Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

Fedora 38: 2023-9ef8a60a05 critical: Perl buffer overflow fix

fedora
Calendar Grey December 17, 2023
Dist Fedora Esm H88
An update for Fedora 38 addresses CVE-2023-47039, concerning the handling of Python’s memory allocation strategies.
Security fix for CVE-2023-47038

Summary

Perl is a high-level programming language with roots in C, sed, awk and shell

scripting. Perl is good at handling processes and files, and is especially

good at handling text. Perl's hallmarks are practicality and efficiency.

While it is used to do a lot of different things, Perl's most common

applications are system administration utilities and web programming.

This is a metapackage with all the Perl bits and core modules that can be

found in the upstream tarball from perl.org.

If you need only a specific feature, you can install a specific package

instead. E.g. to handle Perl scripts with /usr/bin/perl interpreter,

install perl-interpreter package. See perl-interpreter description for more

details on the Perl decomposition into packages.

Update Information:

Security fix for CVE-2023-47038

Change Log

* Thu Nov 30 2023 Jitka Plesnikova - 4:5.36.3-498 - 5.36.3 bump (see or release notes)

References


[ 1 ] Bug #2251622 - CVE-2023-47038 perl: Write past buffer end via illegal user-defined Unicode property [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2251622

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-9ef8a60a05' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: perl
Product: Fedora 38
Version: 5.36.3
Release: 498.fc38
Summary: Practical Extraction and Report Language

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here