pkg-perl-maintainers team mailing list archive

Thread
Date

[Bug 1717367] Re: FTBFS: segfaults in testsuite with perl 5.26.0-7

To: pkg-perl-maintainers@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1717367@xxxxxxxxxxxxxxxxxx>
Date: Fri, 15 Sep 2017 21:18:26 -0000
Reply-to: Bug 1717367 <1717367@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This bug was fixed in the package perl - 5.26.0-8ubuntu1

---------------
perl (5.26.0-8ubuntu1) artful; urgency=medium

  * Build-depend on libc6-dev (>= 2.26).
  * Restore the SIGUNUSED signal. LP: #1717367.
  * Changes can be dropped with the next perl ABI bump, or with a perl
    upstream fix to restore ABI compatibility with glibc-2.26.

perl (5.26.0-8) unstable; urgency=high

  * [SECURITY] CVE-2017-12837: Fix a heap buffer overflow in regular
    expression compiler. (Closes: #875596)
  * [SECURITY] CVE-2017-12883: Fix a buffer over-read in regular
    expression parser.   (Closes: #875597)

 -- Matthias Klose <doko@xxxxxxxxxx>  Fri, 15 Sep 2017 18:13:42 +0200

** Changed in: perl (Ubuntu)
       Status: New => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-12837

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-12883

-- 
You received this bug notification because you are a member of Debian
Perl Group, which is subscribed to libanyevent-perl in Ubuntu.
https://bugs.launchpad.net/bugs/1717367

Title:
  FTBFS: segfaults in testsuite with perl 5.26.0-7

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1717367/+subscriptions

References

[Bug 1717367] [NEW] FTBFS: segfaults in testsuite with perl 5.26.0-7
From: Steve Langasek, 2017-09-14