subject:"\[Bug 1492091\] CVE\-2017\-12837 perl\: Heap buffer overflow in regular expression compiler"

[Bug 1492091] CVE-2017-12837 perl: Heap buffer overflow in regular expression compiler

2017-10-19 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1492091
Bug 1492091 depends on bug 1492094, which changed state.

Bug 1492094 Summary: CVE-2017-12837 CVE-2017-12883 perl: various flaws 
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1492094

   What|Removed |Added

 Status|ON_QA   |CLOSED
 Resolution|--- |ERRATA



-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org

[Bug 1492091] CVE-2017-12837 perl: Heap buffer overflow in regular expression compiler

2017-10-13 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1492091



--- Comment #7 from Fedora Update System  ---
perl-5.24.3-389.fc25 has been pushed to the Fedora 25 stable repository. If
problems still persist, please make note of it in this bug report.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org

[Bug 1492091] CVE-2017-12837 perl: Heap buffer overflow in regular expression compiler

2017-10-02 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1492091



--- Comment #6 from Fedora Update System  ---
perl-5.24.3-395.fc26 has been pushed to the Fedora 26 stable repository. If
problems still persist, please make note of it in this bug report.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org

[Bug 1492091] CVE-2017-12837 perl: Heap buffer overflow in regular expression compiler

2017-10-02 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1492091



--- Comment #5 from Fedora Update System  ---
perl-5.26.1-401.fc27 has been pushed to the Fedora 27 stable repository. If
problems still persist, please make note of it in this bug report.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org

[Bug 1492091] CVE-2017-12837 perl: Heap buffer overflow in regular expression compiler

2017-09-26 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1492091


--- Doc Text *updated* by Eric Christensen  ---
A heap write buffer overflow was found in perl's S_regatom() function, which is 
used in the compilation of regular expressions, resulting in the crash of the 
perl interpreter. An attacker, able to provide a specially crafted regular 
expression, could cause a denial of service.


-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org

[Bug 1492091] CVE-2017-12837 perl: Heap buffer overflow in regular expression compiler

2017-09-25 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1492091



--- Comment #4 from Cedric Buissart  ---
Acknowledgments:

Name: Sawyer X (Perl)

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org

[Bug 1492091] CVE-2017-12837 perl: Heap buffer overflow in regular expression compiler

2017-09-25 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1492091

Cedric Buissart  changed:

   What|Removed |Added

 Status|NEW |CLOSED
 Resolution|--- |WONTFIX
Last Closed||2017-09-25 11:37:50



-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org

[Bug 1492091] CVE-2017-12837 perl: Heap buffer overflow in regular expression compiler

2017-09-25 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1492091



--- Comment #3 from Cedric Buissart  ---
Acknowledgments:

Name: Sawyer X (Perl security team)

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org

[Bug 1492091] CVE-2017-12837 perl: Heap buffer overflow in regular expression compiler

2017-09-25 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1492091


--- Doc Text *updated* by Cedric Buissart  ---
A heap write buffer overflow  was found in perl's S_regatom() function, which 
is used in the compilation of regular expressions, resulting in the crash of 
the perl interpreter. An attacker able to provide a specially crafted regular 
expression could cause a denial of service.


-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org

[Bug 1492091] CVE-2017-12837 perl: Heap buffer overflow in regular expression compiler

2017-09-25 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1492091



--- Comment #2 from Cedric Buissart  ---
Statement:

This issue does not affect perl versions older than 5.18. Perl as shipped in
Red Hat Enterprise Linux 7 and older are not affected by this vulnerability.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org

[Bug 1492091] CVE-2017-12837 perl: Heap buffer overflow in regular expression compiler

2017-09-25 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1492091

Cedric Buissart  changed:

   What|Removed |Added

 Whiteboard|impact=low,public=20170912, |impact=low,public=20170912,
   |reported=20170913,source=up |reported=20170913,source=up
   |stream,cvss3=5.9/CVSS:3.0/A |stream,cvss3=5.9/CVSS:3.0/A
   |V:N/AC:H/PR:N/UI:N/S:U/C:N/ |V:N/AC:H/PR:N/UI:N/S:U/C:N/
   |I:N/A:H,cwe=CWE-122,rhel-5/ |I:N/A:H,cwe=CWE-122,rhel-5/
   |perl=new,rhel-6/perl=new,rh |perl=notaffected,rhel-6/per
   |el-7/perl=notaffected,rhscl |l=notaffected,rhel-7/perl=n
   |-2/rh-perl520-perl=wontfix, |otaffected,rhscl-2/rh-perl5
   |rhscl-2/rh-perl524-perl=won |20-perl=wontfix,rhscl-2/rh-
   |tfix,fedora-all/perl=affect |perl524-perl=wontfix,fedora
   |ed  |-all/perl=affected



-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org

[Bug 1492091] CVE-2017-12837 perl: Heap buffer overflow in regular expression compiler

2017-09-25 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1492091

Cedric Buissart  changed:

   What|Removed |Added

 Whiteboard|impact=low,public=20170912, |impact=low,public=20170912,
   |reported=20170913,source=up |reported=20170913,source=up
   |stream,cvss3=5.9/CVSS:3.0/A |stream,cvss3=5.9/CVSS:3.0/A
   |V:N/AC:H/PR:N/UI:N/S:U/C:N/ |V:N/AC:H/PR:N/UI:N/S:U/C:N/
   |I:N/A:H,cwe=CWE-122,rhel-5/ |I:N/A:H,cwe=CWE-122,rhel-5/
   |perl=new,rhel-6/perl=new,rh |perl=new,rhel-6/perl=new,rh
   |el-7/perl=new,rhscl-2/rh-pe |el-7/perl=notaffected,rhscl
   |rl520-perl=new,rhscl-2/rh-p |-2/rh-perl520-perl=wontfix,
   |erl524-perl=new,fedora-all/ |rhscl-2/rh-perl524-perl=won
   |perl=affected   |tfix,fedora-all/perl=affect
   ||ed



