Download
| Alert*
oval:org.secpod.oval:def:201611
Perl is a high-level programming language commonly used for system administration utilities and web programming. It was found that the "new" constructor of the Digest module used its argument as part of the string expression passed to the eval function. An attacker could possibly use this ... oval:org.secpod.oval:def:500238 Perl is a high-level programming language commonly used for system administration utilities and web programming. It was found that the "new" constructor of the Digest module used its argument as part of the string expression passed to the eval function. An attacker could possibly use this ... oval:org.secpod.oval:def:201479 Perl is a high-level programming language commonly used for system administration utilities and web programming. It was found that the "new" constructor of the Digest module used its argument as part of the string expression passed to the eval function. An attacker could possibly use this ... oval:org.secpod.oval:def:500203 Perl is a high-level programming language commonly used for system administration utilities and web programming. The Perl CGI module provides resources for preparing and processing Common Gateway Interface based HTTP requests and responses. It was found that the Perl CGI module used a hard-coded va ... oval:org.secpod.oval:def:500286 Perl is a high-level programming language commonly used for system administration utilities and web programming. The Safe extension module allows users to compile and execute Perl code in restricted compartments. The File::Path module allows users to create and remove directory trees. The Safe modul ... oval:org.secpod.oval:def:201954 Perl is a high-level programming language commonly used for system administration utilities and web programming. The Safe extension module allows users to compile and execute Perl code in restricted compartments. The File::Path module allows users to create and remove directory trees. The Safe modul ... oval:org.secpod.oval:def:201888 Perl is a high-level programming language commonly used for system administration utilities and web programming. The Safe extension module allows users to compile and execute Perl code in restricted compartments. The File::Path module allows users to create and remove directory trees. The Safe modul ... oval:org.secpod.oval:def:1800088 perl is installed oval:org.secpod.oval:def:1801255 CVE-2018-16843: Excessive memory consumption via flaw in HTTP/2 implementation¶ Affected Versions:¶ nginx 1.9.5 - 1.15.5. Fixed In Version:¶ nginx 1.15.6, nginx 1.14.1 oval:org.secpod.oval:def:602327 David Golden of MongoDB discovered that File::Spec::canonpath in Perl returned untainted strings even if passed tainted input. This defect undermines taint propagation, which is sometimes used to ensure that unvalidated user input does not reach sensitive code. The oldstable distribution is not aff ... oval:org.secpod.oval:def:110284 Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl"s hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl"s most common appli ... oval:org.secpod.oval:def:600572 Mark Martinec discovered that Perl incorrectly clears the tainted flag on values returned by case conversion functions such as "lc". This may expose preexisting vulnerabilities in applications which use these functions while processing untrusted input. No such applications are known at thi ... oval:org.secpod.oval:def:89002146 This update for perl fixes the following issues: Security issue fixed: - CVE-2018-6913: Fixed space calculation issues in pp_pack.c . - CVE-2018-6798: Fixed heap buffer overflow in regexec.c . oval:org.secpod.oval:def:703008 perl: Practical Extraction and Report Language Several security issues were fixed in Perl. oval:org.secpod.oval:def:89044661 This update for perl fixes the following issues: Security issues fixed: - CVE-2017-12837: Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service via a regular expression with a " ... oval:org.secpod.oval:def:89002254 This update for perl fixes the following issues: - CVE-2018-12015: The Archive::Tar module allowed remote attackers to bypass a directory-traversal protection mechanism and overwrite arbitrary files . oval:org.secpod.oval:def:701739 perl is installed oval:org.secpod.oval:def:702942 perl: Practical Extraction and Report Language Perl incorrectly handled the taint attribute. oval:org.secpod.oval:def:110471 Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl"s hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl"s most common appli ... oval:org.secpod.oval:def:600580 It was discovered that Perl"s Safe module - a module to compile and execute code in restricted compartments - could by bypassed. Please note that this update is known to break Petal, an XML-based templating engine . A fix is not yet available. If you use Petal, you might consider to