For certain types of syntax error in a regular expression pattern, the error message could either contain the contents of a random, possibly large, chunk of memory, or could crash perl. Upstream patch: https://perl5.git.perl.org/perl.git/commitdiff/2be4edede4ae226e2eebd4eff28cedd2041f300f Bug report : https://rt.perl.org/Public/Bug/Display.html?id=131598
Created perl tracking bugs for this issue: Affects: fedora-all [bug 1492094]
Statement: Perl as shipped in Red Hat Enterprise Linux 7 and older have not been found to be vulnerable. This vulnerability was not present in perl versions older than 5.20.
perl-5.26.1-401.fc27 has been pushed to the Fedora 27 stable repository. If problems still persist, please make note of it in this bug report.
perl-5.24.3-395.fc26 has been pushed to the Fedora 26 stable repository. If problems still persist, please make note of it in this bug report.
perl-5.24.3-389.fc25 has been pushed to the Fedora 25 stable repository. If problems still persist, please make note of it in this bug report.