CVE-2018-18312

Priority
Description
Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a
crafted regular expression that triggers invalid write operations.
Notes
 upstream> 5.18 - 5.28
 mdeslaur> looks to me like this was introduced by:
 mdeslaur> https://perl5.git.perl.org/perl.git/commit/6798c95dd27b33efd71f394c18649af7bbaf42b7
 mdeslaur> trusty doesn't look affected
Assigned-to
mdeslaur
Package
Source: perl (LP Ubuntu Debian)
Upstream:released (5.28.1-1)
Ubuntu 12.04 ESM (Precise Pangolin):not-affected
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (5.18.2-2ubuntu1.6)
Ubuntu 16.04 LTS (Xenial Xerus):released (5.22.1-9ubuntu0.6)
Ubuntu 18.04 LTS (Bionic Beaver):released (5.26.1-6ubuntu0.3)
Ubuntu 18.10 (Cosmic Cuttlefish):released (5.26.2-7ubuntu0.1)
Ubuntu 19.04 (Disco Dingo):pending (5.28.1-1)
More Information

Updated: 2018-12-12 13:14:25 UTC (commit 9bdb6d393d16e0897184b76368b890e67954fdf4)