put the previous ... oval:org.secpod.oval:def:49674 perl: Practical Extraction and Report Language Several security issues were fixed in Perl. oval:org.secpod.oval:def:89003044 This update for perl fixes the following issues: Security issue fixed: - CVE-2018-18311: Fixed integer overflow with oversize environment . oval:org.secpod.oval:def:110250 Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl"s hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl"s most common appli ... oval:org.secpod.oval:def:89044617 This update for perl fixes the following issues: Security issue fixed: - CVE-2017-6512: Race condition in the rmtree and remove_tree functions in the File-Path module before 2.13 for Perl allows attackers to set the mode on arbitrary files via vectors involving directory-permission loosening logic. ... oval:org.secpod.oval:def:203099 perl is installed oval:org.secpod.oval:def:1801090 In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. oval:org.secpod.oval:def:1801091 In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. oval:org.secpod.oval:def:1801087 In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. oval:org.secpod.oval:def:1801089 In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. oval:org.secpod.oval:def:1601238 A heap-based buffer overflow flaw was found in the way Perl decoded Unicode strings. An attacker could create a malicious Unicode string that, when decoded by a Perl program, would cause the program to crash or, potentially, execute arbitrary code with the permissions of the user running the program ... oval:org.secpod.oval:def:3301266 SUSE Security Update: Security update for perl oval:org.secpod.oval:def:89045212 This update for perl fixes the following issues: - CVE-2016-6185: xsloader looking at a directory [bsc#988311] - CVE-2016-1238: searching current directory for optional modules [bsc#987887] - CVE-2015-8853: regex engine hanging on bad utf8 [bnc976584] - CVE-2016-2381: environment dup handling bug [ ... oval:org.secpod.oval:def:602400 Stephane Chazelas discovered a bug in the environment handling in Perl. Perl provides a Perl-space hash variable, %ENV, in which environment variables can be looked up. If a variable appears twice in envp, only the last value would appear in %ENV, but getenv would return the first. Perl"s taint secu ... oval:org.secpod.oval:def:52724 perl: Practical Extraction and Report Language Several security issues were fixed in Perl. oval:org.secpod.oval:def:1801260 CVE-2018-18311: Integer overflow leading to buffer overflow¶ A flaw was found in Perl versions 5.8.0 through 5.28. An Integer overflow leading to buffer overflow in Perl_my_setenv function in util.c Fixed In Version:¶ perl 5.29.1, perl 5.26.3 oval:org.secpod.oval:def:1600986 Perl has a buffer overflow via a crafted regular expression that triggers invalid write operations oval:org.secpod.oval:def:1801258 CVE-2018-18311: Integer overflow leading to buffer overflow¶ A flaw was found in Perl versions 5.8.0 through 5.28. An Integer overflow leading to buffer overflow in Perl_my_setenv function in util.c Fixed In Version:¶ perl 5.29.1, perl 5.26.3 oval:org.secpod.oval:def:1801259 CVE-2018-18311: Integer overflow leading to buffer overflow¶ A flaw was found in Perl versions 5.8.0 through 5.28. An Integer overflow leading to buffer overflow in Perl_my_setenv function in util.c Fixed In Version:¶ perl 5.29.1, perl 5.26.3 oval:org.secpod.oval:def:1800747 CVE-2017-12837: Heap-based buffer overflow in the regular expression compiler in PERL before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service via a crafted regular expression with the case-insensitive modifier. oval:org.secpod.oval:def:1800087 CVE-2017-12837: Heap-based buffer overflow in the regular expression compiler in PERL before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service via a crafted regular expression with the case-insensitive modifier. oval:org.secpod.oval:def:110885 Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most comm ... oval:org.secpod.oval:def:110874 Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most comm ... oval:org.secpod.oval:def:110869 Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most comm ... oval:org.secpod.oval:def:111239 Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most comm ... oval:org.secpod.oval:def:707829 perl: Practical Extraction and Report Language Details: USN-5689-1 fixed a vulnerability in Perl. This update provides the corresponding update for Ubuntu 22.10. Original advisory Perl could be made to by pass signature verification. oval:org.secpod.oval:def:36409 The host is installed with Perl on RHEL 5, 6 or 7 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploiation could allow attackers to access directories without permissions. oval:org.secpod.oval:def:701086 perl: Larry Wall"s Practical Extraction and Report Language Perl programs