ArchLinux: 201905-7: perl-email-address: denial of service
Summary
perl-email-address 1.909 is vulnerable to Algorithm Complexity problem and can cause Denial of Service when attacker prepares specially crafted input.
Resolution
Upgrade to 1.912-1.
# pacman -Syu "perl-email-address>=1.912-1"
The problem has been fixed upstream in version 1.912.
References
https://github.com/Perl-Email-Project/Email-Address/issues/19 https://www.openwall.com/lists/oss-security/2018/06/19/3 https://security.archlinux.org/CVE-2018-12558
Workaround
None.