[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c
https://bugzilla.redhat.com/show_bug.cgi?id=1547783 errata-xmlrpcchanged: What|Removed |Added External Bug ID||Red Hat Product Errata ||RHSA-2018:1192 -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c
https://bugzilla.redhat.com/show_bug.cgi?id=1547783 --- Comment #15 from errata-xmlrpc--- This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 6 Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7 Red Hat Software Collections for Red Hat Enterprise Linux 7.3 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7.4 EUS Via RHSA-2018:1192 https://access.redhat.com/errata/RHSA-2018:1192 -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c
https://bugzilla.redhat.com/show_bug.cgi?id=1547783 Bug 1547783 depends on bug 1567778, which changed state. Bug 1567778 Summary: CVE-2018-6797 perl: heap write overflow in regcomp.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1567778 What|Removed |Added Status|ON_QA |CLOSED Resolution|--- |ERRATA -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c
https://bugzilla.redhat.com/show_bug.cgi?id=1547783 --- Doc Text *updated* by Cedric Buissart--- A heap buffer write overflow, with control over the bytes written, was found in the way regular expressions employing Unicode rules are compiled. An attacker, with the ability to provide a specially crafted regular expression, could crash the perl interpreter, or possibly execute arbitrary code. -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c
https://bugzilla.redhat.com/show_bug.cgi?id=1547783 --- Comment #14 from Cedric Buissart--- Acknowledgments: Name: Perl 5 Porters Upstream: Brian Carpenter -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c
https://bugzilla.redhat.com/show_bug.cgi?id=1547783 --- Comment #13 from Cedric Buissart--- Acknowledgments: Name: Sawyer X (Perl 5 Porters) Upstream: Brian Carpenter -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c
https://bugzilla.redhat.com/show_bug.cgi?id=1547783 Cedric Buissartchanged: What|Removed |Added Whiteboard|impact=moderate,public=2018 |impact=moderate,public=2018 |0414,reported=20180221,sour |0414,reported=20180221,sour |ce=upstream,cvss3=5.9/CVSS: |ce=upstream,cvss3=8.1/CVSS: |3.0/AV:L/AC:L/PR:N/UI:N/S:U |3.0/AV:N/AC:H/PR:N/UI:N/S:U |/C:L/I:L/A:L,cwe=CWE-787,fe |/C:H/I:H/A:H,cwe=CWE-787,fe |dora-all/perl=affected,rhel |dora-all/perl=affected,rhel |-5/perl=notaffected,rhel-6/ |-5/perl=notaffected,rhel-6/ |perl=notaffected,rhel-7/per |perl=notaffected,rhel-7/per |l=notaffected,rhel-8/perl=a |l=notaffected,rhel-8/perl=a |ffected,rhscl-3/rh-perl526- |ffected,rhscl-3/rh-perl526- |perl=affected,rhscl-3/rh-pe |perl=affected,rhscl-3/rh-pe |rl524-perl=affected,rhscl-3 |rl524-perl=affected,rhscl-3 |/rh-perl520-perl=wontfix|/rh-perl520-perl=wontfix -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c
https://bugzilla.redhat.com/show_bug.cgi?id=1547783 --- Comment #12 from Cedric Buissart--- Acknowledgments: Name: Brian Carpenter Upstream: Sawyer X (Perl 5 Porters) -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c
https://bugzilla.redhat.com/show_bug.cgi?id=1547783 --- Comment #11 from Cedric Buissart--- Acknowledgments: Name: Brian Carpenter Upstream: Sawyer X (Perl) -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c
https://bugzilla.redhat.com/show_bug.cgi?id=1547783 Cedric Buissartchanged: What|Removed |Added Whiteboard|impact=moderate,public=2018 |impact=moderate,public=2018 |0414,reported=20180221,sour |0414,reported=20180221,sour |ce=internet,cvss3=5.9/CVSS: |ce=upstream,cvss3=5.9/CVSS: |3.0/AV:L/AC:L/PR:N/UI:N/S:U |3.0/AV:L/AC:L/PR:N/UI:N/S:U |/C:L/I:L/A:L,cwe=CWE-787,fe |/C:L/I:L/A:L,cwe=CWE-787,fe |dora-all/perl=affected,rhel |dora-all/perl=affected,rhel |-5/perl=notaffected,rhel-6/ |-5/perl=notaffected,rhel-6/ |perl=notaffected,rhel-7/per |perl=notaffected,rhel-7/per |l=notaffected,rhel-8/perl=a |l=notaffected,rhel-8/perl=a |ffected,rhscl-3/rh-perl526- |ffected,rhscl-3/rh-perl526- |perl=affected,rhscl-3/rh-pe |perl=affected,rhscl-3/rh-pe |rl524-perl=affected,rhscl-3 |rl524-perl=affected,rhscl-3 |/rh-perl520-perl=wontfix|/rh-perl520-perl=wontfix -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c
