Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2018:0976-1

Опубликовано: 18 апр. 2018
Источник: suse-cvrf

Описание

Security update for perl

This update for perl fixes the following issues:

Security issue fixed:

  • CVE-2018-6913: Fixed space calculation issues in pp_pack.c (bsc#1082216).
  • CVE-2018-6798: Fixed heap buffer overflow in regexec.c (bsc#1082233).

Список пакетов

SUSE Linux Enterprise Server 11 SP4
perl-5.10.0-64.81.10.1
perl-32bit-5.10.0-64.81.10.1
perl-Module-Build-0.2808.01-0.81.10.1
perl-Test-Simple-0.72-0.81.10.1
perl-base-5.10.0-64.81.10.1
perl-doc-5.10.0-64.81.10.1
perl-x86-5.10.0-64.81.10.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
perl-5.10.0-64.81.10.1
perl-32bit-5.10.0-64.81.10.1
perl-Module-Build-0.2808.01-0.81.10.1
perl-Test-Simple-0.72-0.81.10.1
perl-base-5.10.0-64.81.10.1
perl-doc-5.10.0-64.81.10.1
perl-x86-5.10.0-64.81.10.1
SUSE Linux Enterprise Software Development Kit 11 SP4
perl-base-32bit-5.10.0-64.81.10.1

Ссылки

Описание

An issue was discovered in Perl 5.22 through 5.26. Matching a crafted locale dependent regular expression can cause a heap-based buffer over-read and potentially information disclosure.

Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:perl-32bit-5.10.0-64.81.10.1
SUSE Linux Enterprise Server 11 SP4:perl-5.10.0-64.81.10.1
SUSE Linux Enterprise Server 11 SP4:perl-Module-Build-0.2808.01-0.81.10.1
SUSE Linux Enterprise Server 11 SP4:perl-Test-Simple-0.72-0.81.10.1
Ссылки

Описание

Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent attackers to execute arbitrary code via a large item count.

Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:perl-32bit-5.10.0-64.81.10.1
SUSE Linux Enterprise Server 11 SP4:perl-5.10.0-64.81.10.1
SUSE Linux Enterprise Server 11 SP4:perl-Module-Build-0.2808.01-0.81.10.1
SUSE Linux Enterprise Server 11 SP4:perl-Test-Simple-0.72-0.81.10.1
Ссылки