Overview

File _patchinfo of Package patchinfo.9533

<patchinfo incident="9533">
  <issue tracker="bnc" id="1114675">VUL-0: EMBARGOED: CVE-2018-18312: perl: Heap-buffer-overflow write / reg_node overrun</issue>
  <issue tracker="bnc" id="1114674">VUL-1: EMBARGOED:  CVE-2018-18311: perl: environment overflow</issue>
  <issue tracker="bnc" id="1114686">VUL-1: EMBARGOED: CVE-2018-18314: perl: Heap-based buffer overflow in regex</issue>
  <issue tracker="bnc" id="1114681">VUL-1: EMBARGOED: CVE-2018-18313: perl: Heap-buffer-overflow read</issue>
  <issue tracker="cve" id="2018-18311"/>
  <issue tracker="cve" id="2018-18313"/>
  <issue tracker="cve" id="2018-18312"/>
  <issue tracker="cve" id="2018-18314"/>
  <category>security</category>
  <rating>moderate</rating>
  <packager>mlschroe</packager>
  <description>This update for perl fixes the following issues:

Secuirty issues fixed:

- CVE-2018-18311: Fixed integer overflow with oversize environment (bsc#1114674).
- CVE-2018-18312: Fixed heap-buffer-overflow write / reg_node overrun (bsc#1114675).
- CVE-2018-18313: Fixed heap-buffer-overflow read if regex contains \0 chars (bsc#1114681).
- CVE-2018-18314: Fixed heap-buffer-overflow in regex (bsc#1114686).
</description>
  <summary>Security update for perl</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places