perl-5.40.2

Security Advisories (1)

CVE-2025-40909 (2025-05-30)

Perl threads have a working directory race condition where file operations may target unintended paths. If a directory handle is open at thread creation, the process-wide current working directory is temporarily changed in order to clone that handle for the new thread, which is visible from any third (or more) thread already running. This may lead to unintended operations such as loading code or accessing files from unexpected locations, which a local attacker may be able to exploit. The bug was introduced in commit 11a11ecf4bea72b17d250cfb43c897be1341861e and released in Perl version 5.13.6

Even if you have a sub q{}, calling q() will be parsed as the q() operator. Calling &q() or main::q() gets you the function. This test verifies this behavior for nine different operators.

from irc://irc.perl.org/p5p 2004/08/12

<kane-xs>  bug or feature?
<purl>     You decide!!!!
<kane-xs>  [kane@coke ~]$ perlc -le'sub y{1};y(1)'
<kane-xs>  Transliteration replacement not terminated at -e line 1.
<Nicholas> bug I think
<kane-xs>  i'll perlbug
<rgs>      feature
<kane-xs>  smiles at rgs
<kane-xs>  done
<rgs>      will be closed at not a bug,
<rgs>      like the previous reports of this one
<Nicholas> feature being first class and second class keywords?
<rgs>      you have similar ones with q, qq, qr, qx, tr, s and m
<rgs>      one could say 1st class keywords, yes
<rgs>      and I forgot qw
<kane-xs>  hmm silly...
<Nicholas> it's acutally operators, isn't it?
<Nicholas> as in you can't call a subroutine with the same name as an
           operator unless you have the & ?
<kane-xs>  or fqpn (fully qualified package name)
<kane-xs>  main::y() works just fine
<kane-xs>  as does &y; but not y()
<Andy>     If that's a feature, then let's write a test that it continues
           to work like that.

To install less, copy and paste the appropriate command in to your terminal.

cpanm

cpanm less

CPAN shell

perl -MCPAN -e shell
install less

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	Go to GitHub issues (only if GitHub is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)

Module Install Instructions

Keyboard Shortcuts