subject:"\[Bug 1547783\] CVE\-2018\-6797 perl\: heap write overflow in regcomp.c"

[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c

2018-04-23 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1547783

errata-xmlrpc  changed:

   What|Removed |Added

External Bug ID||Red Hat Product Errata
   ||RHSA-2018:1192



-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org

[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c

2018-04-23 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1547783



--- Comment #15 from errata-xmlrpc  ---
This issue has been addressed in the following products:

  Red Hat Software Collections for Red Hat Enterprise Linux 6
  Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS
  Red Hat Software Collections for Red Hat Enterprise Linux 7
  Red Hat Software Collections for Red Hat Enterprise Linux 7.3 EUS
  Red Hat Software Collections for Red Hat Enterprise Linux 7.4 EUS

Via RHSA-2018:1192 https://access.redhat.com/errata/RHSA-2018:1192

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org

[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c

2018-04-20 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1547783
Bug 1547783 depends on bug 1567778, which changed state.

Bug 1567778 Summary: CVE-2018-6797 perl: heap write overflow in regcomp.c 
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1567778

   What|Removed |Added

 Status|ON_QA   |CLOSED
 Resolution|--- |ERRATA



-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org

[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c

2018-04-19 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1547783


--- Doc Text *updated* by Cedric Buissart  ---
A heap buffer write overflow, with control over the bytes written, was found in 
the way regular expressions employing Unicode rules are compiled. An attacker, 
with the ability to provide a specially crafted regular expression, could crash 
the perl interpreter, or possibly execute arbitrary code.


-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org

[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c

2018-04-18 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1547783



--- Comment #14 from Cedric Buissart  ---
Acknowledgments:

Name: Perl 5 Porters
Upstream: Brian Carpenter

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org

[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c

2018-04-17 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1547783



--- Comment #13 from Cedric Buissart  ---
Acknowledgments:

Name: Sawyer X (Perl 5 Porters)
Upstream: Brian Carpenter

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org

[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c

2018-04-16 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1547783

Cedric Buissart  changed:

   What|Removed |Added

 Whiteboard|impact=moderate,public=2018 |impact=moderate,public=2018
   |0414,reported=20180221,sour |0414,reported=20180221,sour
   |ce=upstream,cvss3=5.9/CVSS: |ce=upstream,cvss3=8.1/CVSS:
   |3.0/AV:L/AC:L/PR:N/UI:N/S:U |3.0/AV:N/AC:H/PR:N/UI:N/S:U
   |/C:L/I:L/A:L,cwe=CWE-787,fe |/C:H/I:H/A:H,cwe=CWE-787,fe
   |dora-all/perl=affected,rhel |dora-all/perl=affected,rhel
   |-5/perl=notaffected,rhel-6/ |-5/perl=notaffected,rhel-6/
   |perl=notaffected,rhel-7/per |perl=notaffected,rhel-7/per
   |l=notaffected,rhel-8/perl=a |l=notaffected,rhel-8/perl=a
   |ffected,rhscl-3/rh-perl526- |ffected,rhscl-3/rh-perl526-
   |perl=affected,rhscl-3/rh-pe |perl=affected,rhscl-3/rh-pe
   |rl524-perl=affected,rhscl-3 |rl524-perl=affected,rhscl-3
   |/rh-perl520-perl=wontfix|/rh-perl520-perl=wontfix



-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org

[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c

2018-04-16 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1547783



--- Comment #12 from Cedric Buissart  ---
Acknowledgments:

Name: Brian Carpenter
Upstream: Sawyer X (Perl 5 Porters)

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org

[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c

2018-04-16 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1547783



--- Comment #11 from Cedric Buissart  ---
Acknowledgments:

Name: Brian Carpenter
Upstream: Sawyer X (Perl)

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org

[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c

2018-04-16 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1547783

Cedric Buissart  changed:

   What|Removed |Added

 Whiteboard|impact=moderate,public=2018 |impact=moderate,public=2018
   |0414,reported=20180221,sour |0414,reported=20180221,sour
   |ce=internet,cvss3=5.9/CVSS: |ce=upstream,cvss3=5.9/CVSS:
   |3.0/AV:L/AC:L/PR:N/UI:N/S:U |3.0/AV:L/AC:L/PR:N/UI:N/S:U
   |/C:L/I:L/A:L,cwe=CWE-787,fe |/C:L/I:L/A:L,cwe=CWE-787,fe
   |dora-all/perl=affected,rhel |dora-all/perl=affected,rhel
   |-5/perl=notaffected,rhel-6/ |-5/perl=notaffected,rhel-6/
   |perl=notaffected,rhel-7/per |perl=notaffected,rhel-7/per
   |l=notaffected,rhel-8/perl=a |l=notaffected,rhel-8/perl=a
   |ffected,rhscl-3/rh-perl526- |ffected,rhscl-3/rh-perl526-
   |perl=affected,rhscl-3/rh-pe |perl=affected,rhscl-3/rh-pe
   |rl524-perl=affected,rhscl-3 |rl524-perl=affected,rhscl-3
   |/rh-perl520-perl=wontfix|/rh-perl520-perl=wontfix



-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org

[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c

2018-04-16 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1547783

Cedric Buissart  changed:

   What|Removed |Added

   Fixed In Version||perl 5.26.2, perl 5.24.4



-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org

[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c

2018-04-16 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1547783



--- Comment #9 from Cedric Buissart  ---
Statement:

Versions of the perl interpreter older than 5.18 are not vulnerable. As a
result, the versions of perl as shipped in Red Hat Enterprise Linux version 7,
6 and 5 are not affected by this vulnerability.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org

[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c

2018-04-16 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1547783



--- Comment #10 from Cedric Buissart  ---
External References:

https://rt.perl.org/Public/Bug/Display.html?id=132227

-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org

[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c

2018-04-16 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1547783

Cedric Buissart  changed:

   What|Removed |Added

 Whiteboard|impact=moderate,public=2018 |impact=moderate,public=2018
   |0414,reported=20180221,sour |0414,reported=20180221,sour
   |ce=internet,cvss3=5.9/CVSS: |ce=internet,cvss3=5.9/CVSS:
   |3.0/AV:L/AC:L/PR:N/UI:N/S:U |3.0/AV:L/AC:L/PR:N/UI:N/S:U
   |/C:L/I:L/A:L,cwe=CWE-787,fe |/C:L/I:L/A:L,cwe=CWE-787,fe
   |dora-all/perl=affected,rhel |dora-all/perl=affected,rhel
   |-5/perl=new,rhel-6/perl=new |-5/perl=notaffected,rhel-6/
   |,rhel-7/perl=new,rhel-8/per |perl=notaffected,rhel-7/per
   |l=affected,rhscl-3/rh-perl5 |l=notaffected,rhel-8/perl=a
   |26-perl=affected,rhscl-3/rh |ffected,rhscl-3/rh-perl526-
   |-perl524-perl=affected,rhsc |perl=affected,rhscl-3/rh-pe
   |l-3/rh-perl520-perl=wontfix |rl524-perl=affected,rhscl-3
   ||/rh-perl520-perl=wontfix



-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org

[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c

2018-04-16 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1547783

Cedric Buissart  changed:

   What|Removed |Added

 Depends On||1567800



-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org

[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c

2018-04-16 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1547783

Cedric Buissart  changed:

   What|Removed |Added

 Whiteboard|impact=moderate,public=2018 |impact=moderate,public=2018
   |0414,reported=20180221,sour |0414,reported=20180221,sour
   |ce=internet,cvss3=5.9/CVSS: |ce=internet,cvss3=5.9/CVSS:
   |3.0/AV:L/AC:L/PR:N/UI:N/S:U |3.0/AV:L/AC:L/PR:N/UI:N/S:U
   |/C:L/I:L/A:L,cwe=CWE-787,fe |/C:L/I:L/A:L,cwe=CWE-787,fe
   |dora-all/perl=affected,rhel |dora-all/perl=affected,rhel
   |-5/perl=new,rhel-6/perl=new |-5/perl=new,rhel-6/perl=new
   |,rhel-7/perl=new,rhel-8/per |,rhel-7/perl=new,rhel-8/per
   |l=new,rhscl-3/rh-perl526-pe |l=affected,rhscl-3/rh-perl5
   |rl=affected,rhscl-3/rh-perl |26-perl=affected,rhscl-3/rh
   |524-perl=affected,rhscl-3/r |-perl524-perl=affected,rhsc
   |h-perl520-perl=wontfix  |l-3/rh-perl520-perl=wontfix



-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org

[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c

2018-04-16 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1547783

Cedric Buissart  changed:

   What|Removed |Added

 Depends On||1567778



--- Comment #7 from Cedric Buissart  ---
Created perl tracking bugs for this issue:

Affects: fedora-all [bug 1567778]


Referenced Bugs:

https://bugzilla.redhat.com/show_bug.cgi?id=1567778
[Bug 1567778] CVE-2018-6797 perl: heap write overflow in regcomp.c
[fedora-all]
-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org

[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c

2018-04-16 Thread bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1547783

Cedric Buissart  changed:

   What|Removed |Added

  Group|security, qe_staff  |
 CC||al...@redhat.com,
   ||caillon+fedoraproject@gmail
   ||.com, iarn...@gmail.com,
   ||ka...@ucw.cz,
   ||mbar...@fastmail.com,
   ||mmasl...@redhat.com,
   ||perl-devel@lists.fedoraproj
   ||ect.org,
   ||perl-maint-l...@redhat.com,
   ||psab...@redhat.com,
   ||rhug...@redhat.com,
   ||sandm...@redhat.com,
   ||tcall...@redhat.com
Summary|EMBARGOED CVE-2018-6797 |CVE-2018-6797 perl: heap
   |perl: heap write overflow   |write overflow in regcomp.c
   |in regcomp.c|



-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org

[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c

[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c

[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c

[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c

[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c

[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c

[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c

[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c

[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c

[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c

[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c

[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c

[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c

[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c

[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c

[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c

[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c

[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c

18 matches

Site Navigation

Mail list logo

Footer information