could be made to crash or run programs if they receive specially crafted network traffic or other input. oval:org.secpod.oval:def:202651 Perl is a high-level programming language commonly used for system administration utilities and web programming. A heap overflow flaw was found in Perl. If a Perl application allowed user input to control the count argument of the string repeat operator, an attacker could cause the application to cr ... oval:org.secpod.oval:def:202650 Perl is a high-level programming language commonly used for system administration utilities and web programming. A heap overflow flaw was found in Perl. If a Perl application allowed user input to control the count argument of the string repeat operator, an attacker could cause the application to cr ... oval:org.secpod.oval:def:1503218 Updated perl packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available for ... oval:org.secpod.oval:def:501032 Perl is a high-level programming language commonly used for system administration utilities and web programming. A heap overflow flaw was found in Perl. If a Perl application allowed user input to control the count argument of the string repeat operator, an attacker could cause the application to cr ... oval:org.secpod.oval:def:701223 perl: Practical Extraction and Report Language Perl could be made to stop responding if it received specially crafted input. oval:org.secpod.oval:def:600984 Yves Orton discovered a flaw in the rehashing code of Perl. This flaw could be exploited to carry out a denial of service attack against code that uses arbitrary user input as hash keys. Specifically an attacker could create a set of keys of a hash causing a denial of service via memory exhaustion. oval:org.secpod.oval:def:1500133 Updated perl packages that fix multiple security issues now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are availabl ... oval:org.secpod.oval:def:1500136 Updated perl packages that fix multiple security issues now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are availabl ... oval:org.secpod.oval:def:1600302 A heap overflow flaw was found in Perl. If a Perl application allowed user input to control the count argument of the string repeat operator, an attacker could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. A denial of ... oval:org.secpod.oval:def:500250 Perl is a high-level programming language commonly used for system administration utilities and web programming. A heap-based buffer overflow flaw was found in the way Perl decoded Unicode strings. An attacker could create a malicious Unicode string that, when decoded by a Perl program, would cause ... oval:org.secpod.oval:def:600926 Two vulnerabilities were discovered in the implementation of the Perl programming language: CVE-2012-5195 The "x" operator could cause the Perl interpreter to crash if very long strings were created. CVE-2012-5526 The CGI module does not properly escape LF characters in the Set-Cookie and ... oval:org.secpod.oval:def:602570 Multiple vulnerabilities were discovered in the implementation of the Perl programming language. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2016-1238 John Lightsey and Todd Rinaldo reported that the opportunistic loading of optional modules can make many ... oval:org.secpod.oval:def:52922 perl: Practical Extraction and Report Language Several security issues were fixed in Perl. oval:org.secpod.oval:def:704051 perl: Practical Extraction and Report Language Several security issues were fixed in Perl. oval:org.secpod.oval:def:602923 The cPanel Security Team reported a time of check to time of use race condition flaw in File::Path, a core module from Perl to create or remove directory trees. An attacker can take advantage of this flaw to set the mode on an attacker-chosen file to a attacker-chosen value. oval:org.secpod.oval:def:89047555 This update for perl fixes the following issues: - CVE-2017-6512: Fixed File::Path rmtree/remove_tree race condition . oval:org.secpod.oval:def:205144 Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fix: * perl: Integer overflow leading to buffer overflow in Perl_my_setenv For more details about the security issue, including the impact, a CVSS score, and other relat ... oval:org.secpod.oval:def:89049659 This update for perl fixes the following issues: Secuirty issues fixed: - CVE-2018-18311: Fixed integer overflow with oversize environment . - CVE-2018-18312: Fixed heap-buffer-overflow write / reg_node overrun . - CVE-2018-18313: Fixed heap-buffer-overflow read if regex contains \0 chars . - CVE-20 ... oval:org.secpod.oval:def:51028 perl: Practical Extraction and Report Language Several security issues were fixed in Perl. oval:org.secpod.oval:def:502593 Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fix: * perl: Integer overflow leading to buffer overflow in Perl_my_setenv For more details about the security issue, including the impact, a CVSS score, and other relat ... oval:org.secpod.oval:def:115623 Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most comm ... oval:org.secpod.oval:def:53470 Multiple vulnerabilities were discovered in the implementation of the Perl programming language. