#acl PaulHowarth:read,write,admin,revert,delete All:read === Thursday 17th August 2017 === ==== Local Packages ==== * Updated `perl-DBI` to 1.637: * Fix use of externally controlled format string ([[https://cwe.mitre.org/data/definitions/134.html|CWE-134]]) (GH#44); this could cause a crash if, for example, a db error contained a `%` * Fix extension detection for `DBD::File` related drivers * Fix tests for perl without dot in `@INC` ([[CPAN:120443|CPAN RT#120443]]) * Fix loss of error message on parent handle ([[https://github.com/perl5-dbi/dbi/pull/34|GH#34]]) * Fix disappearing `$_` inside callbacks ([[https://github.com/perl5-dbi/dbi/pull/47|GH#47]]) * Allow objects to be used as passwords without throwing an error ([[https://github.com/perl5-dbi/dbi/pull/40|GH#40]]) * Allow `$sth NAME_*` attributes to be set from Perl code ([[https://github.com/perl5-dbi/dbi/pull/45|GH#45]]) * Added support for `DBD::XMLSimple` ([[https://github.com/perl5-dbi/dbi/pull/38|GH#38]]) * Documentation updates: * Improve examples using `eval` to be more correct ([[https://github.com/perl5-dbi/dbi/pull/39|GH#39]]) * Add cautionary note to `prepare_cached` docs re refs in `%attr` ([[https://github.com/perl5-dbi/dbi/issues/46|GH#46]]) * Small POD changes (`Getting Help -> Online`) ([[https://github.com/perl5-dbi/dbi/issues/33|GH#33]]) * Add links to more module names and fix typo ([[https://github.com/perl5-dbi/dbi/issues/43|GH#43]]) * Typo fix ([[https://github.com/perl5-dbi/dbi/pull/37|GH#37]]) * Updated `perl-JSON-XS` to 3.04: * Change exponential `realloc` algorithm on encoding and string decoding to be really exponential (this helps slow/debugging allocators such as `libumem`) * String encoding would needlessly over-allocate output space * Be very paranoid about extending buffer lengths and croak if buffers get too large, which might (or might not) improve security * Add `cbor-packed` type to `json_xs` * Switch from `YAML` to `YAML::XS` in `json_xs`, as `YAML` is way too buggy and outdated * Updated `perl-Text-Diff` to 1.45: * Typo fixed in documentation ([[CPAN:112564|CPAN RT#112564]]) * Documentation improvements ([[https://github.com/neilb/Text-Diff/pull/2|GH#2]]) ----