Описание
Security update for perl
This update for perl fixes the following issues:
Secuirty issues fixed:
- CVE-2018-18311: Fixed integer overflow with oversize environment (bsc#1114674).
- CVE-2018-18312: Fixed heap-buffer-overflow write / reg_node overrun (bsc#1114675).
- CVE-2018-18313: Fixed heap-buffer-overflow read if regex contains \0 chars (bsc#1114681).
- CVE-2018-18314: Fixed heap-buffer-overflow in regex (bsc#1114686).
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15
perl-5.26.1-7.6.1
perl-base-5.26.1-7.6.1
perl-base-32bit-5.26.1-7.6.1
SUSE Linux Enterprise Module for Development Tools 15
perl-doc-5.26.1-7.6.1
Ссылки
- Link for SUSE-SU-2018:4187-1
- E-Mail link for SUSE-SU-2018:4187-1
- SUSE Security Ratings
- SUSE Bug 1114674
- SUSE Bug 1114675
- SUSE Bug 1114681
- SUSE Bug 1114686
- SUSE CVE CVE-2018-18311 page
- SUSE CVE CVE-2018-18312 page
- SUSE CVE CVE-2018-18313 page
- SUSE CVE CVE-2018-18314 page
Описание
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15:perl-5.26.1-7.6.1
SUSE Linux Enterprise Module for Basesystem 15:perl-base-32bit-5.26.1-7.6.1
SUSE Linux Enterprise Module for Basesystem 15:perl-base-5.26.1-7.6.1
SUSE Linux Enterprise Module for Development Tools 15:perl-doc-5.26.1-7.6.1
Ссылки
- CVE-2018-18311
- SUSE Bug 1114674
- SUSE Bug 1132018
Описание
Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15:perl-5.26.1-7.6.1
SUSE Linux Enterprise Module for Basesystem 15:perl-base-32bit-5.26.1-7.6.1
SUSE Linux Enterprise Module for Basesystem 15:perl-base-5.26.1-7.6.1
SUSE Linux Enterprise Module for Development Tools 15:perl-doc-5.26.1-7.6.1
Ссылки
- CVE-2018-18312
- SUSE Bug 1114675
Описание
Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15:perl-5.26.1-7.6.1
SUSE Linux Enterprise Module for Basesystem 15:perl-base-32bit-5.26.1-7.6.1
SUSE Linux Enterprise Module for Basesystem 15:perl-base-5.26.1-7.6.1
SUSE Linux Enterprise Module for Development Tools 15:perl-doc-5.26.1-7.6.1
Ссылки
- CVE-2018-18313
- SUSE Bug 1114681
Описание
Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15:perl-5.26.1-7.6.1
SUSE Linux Enterprise Module for Basesystem 15:perl-base-32bit-5.26.1-7.6.1
SUSE Linux Enterprise Module for Basesystem 15:perl-base-5.26.1-7.6.1
SUSE Linux Enterprise Module for Development Tools 15:perl-doc-5.26.1-7.6.1
Ссылки
- CVE-2018-18314
- SUSE Bug 1114686