UbuntuUpdates.org

Package "perl"

Name: perl

Description:

Larry Wall's Practical Extraction and Report Language
Latest version: 5.26.1-6ubuntu0.3
Release: bionic (18.04)
Level: updates
Repository: main
Homepage: http://dev.perl.org/perl5/

Links

Save this URL for the latest version of "perl": https://www.ubuntuupdates.org/perl

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "perl"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "perl" in Bionic

Repository Area Version
base main 5.26.1-6
security main 5.26.1-6ubuntu0.3

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 5.26.1-6ubuntu0.3 2018-12-03 20:06:55 UTC

  perl (5.26.1-6ubuntu0.3) bionic-security; urgency=medium

  * SECURITY UPDATE: Integer overflow leading to buffer overflow
    - debian/patches/fixes/CVE-2018-18311.patch: handle integer wrap in
      util.c.
    - CVE-2018-18311
  * SECURITY UPDATE: Heap-buffer-overflow write / reg_node overrun
    - debian/patches/fixes/CVE-2018-18312.patch: fix logic in regcomp.c.
    - CVE-2018-18312
  * SECURITY UPDATE: Heap-buffer-overflow read
    - debian/patches/fixes/CVE-2018-18313.patch: convert some strchr to
      memchr in regcomp.c.
    - CVE-2018-18313
  * SECURITY UPDATE: Heap-based buffer overflow
    - debian/patches/fixes/CVE-2018-18314.patch: fix extended charclass in
      pod/perldiag.pod, pod/perlrecharclass.pod, regcomp.c,
      t/lib/warnings/regcomp, t/re/reg_mesg.t, t/re/regex_sets.t.
    - CVE-2018-18314

 -- Marc Deslauriers <email address hidden> Mon, 19 Nov 2018 10:54:44 -0500
Source diff to previous version
CVE-2018-18311 Integer overflow leading to buffer overflow and segmentation fault
CVE-2018-18312 Heap-buffer-overflow write in S_regatom (regcomp.c)
CVE-2018-18313 Heap-buffer-overflow read in regcomp.c
CVE-2018-18314 Heap-based buffer overflow

Version: 5.26.1-6ubuntu0.2 2018-07-23 18:06:39 UTC

  perl (5.26.1-6ubuntu0.2) bionic; urgency=high

  * No change rebuild to fix LP: #1574351

 -- Balint Reczey <email address hidden> Wed, 18 Jul 2018 16:21:03 +0200
Source diff to previous version
1574351 package libperl5.22 5.22.1-9 failed to install/upgrade: trying to overwrite shared '/usr/share/doc/libperl5.22/changelog.Debian.gz', which is differe

Version: 5.26.1-6ubuntu0.1 2018-06-13 18:07:00 UTC

  perl (5.26.1-6ubuntu0.1) bionic-security; urgency=medium

  * SECURITY UPDATE: Directory traversal vulnerability
    - debian/patches/fixes/CVE-2018-12015.patch: fix ing
      cpan/Archive-Tar/lib/Archive/Tar.pm.
    - CVE-2018-12015

 -- <email address hidden> (Leonidas S. Barbosa) Tue, 12 Jun 2018 16:32:02 -0300
CVE-2018-12015 In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary


About   -   Send Feedback to @ubuntu_updates