Your message dated Mon, 14 Apr 2025 05:27:15 +0000
with message-id <[email protected]>
and subject line unblock perl
has caused the Debian Bug report #1102984,
regarding unblock/preapproval: perl/5.40.1-3 CVE-2024-56406
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1102984: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102984
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: [email protected]
Usertags: unblock
X-Debbugs-Cc: [email protected], [email protected]
Control: affects -1 + src:perl
Hi, please pre-approve the attached one line security fix for sid/trixie
for CVE-2024-56406: Perl 5.34, 5.36, 5.38 and 5.40 are vulnerable to a
heap buffer overflow when transliterating non-ASCII bytes.
https://lists.security.metacpan.org/cve-announce/msg/28708725/
A DSA update for bookworm is already uploaded and being processed by
the security team.
Thanks for your work,
--
Niko Tyni [email protected]
diff -Nru perl-5.40.1/debian/changelog perl-5.40.1/debian/changelog
--- perl-5.40.1/debian/changelog 2025-02-16 17:16:32.000000000 +0200
+++ perl-5.40.1/debian/changelog 2025-04-12 18:34:34.000000000 +0300
@@ -1,3 +1,9 @@
+perl (5.40.1-3) unstable; urgency=high
+
+ * [SECURITY] CVE-2024-56406: Fix heap-buffer-overflow with tr//
+
+ -- Niko Tyni <[email protected]> Sat, 12 Apr 2025 18:34:34 +0300
+
perl (5.40.1-2) unstable; urgency=medium
* Refresh cross support files with 5.40.1-1 results.
diff -Nru perl-5.40.1/debian/patches/fixes/CVE-2024-56406.diff
perl-5.40.1/debian/patches/fixes/CVE-2024-56406.diff
--- perl-5.40.1/debian/patches/fixes/CVE-2024-56406.diff 1970-01-01
02:00:00.000000000 +0200
+++ perl-5.40.1/debian/patches/fixes/CVE-2024-56406.diff 2025-04-12
18:34:34.000000000 +0300
@@ -0,0 +1,31 @@
+From: Karl Williamson <[email protected]>
+Date: Wed, 18 Dec 2024 18:25:29 -0700
+Subject: CVE-2024-56406: Heap-buffer-overflow with tr//
+
+This was due to underallocating needed space. If the translation forces
+something to become UTF-8 that is initially bytes, that UTF-8 could
+now require two bytes where previously a single one would do.
+
+(cherry picked from commit f93109c8a6950aafbd7488d98e112552033a3686)
+
+commit 385e8759c3ff1e7f7f996bd4ea391074d61d48c1
+Author: Karl Williamson <[email protected]>
+AuthorDate: 2024-12-18 18:25:29 -0700
+Commit: Steve Hay <[email protected]>
+CommitDate: 2025-03-30 11:59:51 +0100
+---
+ op.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/op.c b/op.c
+index 3fc23ec..aeee88e 100644
+--- a/op.c
++++ b/op.c
+@@ -6649,6 +6649,7 @@ S_pmtrans(pTHX_ OP *o, OP *expr, OP *repl)
+ * same time. But otherwise one crosses before the other */
+ if (t_cp < 256 && r_cp_end > 255 && r_cp != t_cp) {
+ can_force_utf8 = TRUE;
++ max_expansion = MAX(2, max_expansion);
+ }
+ }
+
diff -Nru perl-5.40.1/debian/patches/series perl-5.40.1/debian/patches/series
--- perl-5.40.1/debian/patches/series 2025-01-19 00:25:46.000000000 +0200
+++ perl-5.40.1/debian/patches/series 2025-04-12 18:34:34.000000000 +0300
@@ -40,3 +40,4 @@
debian/configure-regen.diff
fixes/json-pp-options.diff
fixes/test-harness-bailout.diff
+fixes/CVE-2024-56406.diff
--- End Message ---
--- Begin Message ---
Unblocked.
--- End Message ---