https://bugzilla.redhat.com/show_bug.cgi?id=1547783 Cedric Buissartchanged: What|Removed |Added Fixed In Version||perl 5.26.2, perl 5.24.4 -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c
https://bugzilla.redhat.com/show_bug.cgi?id=1547783 --- Comment #9 from Cedric Buissart--- Statement: Versions of the perl interpreter older than 5.18 are not vulnerable. As a result, the versions of perl as shipped in Red Hat Enterprise Linux version 7, 6 and 5 are not affected by this vulnerability. -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c
https://bugzilla.redhat.com/show_bug.cgi?id=1547783 --- Comment #10 from Cedric Buissart--- External References: https://rt.perl.org/Public/Bug/Display.html?id=132227 -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c
https://bugzilla.redhat.com/show_bug.cgi?id=1547783 Cedric Buissartchanged: What|Removed |Added Whiteboard|impact=moderate,public=2018 |impact=moderate,public=2018 |0414,reported=20180221,sour |0414,reported=20180221,sour |ce=internet,cvss3=5.9/CVSS: |ce=internet,cvss3=5.9/CVSS: |3.0/AV:L/AC:L/PR:N/UI:N/S:U |3.0/AV:L/AC:L/PR:N/UI:N/S:U |/C:L/I:L/A:L,cwe=CWE-787,fe |/C:L/I:L/A:L,cwe=CWE-787,fe |dora-all/perl=affected,rhel |dora-all/perl=affected,rhel |-5/perl=new,rhel-6/perl=new |-5/perl=notaffected,rhel-6/ |,rhel-7/perl=new,rhel-8/per |perl=notaffected,rhel-7/per |l=affected,rhscl-3/rh-perl5 |l=notaffected,rhel-8/perl=a |26-perl=affected,rhscl-3/rh |ffected,rhscl-3/rh-perl526- |-perl524-perl=affected,rhsc |perl=affected,rhscl-3/rh-pe |l-3/rh-perl520-perl=wontfix |rl524-perl=affected,rhscl-3 ||/rh-perl520-perl=wontfix -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c
https://bugzilla.redhat.com/show_bug.cgi?id=1547783 Cedric Buissartchanged: What|Removed |Added Depends On||1567800 -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c
https://bugzilla.redhat.com/show_bug.cgi?id=1547783 Cedric Buissartchanged: What|Removed |Added Whiteboard|impact=moderate,public=2018 |impact=moderate,public=2018 |0414,reported=20180221,sour |0414,reported=20180221,sour |ce=internet,cvss3=5.9/CVSS: |ce=internet,cvss3=5.9/CVSS: |3.0/AV:L/AC:L/PR:N/UI:N/S:U |3.0/AV:L/AC:L/PR:N/UI:N/S:U |/C:L/I:L/A:L,cwe=CWE-787,fe |/C:L/I:L/A:L,cwe=CWE-787,fe |dora-all/perl=affected,rhel |dora-all/perl=affected,rhel |-5/perl=new,rhel-6/perl=new |-5/perl=new,rhel-6/perl=new |,rhel-7/perl=new,rhel-8/per |,rhel-7/perl=new,rhel-8/per |l=new,rhscl-3/rh-perl526-pe |l=affected,rhscl-3/rh-perl5 |rl=affected,rhscl-3/rh-perl |26-perl=affected,rhscl-3/rh |524-perl=affected,rhscl-3/r |-perl524-perl=affected,rhsc |h-perl520-perl=wontfix |l-3/rh-perl520-perl=wontfix -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c
https://bugzilla.redhat.com/show_bug.cgi?id=1547783 Cedric Buissartchanged: What|Removed |Added Depends On||1567778 --- Comment #7 from Cedric Buissart --- Created perl tracking bugs for this issue: Affects: fedora-all [bug 1567778] Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1567778 [Bug 1567778] CVE-2018-6797 perl: heap write overflow in regcomp.c [fedora-all] -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
[Bug 1547783] CVE-2018-6797 perl: heap write overflow in regcomp.c
https://bugzilla.redhat.com/show_bug.cgi?id=1547783 Cedric Buissartchanged: What|Removed |Added Group|security, qe_staff | CC||al...@redhat.com, ||caillon+fedoraproject@gmail ||.com, iarn...@gmail.com, ||ka...@ucw.cz, ||mbar...@fastmail.com, ||mmasl...@redhat.com, ||perl-devel@lists.fedoraproj ||ect.org, ||perl-maint-l...@redhat.com, ||psab...@redhat.com, ||rhug...@redhat.com, ||sandm...@redhat.com, ||tcall...@redhat.com Summary|EMBARGOED CVE-2018-6797 |CVE-2018-6797 perl: heap |perl: heap write overflow |write overflow in regcomp.c |in regcomp.c| -- You are receiving this mail because: You are on the CC list for the bug. ___ perl-devel mailing list -- perl-devel@lists.fedoraproject.org To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org