-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : perl Version : 5.20.2-3+deb8u12 CVE ID : CVE-2018-18311
Jayakrishna Menon and Christophe Hauser discovered an integer overflow vulnerability in Perl_my_setenv leading to a heap-based buffer overflow with attacker-controlled input. For Debian 8 "Jessie", this problem has been fixed in version 5.20.2-3+deb8u12. We recommend that you upgrade your perl packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAlwBUsgACgkQnUbEiOQ2 gwIf2w/9G932X/2dDd4h4zqnEg4ccJnjEdAYYn8fmnEXnnAdTxT8UvUIcjCP22Ck Vj7iXOSzcMwe+5soFOV26xZiCI4mI+pfrUme+auR95ITvw9UY8vFoRhQYSLT14qK RTcE3govwcKSJ7nf53fIx9xAgoSUmhJBSepFUlY+4ZttDISvIYAUlTQ8HxYzRPsz cgnK4Df5KKCR+okx9p2QraXqvb+LWzruLUba5qcLN5GnPS2M610BaeEyuZ8p0wy2 WTX0jKUhVtBq4WdumidGf3g5LoUed1uhfRBJXsfCLj0hiS+bTyhganc1GEJSGXqv 1fEgrhPkRX3ozMX6xZOfkHe+hggZe7RVTZeGAvym5WvlLt72u75NLwWhz+oGutGN JeAvPCG3cULL0xHMORMfMKmso1zvhMWqpbtgVTxlIfxEbPD+iVrNvrgH5y6vXrVb bWM2fkCZBljwLAUWBSIAZYr/LND95F6fGwFWEr73tcpjOgAQzPp9YuW+wsEwQuLN JDqGobQs4lzgig6BnGUDccvBryVyyFdZhZfyTpv2edFPlDvZ0r7M2TJ7zNDTZ7UU WQXDugQdD0wjnamF7WnihtUkZujZkj0WUp+D4J4+VaN2TbdFreys1VQ3pluIcnUm 54WlBWcFc9orDCAac85HVgJtzDk1Pl5WC/Wp+51gtszvY7lVqcY= =hM7Q -----END PGP SIGNATURE-----
