Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

openSUSE-SU-2018:4258-1

Опубликовано: 22 дек. 2018
Источник: suse-cvrf

Описание

Security update for perl

This update for perl fixes the following issues:

Secuirty issues fixed:

  • CVE-2018-18311: Fixed integer overflow with oversize environment (bsc#1114674).
  • CVE-2018-18312: Fixed heap-buffer-overflow write / reg_node overrun (bsc#1114675).
  • CVE-2018-18313: Fixed heap-buffer-overflow read if regex contains \0 chars (bsc#1114681).
  • CVE-2018-18314: Fixed heap-buffer-overflow in regex (bsc#1114686).

This update was imported from the SUSE:SLE-15:Update update project.

Список пакетов

openSUSE Leap 15.0
perl-5.26.1-lp150.6.6.1
perl-32bit-5.26.1-lp150.6.6.1
perl-base-5.26.1-lp150.6.6.1
perl-base-32bit-5.26.1-lp150.6.6.1
perl-doc-5.26.1-lp150.6.6.1

Ссылки

Описание

Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.

Затронутые продукты
openSUSE Leap 15.0:perl-32bit-5.26.1-lp150.6.6.1
openSUSE Leap 15.0:perl-5.26.1-lp150.6.6.1
openSUSE Leap 15.0:perl-base-32bit-5.26.1-lp150.6.6.1
openSUSE Leap 15.0:perl-base-5.26.1-lp150.6.6.1
Ссылки

Описание

Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.

Затронутые продукты
openSUSE Leap 15.0:perl-32bit-5.26.1-lp150.6.6.1
openSUSE Leap 15.0:perl-5.26.1-lp150.6.6.1
openSUSE Leap 15.0:perl-base-32bit-5.26.1-lp150.6.6.1
openSUSE Leap 15.0:perl-base-5.26.1-lp150.6.6.1
Ссылки

Описание

Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory.

Затронутые продукты
openSUSE Leap 15.0:perl-32bit-5.26.1-lp150.6.6.1
openSUSE Leap 15.0:perl-5.26.1-lp150.6.6.1
openSUSE Leap 15.0:perl-base-32bit-5.26.1-lp150.6.6.1
openSUSE Leap 15.0:perl-base-5.26.1-lp150.6.6.1
Ссылки

Описание

Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.

Затронутые продукты
openSUSE Leap 15.0:perl-32bit-5.26.1-lp150.6.6.1
openSUSE Leap 15.0:perl-5.26.1-lp150.6.6.1
openSUSE Leap 15.0:perl-base-32bit-5.26.1-lp150.6.6.1
openSUSE Leap 15.0:perl-base-5.26.1-lp150.6.6.1
Ссылки