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2018-18311 Jayakrishna Menon and Christophe Hauser discovered an integer overflow vulnerability in Perl_my_setenv l ... oval:org.secpod.oval:def:115585 Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most comm ... oval:org.secpod.oval:def:1502422 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:603581 Multiple vulnerabilities were discovered in the implementation of the Perl programming language. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2018-18311 Jayakrishna Menon and Christophe Hauser discovered an integer overflow vulnerability in Perl_my_setenv l ... oval:org.secpod.oval:def:49675 perl: Practical Extraction and Report Language Several security issues were fixed in Perl. oval:org.secpod.oval:def:52203 perl: Practical Extraction and Report Language Several security issues were fixed in Perl. oval:org.secpod.oval:def:1700117 Perl has a buffer overflow via a crafted regular expression that triggers invalid write operations. oval:org.secpod.oval:def:603428 Jakub Wilk discovered a directory traversal flaw in the Archive::Tar module, allowing an attacker to overwrite any file writable by the extracting user via a specially crafted tar archive. oval:org.secpod.oval:def:89049655 This update for perl fixes the following issues: - CVE-2018-12015: The Archive::Tar module allowed remote attackers to bypass a directory-traversal protection mechanism and overwrite arbitrary files oval:org.secpod.oval:def:53350 Jakub Wilk discovered a directory traversal flaw in the Archive::Tar module, allowing an attacker to overwrite any file writable by the extracting user via a specially crafted tar archive. oval:org.secpod.oval:def:704204 perl: Practical Extraction and Report Language Perl could be made to overwrite arbitrary files if it received a specially crafted archive file. oval:org.secpod.oval:def:51088 perl: Practical Extraction and Report Language Perl could be made to overwrite arbitrary files if it received a specially crafted archive file. oval:org.secpod.oval:def:113317 Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most comm ... oval:org.secpod.oval:def:113675 Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most comm ... oval:org.secpod.oval:def:52097 perl: Practical Extraction and Report Language Perl could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:113291 Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most comm ... oval:org.secpod.oval:def:704227 perl: Practical Extraction and Report Language Perl could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:1800471 CVE-2017-12837: Heap-based buffer overflow in the regular expression compiler in PERL before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service via a crafted regular expression with the case-insensitive modifier. oval:org.secpod.oval:def:1800302 CVE-2016-1238: loading of modules from current directory Fixed In Version: perl 5.22.3, perl 5.24.1 oval:org.secpod.oval:def:53142 Multiple vulnerabilities were discovered in the implementation of the Perl programming language. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2017-12837 Jakub Wilk reported a heap buffer overflow flaw in the regular expression compiler, allowing a remote at ... oval:org.secpod.oval:def:603113 Multiple vulnerabilities were discovered in the implementation of the Perl programming language. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2017-12837 Jakub Wilk reported a heap buffer overflow flaw in the regular expression compiler, allowing a remote at ... oval:org.secpod.oval:def:1504640 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1504893 [4:5.26.3-419] - Fix CVE-2020-10543 - Fix CVE-2020-10878 - Fix a file mode of a perl-example.stp example [4:5.26.3-418] - Fix CVE-2020-12723 oval:org.secpod.oval:def:2500226 Perl is a high-level programming language that is commonly used for system administration utilities and web programming. oval:org.secpod.oval:def:4501273 Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fix: * perl: heap-based buffer overflow in regular expression compiler leads to DoS * perl: corruption of intermediate language state of compiled regular expression due ... oval:org.secpod.oval:def:73595 Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fix: * perl: heap-based buffer overflow in regular expression compiler leads to DoS * perl: corruption of intermediate language state of compiled regular expression due ... oval:org.secpod.oval:def:2003881 Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection. oval:org.secpod.oval:def:2500323 Perl is a