Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
patchinfo.5984
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.5984
<patchinfo incident="5984"> <issue id="1057724" tracker="bnc">VUL-0: CVE-2017-12837: perl: Heap Heap overflow when compiling case-insensitive regexpoverflow when compiling case-insensitive regexp</issue> <issue id="1047178" tracker="bnc">VUL-0: CVE-2017-6512 perl: File::Path rmtree/remove_tree race condition</issue> <issue id="999735" tracker="bnc">Perl 5.18.2 has buggy @- support</issue> <issue id="1057721" tracker="bnc">VUL-0: CVE-2017-12883: perl: Buffer over-read in lookup</issue> <issue id="2017-12837" tracker="cve" /> <issue id="2017-12883" tracker="cve" /> <issue id="2017-6512" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>mlschroe</packager> <description>This update for perl fixes the following issues: Security issues fixed: - CVE-2017-12837: Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service (out-of-bounds write) via a regular expression with a '\N{}' escape and the case-insensitive modifier. (bnc#1057724) - CVE-2017-12883: Buffer overflow in the S_grok_bslash_N function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to disclose sensitive information or cause a denial of service (application crash) via a crafted regular expression with an invalid '\N{U+...}' escape. (bnc#1057721) - CVE-2017-6512: Race condition in the rmtree and remove_tree functions in the File-Path module before 2.13 for Perl allows attackers to set the mode on arbitrary files via vectors involving directory-permission loosening logic. (bnc#1047178) Bug fixes: - backport set_capture_string changes from upstream (bsc#999735) - reformat baselibs.conf as source validator workaround </description> <summary>Security update for perl</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor