Описание
ELSA-2025-7500: perl security update (IMPORTANT)
[4:5.40.2-512.1]
- 5.40.2 bump (see https://metacpan.org/release/SHAY/perl-5.40.2/view/pod/perldelta.pod)
- Resolves: RHEL-87186
Обновленные пакеты
Oracle Linux 10
Oracle Linux aarch64
perl
5.40.2-512.1.el10_0
perl-Attribute-Handlers
1.03-512.1.el10_0
perl-AutoLoader
5.74-512.1.el10_0
perl-AutoSplit
5.74-512.1.el10_0
perl-B
1.89-512.1.el10_0
perl-Benchmark
1.25-512.1.el10_0
perl-Class-Struct
0.68-512.1.el10_0
perl-Config-Extensions
0.03-512.1.el10_0
perl-DBM_Filter
0.06-512.1.el10_0
perl-Devel-Peek
1.34-512.1.el10_0
perl-Devel-SelfStubber
1.06-512.1.el10_0
perl-DirHandle
1.05-512.1.el10_0
perl-Dumpvalue
2.27-512.1.el10_0
perl-DynaLoader
1.56-512.1.el10_0
perl-English
1.11-512.1.el10_0
perl-Errno
1.38-512.1.el10_0
perl-ExtUtils-Constant
0.25-512.1.el10_0
perl-ExtUtils-Embed
1.35-512.1.el10_0
perl-ExtUtils-Miniperl
1.14-512.1.el10_0
perl-Fcntl
1.18-512.1.el10_0
perl-File-Basename
2.86-512.1.el10_0
perl-File-Compare
1.100.800-512.1.el10_0
perl-File-Copy
2.41-512.1.el10_0
perl-File-DosGlob
1.12-512.1.el10_0
perl-File-Find
1.44-512.1.el10_0
perl-File-stat
1.14-512.1.el10_0
perl-FileCache
1.10-512.1.el10_0
perl-FileHandle
2.05-512.1.el10_0
perl-FindBin
1.54-512.1.el10_0
perl-GDBM_File
1.24-512.1.el10_0
perl-Getopt-Std
1.14-512.1.el10_0
perl-Hash-Util
0.32-512.1.el10_0
perl-Hash-Util-FieldHash
1.27-512.1.el10_0
perl-I18N-Collate
1.02-512.1.el10_0
perl-I18N-LangTags
0.45-512.1.el10_0
perl-I18N-Langinfo
0.24-512.1.el10_0
perl-IO
1.55-512.1.el10_0
perl-IPC-Open3
1.22-512.1.el10_0
perl-Locale-Maketext-Simple
0.21-512.1.el10_0
perl-Math-Complex
1.62-512.1.el10_0
perl-Memoize
1.16-512.1.el10_0
perl-Module-Loaded
0.08-512.1.el10_0
perl-NDBM_File
1.17-512.1.el10_0
perl-NEXT
0.69-512.1.el10_0
perl-Net
1.04-512.1.el10_0
perl-ODBM_File
1.18-512.1.el10_0
perl-Opcode
1.65-512.1.el10_0
perl-POSIX
2.20-512.1.el10_0
perl-Pod-Functions
1.14-512.1.el10_0
perl-Pod-Html
1.35-512.1.el10_0
perl-Safe
2.46-512.1.el10_0
perl-Search-Dict
1.07-512.1.el10_0
perl-SelectSaver
1.02-512.1.el10_0
perl-SelfLoader
1.27-512.1.el10_0
perl-Symbol
1.09-512.1.el10_0
perl-Sys-Hostname
1.25-512.1.el10_0
perl-Term-Complete
1.403-512.1.el10_0
perl-Term-ReadLine
1.17-512.1.el10_0
perl-Test
1.31-512.1.el10_0
perl-Text-Abbrev
1.02-512.1.el10_0
perl-Thread
3.05-512.1.el10_0
perl-Thread-Semaphore
2.13-512.1.el10_0
perl-Tie
4.6-512.1.el10_0
perl-Tie-File
1.09-512.1.el10_0
perl-Tie-Memoize
1.1-512.1.el10_0
perl-Time
1.04-512.1.el10_0
perl-Time-Piece
1.3401-512.1.el10_0
perl-Unicode-UCD
0.78-512.1.el10_0
perl-User-pwent
1.05-512.1.el10_0
perl-autouse
1.11-512.1.el10_0
perl-base
2.27-512.1.el10_0
perl-blib
1.07-512.1.el10_0
perl-debugger
1.60-512.1.el10_0
perl-deprecate
0.04-512.1.el10_0
perl-devel
5.40.2-512.1.el10_0
perl-diagnostics
1.40-512.1.el10_0
perl-doc
5.40.2-512.1.el10_0
perl-encoding-warnings
0.14-512.1.el10_0
perl-fields
2.27-512.1.el10_0
perl-filetest
1.03-512.1.el10_0
perl-if
0.61.000-512.1.el10_0
perl-interpreter
5.40.2-512.1.el10_0
perl-less
0.03-512.1.el10_0
perl-lib
0.65-512.1.el10_0
perl-libnetcfg
5.40.2-512.1.el10_0
perl-libs
5.40.2-512.1.el10_0
perl-locale
1.12-512.1.el10_0
perl-macros
5.40.2-512.1.el10_0
perl-meta-notation
5.40.2-512.1.el10_0
perl-mro
1.29-512.1.el10_0
perl-open
1.13-512.1.el10_0
perl-overload
1.37-512.1.el10_0
perl-overloading
0.02-512.1.el10_0
perl-ph
5.40.2-512.1.el10_0
perl-sigtrap
1.10-512.1.el10_0
perl-sort
2.05-512.1.el10_0
perl-subs
1.04-512.1.el10_0
perl-utils
5.40.2-512.1.el10_0
perl-vars
1.05-512.1.el10_0
perl-vmsish
1.04-512.1.el10_0
Oracle Linux x86_64
perl
5.40.2-512.1.el10_0
perl-Attribute-Handlers
1.03-512.1.el10_0
perl-AutoLoader
5.74-512.1.el10_0
perl-AutoSplit
5.74-512.1.el10_0
perl-B
1.89-512.1.el10_0
perl-Benchmark
1.25-512.1.el10_0
perl-Class-Struct
0.68-512.1.el10_0
perl-Config-Extensions
0.03-512.1.el10_0
perl-DBM_Filter
0.06-512.1.el10_0
perl-Devel-Peek
1.34-512.1.el10_0
perl-Devel-SelfStubber
1.06-512.1.el10_0
perl-DirHandle
1.05-512.1.el10_0
perl-Dumpvalue
2.27-512.1.el10_0
perl-DynaLoader
1.56-512.1.el10_0
perl-English
1.11-512.1.el10_0
perl-Errno
1.38-512.1.el10_0
perl-ExtUtils-Constant
0.25-512.1.el10_0
perl-ExtUtils-Embed
1.35-512.1.el10_0
perl-ExtUtils-Miniperl
1.14-512.1.el10_0
perl-Fcntl
1.18-512.1.el10_0
perl-File-Basename
2.86-512.1.el10_0
perl-File-Compare
1.100.800-512.1.el10_0
perl-File-Copy
2.41-512.1.el10_0
perl-File-DosGlob
1.12-512.1.el10_0
perl-File-Find
1.44-512.1.el10_0
perl-File-stat
1.14-512.1.el10_0
perl-FileCache
1.10-512.1.el10_0
perl-FileHandle
2.05-512.1.el10_0
perl-FindBin
1.54-512.1.el10_0
perl-GDBM_File
1.24-512.1.el10_0
perl-Getopt-Std
1.14-512.1.el10_0
perl-Hash-Util
0.32-512.1.el10_0
perl-Hash-Util-FieldHash
1.27-512.1.el10_0
perl-I18N-Collate
1.02-512.1.el10_0
perl-I18N-LangTags
0.45-512.1.el10_0
perl-I18N-Langinfo
0.24-512.1.el10_0
perl-IO
1.55-512.1.el10_0
perl-IPC-Open3
1.22-512.1.el10_0
perl-Locale-Maketext-Simple
0.21-512.1.el10_0
perl-Math-Complex
1.62-512.1.el10_0
perl-Memoize
1.16-512.1.el10_0
perl-Module-Loaded
0.08-512.1.el10_0
perl-NDBM_File
1.17-512.1.el10_0
perl-NEXT
0.69-512.1.el10_0
perl-Net
1.04-512.1.el10_0
perl-ODBM_File
1.18-512.1.el10_0
perl-Opcode
1.65-512.1.el10_0
perl-POSIX
2.20-512.1.el10_0
perl-Pod-Functions
1.14-512.1.el10_0
perl-Pod-Html
1.35-512.1.el10_0
perl-Safe
2.46-512.1.el10_0
perl-Search-Dict
1.07-512.1.el10_0
perl-SelectSaver
1.02-512.1.el10_0
perl-SelfLoader
1.27-512.1.el10_0
perl-Symbol
1.09-512.1.el10_0
perl-Sys-Hostname
1.25-512.1.el10_0
perl-Term-Complete
1.403-512.1.el10_0
perl-Term-ReadLine
1.17-512.1.el10_0
perl-Test
1.31-512.1.el10_0
perl-Text-Abbrev
1.02-512.1.el10_0
perl-Thread
3.05-512.1.el10_0
perl-Thread-Semaphore
2.13-512.1.el10_0
perl-Tie
4.6-512.1.el10_0
perl-Tie-File
1.09-512.1.el10_0
perl-Tie-Memoize
