Advisories ยป MGASA-2018-0241

Updated perl packages fix security vulnerabilities

Publication date: 16 May 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-6797 , CVE-2018-6798 , CVE-2018-6913

Description

Brian Carpenter reported that a crafted regular expression could cause
a heap buffer write overflow, with control over the bytes written
(CVE-2018-6797).

Nguyen Duc Manh reported that matching a crafted locale dependent
regular expression can cause a heap-based buffer over-read and
potentially information disclosure (CVE-2018-6798).

GwanYeong Kim reported that 'pack()' could cause a heap buffer write
overflow with a large item count (CVE-2018-6913).
                

References

SRPMS

6/core