high-level programming language that is commonly used for system administration utilities and web programming. oval:org.secpod.oval:def:1504617 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:2003883 Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow. oval:org.secpod.oval:def:2003882 regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls. oval:org.secpod.oval:def:205837 Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fix: * perl: heap-based buffer overflow in regular expression compiler leads to DoS * perl: corruption of intermediate language state of compiled regular expression due ... oval:org.secpod.oval:def:19500260 HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates oval:org.secpod.oval:def:96344 perl: Practical Extraction and Report Language Perl could be made to install modules from untrusted sources. oval:org.secpod.oval:def:51536 perl: Practical Extraction and Report Language Several security issues were fixed in Perl. oval:org.secpod.oval:def:89044012 This update for perl fixes the following issues: These security issue were fixed: - CVE-2018-6913: Fixed space calculation issues in pp_pack.c . - CVE-2018-6798: Fixed heap buffer overflow in regexec.c . - CVE-2018-6797: Fixed sharp-s regexp overflow . - CVE-2018-12015: The Archive::Tar module allow ... oval:org.secpod.oval:def:114477 Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most comm ... oval:org.secpod.oval:def:114310 Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most comm ... oval:org.secpod.oval:def:603362 Multiple vulnerabilities were discovered in the implementation of the Perl programming language. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2018-6797 Brian Carpenter reported that a crafted regular expression could cause a heap buffer write overflow, with ... oval:org.secpod.oval:def:89002185 This update for perl fixes the following issues: Security issues fixed: - CVE-2018-6913: Fixed space calculation issues in pp_pack.c . - CVE-2018-6798: Fixed heap buffer overflow in regexec.c . - CVE-2018-6797: Fixed sharp-s regexp overflow . oval:org.secpod.oval:def:114298 Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most comm ... oval:org.secpod.oval:def:53303 Multiple vulnerabilities were discovered in the implementation of the Perl programming language. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2018-6797 Brian Carpenter reported that a crafted regular expression could cause a heap buffer write overflow, with ... oval:org.secpod.oval:def:45091 perl: Practical Extraction and Report Language Several security issues were fixed in Perl. oval:org.secpod.oval:def:45092 perl: Practical Extraction and Report Language Several security issues were fixed in Perl. oval:org.secpod.oval:def:97565 [CLSA-2021:1632328234] Fixed CVE-2020-10878 in perl-5.10.1 oval:org.secpod.oval:def:97566 [CLSA-2021:1632328264] Fixed CVE-2020-10543 in perl-5.10.1 oval:org.secpod.oval:def:97653 [CLSA-2022:1657561005] Fixed CVE-2020-12723 in perl-5.10.1 oval:org.secpod.oval:def:97687 [CLSA-2022:1668120434] perl: Fix of CVE-2020-16156 oval:org.secpod.oval:def:1504873 [4:5.10.1-144.0.1] - Backport patch for CVE-2020-10543 [Orabug: 32855589] - Backport patch for CVE-2020-10878 [Orabug: 32855589] - Backport patch for CVE-2020-12723 [Orabug: 32855589] oval:org.secpod.oval:def:96491 perl: Practical Extraction and Report Language Several security issues were fixed in Perl. oval:org.secpod.oval:def:126847 Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl;s hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl;s most common appli ... oval:org.secpod.oval:def:96471 perl: Practical Extraction and Report Language Several security issues were fixed in Perl. oval:org.secpod.oval:def:126896 Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most common appli ... oval:org.secpod.oval:def:19500530 A crafted regular expression when compiled by perl 5.30.0 through 5.38.0 can cause a one-byte attacker controlled buffer overflow in a heap allocated buffer oval:org.secpod.oval:def:91496 perl: Practical Extraction and Report Language Details: USN-6112-1 fixed vulnerabilities in Perl. This update provides the corresponding updates for Linux Mint 20.x LTS, Linux Mint 21.x LTS, Ubuntu 22.10, and Ubuntu 23.04. Original advisory Perl could be made to install modules from untrusted source ... oval:org.secpod.oval:def:89051445 This update for perl fixes the following issues: * CVE-2023-31484: Enable TLS cert verification in CPAN . oval:org.secpod.oval:def:19500088 HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates oval:org.secpod.oval:def:708213 perl: Practical Extraction and Report Language Details: USN-6112-1 fixed vulnerabilities in Perl. This update provides the corresponding updates for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04. Original advisory Perl could be made to install modules from untrusted sources. |