Advisories ยป MGASA-2016-0191

Updated perl packages fix security vulnerability

Publication date: 20 May 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2015-8853

Description

The regex engine got into an infinite loop because of the malformation. It
is trying to back-up over a sequence of UTF-8 continuation bytes. The
character just before the sequence should be a start byte. If it's not,
there is a malformation which results in "hang" of regexp matching and CPU
exhaustion (CVE-2015-8853).
                

References

SRPMS

5/core