Advisories ยป MGASA-2018-0049

Updated perl packages fix security vulnerability

Publication date: 03 Jan 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2017-12837 , CVE-2017-12883

Description

Jakub Wilk reported a heap buffer overflow flaw in the regular expression
compiler, allowing a remote attacker to cause a denial of service via a
specially crafted regular expression with the case-insensitive modifier
(CVE-2017-12837).

Jakub Wilk reported a buffer over-read flaw in the regular expression
parser, allowing a remote attacker to cause a denial of service or
information leak (CVE-2017-12883).
                

References

SRPMS

6/core