CVSROOT: /cvs
Module name: src
Changes by: afre...@cvs.openbsd.org 2018/04/14 13:04:14
Modified files:
gnu/usr.bin/perl: pp_pack.c regcomp.c regexec.c
gnu/usr.bin/perl/t/lib/warnings: regexec
gnu/usr.bin/perl/t/op: pack.t
gnu/usr.bin/perl/t/re: re_tests
Log message:
Correct heap overflow bugs in perl
* RT #131844: [CVE-2018-6913] heap-buffer-overflow in S_pack_rec
Reported by GwanYeong Kim, fixed by Tony Cook.
* RT #132063: [CVE-2018-6798] Heap-buffer-overflow in
Perl__byte_dump_string (utf8.c)
Reported by Nguyen Duc Manh, fixed by Karl Williamson, Yves Orton, and
Tony Cook.
* RT #132227: [CVE-2018-6797] heap-buffer-overflow (WRITE of size 1) in
S_regatom (regcomp.c)
Reported by Brian Carpenter, fixed by Yves Orton, Karl Williamson, and
Tony Cook.
Many thanks to deraadt@ tj@ bluhm@ tb@ robert@
