Package "libcgi-fast-perl"
Name: |
libcgi-fast-perl
|
Description: |
CGI::Fast Perl module
|
Latest version: |
5.14.2-6ubuntu2.11 |
Release: |
precise (12.04) |
Level: |
updates |
Repository: |
universe |
Head package: |
perl |
Links
Download "libcgi-fast-perl"
Other versions of "libcgi-fast-perl" in Precise
Changelog
perl (5.14.2-6ubuntu2.11) precise-security; urgency=medium
[ Marc Deslauriers ]
* SECURITY UPDATE: heap buffer overflow in regex compiler
- debian/patches/CVE-2020-10543.patch: prevent integer overflow
from nested regex quantifiers in regcomp.c.
- CVE-2020-10543
* SECURITY UPDATE: regex intermediate language state corruption
- debian/patches/CVE-2020-10878.patch: extract
rck_elide_nothing in embed.fnc, embed.h, proto.h, regcomp.c.
- CVE-2020-10878
* SECURITY UPDATE: regex intermediate language state corruption
- debian/patches/CVE-2020-12723.patch: avoid mutating regexp
program within GOSUB in embed.fnc, embed.h, proto.h, regcomp.c,
t/re/pat.t.
- CVE-2020-12723
* debian/patches/fix_test_2020.patch: fix FTBFS caused by test
failing in the year 2020 in cpan/Time-Local/t/Local.t.
-- <email address hidden> (Leonidas S. Barbosa) Mon, 26 Oct 2020 09:21:23 -0300
|
Source diff to previous version |
CVE-2020-10543 |
Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow. |
CVE-2020-10878 |
Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could l |
CVE-2020-12723 |
regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls. |
|
perl (5.14.2-6ubuntu2.5) precise-security; urgency=medium
* SECURITY UPDATE: denial of service via regular expression invalid
backreference
- debian/patches/CVE-2013-7422.patch: properly handle big
backreferences in regcomp.c.
- CVE-2013-7422
* SECURITY UPDATE: denial of service in Data::Dumper
- debian/patches/CVE-2014-4330.patch: limit recursion in MANIFEST,
dist/Data-Dumper/Dumper.pm, dist/Data-Dumper/Dumper.xs,
dist/Data-Dumper/t/recurse.t.
- CVE-2014-4330
* SECURITY UPDATE: environment variable confusion issue
- debian/patches/CVE-2016-2381.patch: remove duplicate environment
variables from environ in perl.c.
- CVE-2016-2381
-- Marc Deslauriers <email address hidden> Tue, 01 Mar 2016 11:02:10 -0500
|
Source diff to previous version |
CVE-2013-7422 |
Integer underflow in regcomp.c in Perl before 5.20, as used in Apple OS X before 10.10.5 and other products, allows context-dependent attackers to ex |
CVE-2014-4330 |
The Dumper method in Data::Dumper before 2.154, as used in Perl 5.20.1 and earlier, allows context-dependent attackers to cause a denial of service ( |
|
perl (5.14.2-6ubuntu2.4) precise-security; urgency=medium
* SECURITY UPDATE: arbitrary command execution via _compile function in
Maketext.pm
- debian/patches/CVE-2012-6329.patch: escape backslashes and reject
method names with colons or apostrophes in
dist/Locale-Maketext/lib/Locale/Maketext.pm.
- CVE-2012-6329
-- Marc Deslauriers <email address hidden> Tue, 04 Feb 2014 16:02:26 -0500
|
Source diff to previous version |
CVE-2012-6329 |
The _compile function in Maketext.pm in the Locale::Maketext ... |
|
perl (5.14.2-6ubuntu2.3) precise-security; urgency=low
* SECURITY UPDATE: algorithmic complexity attack on hash keys
- debian/patches/CVE-2013-1667.patch: fix hsplit() in hv.c, fix tests
in ext/Hash-Util-FieldHash/t/10_hash.t, t/op/hash.t.
- CVE-2013-1667
-- Marc Deslauriers <email address hidden> Mon, 18 Mar 2013 10:48:33 -0400
|
Source diff to previous version |
CVE-2013-1667 |
The rehash mechanism in Perl 5.8.2 through 5.16.x allows context-dependent attackers to cause a denial of service (memory consumption and crash) via |
|
perl (5.14.2-6ubuntu2.2) precise-security; urgency=low
* SECURITY UPDATE: Heap overflow in "x" operator (LP: #1069034)
- CVE-2012-5195
* SECURITY UPDATE: CGI.pm improper cookie and p3p CRLF escaping
- CVE-2012-5526
-- Seth Arnold <email address hidden> Mon, 26 Nov 2012 11:27:58 -0800
|
1069034 |
[CVE-2012-5195] heap buffer overrun with the 'x' string repeat operator |
CVE-2012-5195 |
perl: segfaults when echoing a very long string |
CVE-2012-5526 |
CGI.pm module before 3.63 for Perl does not properly escape newlines in (1) Set-Cookie or (2) P3P headers, which might allow remote attackers to inje |
|
About
-
Send Feedback to @ubuntu_updates