Bug 443928 (CVE-2008-1927)
Summary: | CVE-2008-1927 perl: heap corruption by regular expressions with utf8 characters | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | [Other] Security Response | Reporter: | Tomas Hoger <thoger> | ||||||||
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> | ||||||||
Status: | CLOSED ERRATA | QA Contact: | |||||||||
Severity: | high | Docs Contact: | |||||||||
Priority: | high | ||||||||||
Version: | unspecified | CC: | kasal, kreilly, mmaslano, rc040203, robin.norwood, tcallawa | ||||||||
Target Milestone: | --- | Keywords: | Security | ||||||||
Target Release: | --- | ||||||||||
Hardware: | All | ||||||||||
OS: | Linux | ||||||||||
URL: | http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1927 | ||||||||||
Whiteboard: | |||||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||||
Doc Text: | Story Points: | --- | |||||||||
Clone Of: | Environment: | ||||||||||
Last Closed: | 2008-06-17 16:20:36 UTC | Type: | --- | ||||||||
Regression: | --- | Mount Type: | --- | ||||||||
Documentation: | --- | CRM: | |||||||||
Verified Versions: | Category: | --- | |||||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||||
Embargoed: | |||||||||||
Bug Depends On: | 449319, 449320, 449321, 449322, 449323, 449324, 466966, 466967 | ||||||||||
Bug Blocks: | 466968 | ||||||||||
Attachments: |
|
Description
Tomas Hoger
2008-04-24 07:10:09 UTC
Created attachment 303744 [details] Patch from DSA-1556-1 http://www.debian.org/security/2008/dsa-1556 http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=26;filename=27_fix_regcomp_utf8;att=1;bug=454792 Created attachment 303746 [details]
Test case extracted from Debian patch
Created attachment 303751 [details] Test case from Debian bug #454792 perl-5.8.8-39.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report. perl-5.8.8-29.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report. it seems that segfaults can be produced in RHEL-3, RHEL-4, and RHEL-5 with test case attachment in #2. Is this issue being addressed for RHEL? This issue was addressed in: Red Hat Application Stack: http://rhn.redhat.com/errata/RHSA-2008-0532.html Red Hat Enterprise Linux: http://rhn.redhat.com/errata/RHSA-2008-0522.html Fedora: https://admin.fedoraproject.org/updates/F7/FEDORA-2008-3399 https://admin.fedoraproject.org/updates/F8/FEDORA-2008-3392 This issue has been addressed in following products: Red Hat Certificate System 7.3 Via RHSA-2010:0602 https://rhn.redhat.com/errata/RHSA-2010-0602.html |