severity 689314 grave retitle 689314 perl: segfaults when echoing a very long string [CVE-2012-5195] tag 689314 upstream security patch thanks
On Mon, Oct 01, 2012 at 04:11:00PM +0200, Thorsten Glaser wrote: > Package: perl > Version: 5.14.2-13 > Severity: normal > > # perl -le 'print "v"x(2**31+1) ."=1"' > > Segmentation fault This has security impact and has been assigned CVE-2012-5195. See http://www.nntp.perl.org/group/perl.perl5.porters/2012/10/msg193886.html http://perl5.git.perl.org/perl.git/commit/b675304e3fdbcce3ef853b06b6ebe870d99faa7e It's not quite clear yet if 5.10.1 (squeeze) is affected. I'll upload a fix to sid/wheezy shortly. -- Niko Tyni nt...@debian.org -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
