TRIE_DOING_RESTUDY
: 0),
- 0);
+ 0, TRUE);
CHECK_RESTUDY_GOTO_butfirst(NOOP);
diff --git a/t/re/pat.t b/t/re/pat.t
index 1d98fe77d7..1488259b02 100644
--- a/t/re/pat.t
+++ b/t/re/pat.t
@@ -23,7 +23,7 @@ BEGIN {
skip_all('no re module') unless defined &DynaLoader::boot_DynaLoader;
skip_all_without_unicode_tables();
-plan tests => 848; # Update this when adding/deleting tests.
+plan tests => 852; # Update this when adding/deleting tests.
run_tests() unless caller;
@@ -1948,6 +1948,30 @@ EOP
fresh_perl_is('m m0*0+\Rm', "",{},"Undefined behavior in address sanitizer");
}
+ # gh16947: test regexp corruption (GOSUB)
+ {
+ fresh_perl_is(q{
+ 'xy' =~ /x(?0)|x(?|y|y)/ && print 'ok'
+ }, 'ok', {}, 'gh16947: test regexp corruption (GOSUB)');
+ }
+ # gh16947: test fix doesn't break SUSPEND
+ {
+ fresh_perl_is(q{ 'sx' =~ m{ss++}i; print 'ok' },
+ 'ok', {}, "gh16947: test fix doesn't break SUSPEND");
+ }
+
+ # gh17743: more regexp corruption via GOSUB
+ {
+ fresh_perl_is(q{
+ "0" =~ /((0(?0)|000(?|0000|0000)(?0))|)/; print "ok"
+ }, 'ok', {}, 'gh17743: test regexp corruption (1)');
+
+ fresh_perl_is(q{
+ "000000000000" =~ /(0(())(0((?0)())|000(?|\x{ef}\x{bf}\x{bd}|\x{ef}\x{bf}\x{bd}))|)/;
+ print "ok"
+ }, 'ok', {}, 'gh17743: test regexp corruption (2)');
+ }
+
} # End of sub run_tests
1;
--- End Message ---