Candidate: CVE-2014-0477
PublicDate: 2014-07-03 17:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0477
 http://seclists.org/oss-sec/2014/q2/563
Description:
 The parse function in Email::Address module before 1.905 for Perl uses an
 inefficient regular expression, which allows remote attackers to cause a
 denial of service (CPU consumption) via an empty quoted string in an RFC
 2822 address.
Ubuntu-Description:
Notes:
 mdeslaur> fixes in both 1.904 and 1.905 (and maybe before?)
Bugs:
Priority: low
Discovered-by: Bastian Blank
Assigned-to:
CVSS: 

Patches_libemail-address-perl:
upstream_libemail-address-perl: released (1.905-1)
lucid_libemail-address-perl: ignored (reached end-of-life)
precise_libemail-address-perl: ignored (reached end-of-life)
precise/esm_libemail-address-perl: DNE (precise was needed)
saucy_libemail-address-perl: ignored (reached end-of-life)
trusty_libemail-address-perl: ignored (reached end-of-life)
trusty/esm_libemail-address-perl: DNE (trusty was needed)
utopic_libemail-address-perl: not-affected (1.905-2)
vivid_libemail-address-perl: not-affected (1.905-2)
vivid/stable-phone-overlay_libemail-address-perl: DNE
vivid/ubuntu-core_libemail-address-perl: DNE
wily_libemail-address-perl: not-affected (1.905-2)
xenial_libemail-address-perl: not-affected (1.905-2)
yakkety_libemail-address-perl: not-affected (1.905-2)
zesty_libemail-address-perl: not-affected (1.905-2)
artful_libemail-address-perl: not-affected (1.905-2)
bionic_libemail-address-perl: not-affected (1.905-2)
cosmic_libemail-address-perl: not-affected (1.905-2)
disco_libemail-address-perl: not-affected (1.905-2)
devel_libemail-address-perl: not-affected (1.905-2)