forwarded 628836 http://rt.perl.org/rt3/Public/Bug/Display.html?id=76538 thanks
On Wed, Jun 01, 2011 at 07:21:50PM +0100, Dominic Hargreaves wrote: > Package: perl-debug > Severity: important > > Tags: security > > <https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4777> > > Confirmed by Moritz on lenny and squeeze with debugperl from perl-debug > only; therefore it doesn't need a DSA. > > Apparently fixed in 5.14. Michael Schroeder noted in [perl #76538] that this still fails on 5.14.0 with -DDEBUGGING (our /usr/bin/debugperl from perl-debug): #!/usr/bin/debugperl my @x = ("AX=B","AAAAAAX="); utf8::upgrade($x[1]); for (@x) { m{^([^=]+?)X\s*=.+$}; print "-> $1\n"; } -- Niko Tyni [email protected] -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