-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org

[Bug 1492091] CVE-2017-12837 perl: Heap buffer overflow in regular expression compiler

2017-09-19 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1492091

Cedric Buissart  changed:

   What|Removed |Added

 Whiteboard|impact=low,public=20170912, |impact=low,public=20170912,
   |reported=20170913,source=up |reported=20170913,source=up
   |stream,cvss3=5.9/CVSS:3.0/A |stream,cvss3=5.9/CVSS:3.0/A
   |V:N/AC:H/PR:N/UI:N/S:U/C:N/ |V:N/AC:H/PR:N/UI:N/S:U/C:N/
   |I:N/A:H,cwe=CWE-122,rhel-5/ |I:N/A:H,cwe=CWE-122,rhel-5/
   |perl=new,rhel-6/perl=new,rh |perl=new,rhel-6/perl=new,rh
   |el-7/perl=new,rhscl-2/rh-pe |el-7/perl=new,rhscl-2/rh-pe
   |rl520-perl=new,rhscl-2/rh-p |rl520-perl=new,rhscl-2/rh-p
   |erl524-perl=new,directory_s |erl524-perl=new,fedora-all/
   |erver_8/perl=new,fedora-all |perl=affected
   |/perl=affected  |



-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org

[Bug 1492091] CVE-2017-12837 perl: Heap buffer overflow in regular expression compiler

2017-09-19 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1492091

Cedric Buissart  changed:

   What|Removed |Added

   Priority|medium  |low
 Whiteboard|impact=moderate,public=2017 |impact=low,public=20170912,
   |0912,reported=20170913,sour |reported=20170913,source=up
   |ce=debian,cvss3=5.9/CVSS:3. |stream,cvss3=5.9/CVSS:3.0/A
   |0/AV:N/AC:H/PR:N/UI:N/S:U/C |V:N/AC:H/PR:N/UI:N/S:U/C:N/
   |:N/I:N/A:H,cwe=CWE-122,rhel |I:N/A:H,cwe=CWE-122,rhel-5/
   |-5/perl=new,rhel-6/perl=new |perl=new,rhel-6/perl=new,rh
   |,rhel-7/perl=new,rhscl-2/rh |el-7/perl=new,rhscl-2/rh-pe
   |-perl520-perl=new,rhscl-2/r |rl520-perl=new,rhscl-2/rh-p
   |h-perl524-perl=new,director |erl524-perl=new,directory_s
   |y_server_8/perl=new,fedora- |erver_8/perl=new,fedora-all
   |all/perl=affected   |/perl=affected
   Severity|medium  |low



-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org

[Bug 1492091] CVE-2017-12837 perl: Heap buffer overflow in regular expression compiler

2017-09-19 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1492091

Cedric Buissart  changed:

   What|Removed |Added

 Blocks||1489904



-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org

[Bug 1492091] CVE-2017-12837 perl: Heap buffer overflow in regular expression compiler

2017-09-15 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1492091

Adam Mariš  changed:

   What|Removed |Added

 Blocks||1492097



-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org

[Bug 1492091] CVE-2017-12837 perl: Heap buffer overflow in regular expression compiler

2017-09-15 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1492091

Adam Mariš  changed:

   What|Removed |Added

 Depends On||1492094



--- Comment #1 from Adam Mariš  ---
Created perl tracking bugs for this issue:

Affects: fedora-all [bug 1492094]


Referenced Bugs:

https://bugzilla.redhat.com/show_bug.cgi?id=1492094
[Bug 1492094] CVE-2017-12837 CVE-2017-12883 perl: various flaws
[fedora-all]
-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org

[Bug 1492091] CVE-2017-12837 perl: Heap buffer overflow in regular expression compiler

[Bug 1492091] CVE-2017-12837 perl: Heap buffer overflow in regular expression compiler

[Bug 1492091] CVE-2017-12837 perl: Heap buffer overflow in regular expression compiler

[Bug 1492091] CVE-2017-12837 perl: Heap buffer overflow in regular expression compiler

[Bug 1492091] CVE-2017-12837 perl: Heap buffer overflow in regular expression compiler

[Bug 1492091] CVE-2017-12837 perl: Heap buffer overflow in regular expression compiler

[Bug 1492091] CVE-2017-12837 perl: Heap buffer overflow in regular expression compiler

[Bug 1492091] CVE-2017-12837 perl: Heap buffer overflow in regular expression compiler

[Bug 1492091] CVE-2017-12837 perl: Heap buffer overflow in regular expression compiler

[Bug 1492091] CVE-2017-12837 perl: Heap buffer overflow in regular expression compiler

[Bug 1492091] CVE-2017-12837 perl: Heap buffer overflow in regular expression compiler

[Bug 1492091] CVE-2017-12837 perl: Heap buffer overflow in regular expression compiler

[Bug 1492091] CVE-2017-12837 perl: Heap buffer overflow in regular expression compiler

[Bug 1492091] CVE-2017-12837 perl: Heap buffer overflow in regular expression compiler

[Bug 1492091] CVE-2017-12837 perl: Heap buffer overflow in regular expression compiler

[Bug 1492091] CVE-2017-12837 perl: Heap buffer overflow in regular expression compiler

[Bug 1492091] CVE-2017-12837 perl: Heap buffer overflow in regular expression compiler

17 matches

Site Navigation

Mail list logo

Footer information