RHBA-2012:0199 - Bug Fix Advisory

Topic

Updated perl packages that fix several bugs are now available for Red Hat
Enterprise Linux 5.

Description

Perl is a high-level programming language commonly used for system
administration utilities and web programming.

This update fixes the following bugs:

• Due to an error in the threads module, memory was leaked each time a thread

was detached. Over time, this could cause long-running threaded Perl programs to
consume a significant amount of memory. With this update, a patch has been
applied to ensure the allocated memory is properly freed when a thread is
detached, and using threads in Perl applications no longer causes memory leaks.
(BZ#548249)

• If the "-default" parameter contained a plus sign ("+"), the CGI::popup_menu()

method failed to generate valid HTML code and the closing tag of a paired tag
was sometimes missing. The regular expression that contributes the HTML code in
such scenarios has been fixed and the closing tag is now always present.
(BZ#523827)

• Previously, joining or undefining a thread variable in a Perl script resulted

in the following error message: "Attempt to free unreferenced scalar: SV
0x7b7dcb0, Perl interpreter: 0x7b4cfb0 during global destruction." A backported
upstream patch has been provided and the internal error is no longer returned in
the described scenario. (BZ#537777)

• Previously, the CGI::popup_menu() method generated invalid HTML code; a space

character was sometimes missing between two attributes of a tag. With this
update, the regular expression responsible for generating such code has been
fixed and the space characters are now properly generated in the described
scenario. (BZ#590644)

• When threads were being rapidly created and detached on a multi-processor

system with Perl, a variety of unexpected terminations occurred as a result.
With this update, the threads module has been updated to version 1.79 and the
crashes no longer occur. (BZ#675863)

• Previously, the NDBM_File module was missing in Perl packages and Perl could

not provide support for NDBM files. With this update, NDBM_File has been added
back to the Perl RPM packages. (BZ#593752)

• Previously, string evaluation in Perl threads sometimes resulted in an

unexpected termination of the process. To partially fix this bug, handling of
these strings has been moved to non-threaded variables. The update of the
threads module to version 1.79 also contributed to the fix of this bug. Now, the
crashes no longer occur in the described scenario. (BZ#676050)

• Due to a missing definition in Unicode table 4.0, Perl did not recognize the

small letter Palochka (U+04cf). With this update, the Unicode table has been
updated to version 5.0.1 and Palochka letters are now supported in Perl.
(BZ#621542)

• When two nested loops were using the same iterator, the interpreter tried to

double-free the iterator, resulting in a warning. Moreover, referring such an
iterator caused the "Attempt to free unreferenced scalar" run-time error message
to be returned. A backported patch from Perl 5.10.1 has been applied to handle
shared iterators properly and no warnings or error messages are now returned in
the described scenario. (BZ#625746)

• Previously, the value of a variable used for string evaluation was too small.

Consequently, a large number of string evaluations made the interpreter return
syntax error messages. Now, the variable for storing strings is using a bigger
value and the error messages are no longer returned in the described scenario.
(BZ#676547)

Users of perl are advised to upgrade to these updated packages, which fix these
bugs.

Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

Affected Products

• Red Hat Enterprise Linux Server 5 x86_64
• Red Hat Enterprise Linux Server 5 ia64
• Red Hat Enterprise Linux Server 5 i386
• Red Hat Enterprise Linux Workstation 5 x86_64
• Red Hat Enterprise Linux Workstation 5 i386
• Red Hat Enterprise Linux Desktop 5 x86_64
• Red Hat Enterprise Linux Desktop 5 i386
• Red Hat Enterprise Linux for IBM z Systems 5 s390x
• Red Hat Enterprise Linux for Power, big endian 5 ppc
• Red Hat Enterprise Linux Server from RHUI 5 x86_64
• Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

• BZ - 523827 - CGI.pm popup_menu if optgroup, $selected is not properly escaped.
• BZ - 537777 - 'Attempt to free unreferenced scalar' when running a perl program with threads
• BZ - 548249 - Perl threads leak memory when detached
• BZ - 590644 - CGI.pm popup_menu produces invalid HTML
• BZ - 621542 - perl does not recognize small letter palochka
• BZ - 625746 - Perl gives the error 'Attempt to free unreferenced scalar' with nested foreach loops using the same variable
• BZ - 675863 - memory corruption with perl threads
• BZ - 676050 - perl threads crash on string evals
• BZ - 676547 - Large number of string evals makes interpreter emit syntax error [perl #83364]

CVEs

(none)

References

(none)