1.1-512.1.el10_0
perl-Time
1.04-512.1.el10_0
perl-Time-Piece
1.3401-512.1.el10_0
perl-Unicode-UCD
0.78-512.1.el10_0
perl-User-pwent
1.05-512.1.el10_0
perl-autouse
1.11-512.1.el10_0
perl-base
2.27-512.1.el10_0
perl-blib
1.07-512.1.el10_0
perl-debugger
1.60-512.1.el10_0
perl-deprecate
0.04-512.1.el10_0
perl-devel
5.40.2-512.1.el10_0
perl-diagnostics
1.40-512.1.el10_0
perl-doc
5.40.2-512.1.el10_0
perl-encoding-warnings
0.14-512.1.el10_0
perl-fields
2.27-512.1.el10_0
perl-filetest
1.03-512.1.el10_0
perl-if
0.61.000-512.1.el10_0
perl-interpreter
5.40.2-512.1.el10_0
perl-less
0.03-512.1.el10_0
perl-lib
0.65-512.1.el10_0
perl-libnetcfg
5.40.2-512.1.el10_0
perl-libs
5.40.2-512.1.el10_0
perl-locale
1.12-512.1.el10_0
perl-macros
5.40.2-512.1.el10_0
perl-meta-notation
5.40.2-512.1.el10_0
perl-mro
1.29-512.1.el10_0
perl-open
1.13-512.1.el10_0
perl-overload
1.37-512.1.el10_0
perl-overloading
0.02-512.1.el10_0
perl-ph
5.40.2-512.1.el10_0
perl-sigtrap
1.10-512.1.el10_0
perl-sort
2.05-512.1.el10_0
perl-subs
1.04-512.1.el10_0
perl-utils
5.40.2-512.1.el10_0
perl-vars
1.05-512.1.el10_0
perl-vmsish
1.04-512.1.el10_0
Связанные CVE
Связанные уязвимости
A heap buffer overflow vulnerability was discovered in Perl. Release branches 5.34, 5.36, 5.38 and 5.40 are affected, including development versions from 5.33.1 through 5.41.10. When there are non-ASCII bytes in the left-hand-side of the `tr` operator, `S_do_trans_invmap` can overflow the destination pointer `d`. $ perl -e '$_ = "\x{FF}" x 1000000; tr/\xFF/\x{100}/;' Segmentation fault (core dumped) It is believed that this vulnerability can enable Denial of Service and possibly Code Execution attacks on platforms that lack sufficient defenses.
A heap buffer overflow vulnerability was discovered in Perl. Release branches 5.34, 5.36, 5.38 and 5.40 are affected, including development versions from 5.33.1 through 5.41.10. When there are non-ASCII bytes in the left-hand-side of the `tr` operator, `S_do_trans_invmap` can overflow the destination pointer `d`. $ perl -e '$_ = "\x{FF}" x 1000000; tr/\xFF/\x{100}/;' Segmentation fault (core dumped) It is believed that this vulnerability can enable Denial of Service and possibly Code Execution attacks on platforms that lack sufficient defenses.
A heap buffer overflow vulnerability was discovered in Perl. Release branches 5.34, 5.36, 5.38 and 5.40 are affected, including development versions from 5.33.1 through 5.41.10. When there are non-ASCII bytes in the left-hand-side of the `tr` operator, `S_do_trans_invmap` can overflow the destination pointer `d`. $ perl -e '$_ = "\x{FF}" x 1000000; tr/\xFF/\x{100}/;' Segmentation fault (core dumped) It is believed that this vulnerability can enable Denial of Service and possibly Code Execution attacks on platforms that lack sufficient defenses.
A heap buffer overflow vulnerability was discovered in Perl. Release ...