/ 
Perl6-Pugs-6.2.6
/ ext::Date::README
Security Advisories (11)
CVE-2006-7230 (2007-11-15)

Perl-Compatible Regular Expression (PCRE) library before 7.0 does not properly calculate the amount of memory needed for a compiled regular expression pattern when the (1) -x or (2) -i UTF-8 options change within the pattern, which allows context-dependent attackers to cause a denial of service (PCRE or glibc crash) via crafted regular expressions.

CVE-2007-1660 (2007-11-07)

Perl-Compatible Regular Expression (PCRE) library before 7.0 does not properly calculate sizes for unspecified "multiple forms of character class", which triggers a buffer overflow that allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code.

CVE-2007-1659 (2007-11-07)

Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via regex patterns containing unmatched "\Q\E" sequences with orphan "\E" codes.

CVE-2007-1661 (2007-11-07)

Perl-Compatible Regular Expression (PCRE) library before 7.3 backtracks too far when matching certain input bytes against some regex patterns in non-UTF-8 mode, which allows context-dependent attackers to obtain sensitive information or cause a denial of service (crash), as demonstrated by the "\X?\d" and "\P{L}?\d" patterns.

CVE-2007-1662 (2007-11-07)

Perl-Compatible Regular Expression (PCRE) library before 7.3 reads past the end of the string when searching for unmatched brackets and parentheses, which allows context-dependent attackers to cause a denial of service (crash), possibly involving forward references.

CVE-2007-4766 (2007-11-07)

Multiple integer overflows in Perl-Compatible Regular Expression (PCRE) library before 7.3 allow context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via unspecified escape (backslash) sequences.

CVE-2007-4767 (2007-11-07)

Perl-Compatible Regular Expression (PCRE) library before 7.3 does not properly compute the length of (1) a \p sequence, (2) a \P sequence, or (3) a \P{x} sequence, which allows context-dependent attackers to cause a denial of service (infinite loop or crash) or execute arbitrary code.

CVE-2007-4768 (2007-11-07)

Heap-based buffer overflow in Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to execute arbitrary code via a singleton Unicode sequence in a character class in a regex pattern, which is incorrectly optimized.

CVE-2015-2325 (2020-01-14)

The compile_branch function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code, cause a denial of service (out-of-bounds heap read and crash), or possibly have other unspecified impact via a regular expression with a group containing a forward reference repeated a large number of times within a repeated outer group that has a zero minimum quantifier.

CVE-2015-2326 (2020-01-14)

The pcre_compile2 function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code and cause a denial of service (out-of-bounds read) via regular expression with a group containing both a forward referencing subroutine call and a recursive back reference, as demonstrated by "((?+1)(\1))/".

CVE-2015-8382 (2015-12-02)

The match function in pcre_exec.c in PCRE before 8.37 mishandles the /(?:((abcd))|(((?:(?:(?:(?:abc|(?:abcdef))))b)abcdefghi)abc)|((*ACCEPT)))/ pattern and related patterns involving (*ACCEPT), which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (partially initialized memory and application crash) via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, aka ZDI-CAN-2547.

README for Date

This module is for packages relating to Dates.

ROLES

Date

The basic "Date" role defines operations applicable to points in time which are of no specific calendar, and deal in abstract times without enforcing a particular base unit or frame of reference.

However, pragmatically all Date modules should be able to convert to and from either Perl epoch seconds or Unix epoch seconds.

Duration

The "Duration" role is similar, but for referring to either the distance between two particular dates, or for calendars which such intervals two dates can be reasonably said to be not related to the date which they refer to, may be "floating" durations of some unit. They may also refer to generic units which do not apply a uniform length of time (by other measures) until they are applied to a particular Date.

That is the plan - in order to be sure that the above roles are truly abstracted from the calendars that they represent, a range of calendars will first be implemented. This will hopefully early on include access to the excellent but bulky DateTime framework.

ROLE IMPLEMENATIONS

Date::Gregorian

The "Date::Gregorian" module, based on the Perl 5 Class::Date, represents dates on the Gregorian calendar. It parses ISO-8601 dates "out of the box", and is very lightweight and pragmatic.

Duration::Gregorian

The "Date::Gregorian" module, based on the Perl 5 Class::Date::Rel, represents dates on the Gregorian calendar. It parses ISO-8601 intervals "out of the box".

DateTime

(planned)

A subclass of Date::Gregorian that is a direct port of the DateTime framework to Perl 6, probably initially using perl5embed.

DateTime::Duration

(planned)

A subclass of Duration::Gregorian that is where DateTime::Duration lives.

Date::Chinese

(planned)

Dates on the Chinese calendar, implemented from first principles. ie, its basic units are lunar months etc :-). It should closely correspond to DateTime::Calendar::Chinese.

Duration::Chinese

(planned)

Durations on the Chinese calendar.