RedHat: RHSA-2021-1678:01 Moderate: perl security and bug fix updat...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: perl security and bug fix update
Advisory ID:       RHSA-2021:1678-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2021:1678
Issue date:        2021-05-18
CVE Names:         CVE-2020-10543 CVE-2020-10878 
=====================================================================

1. Summary:

An update for perl is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64
Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

Perl is a high-level programming language that is commonly used for system
administration utilities and web programming.

Security Fix(es):

* perl: heap-based buffer overflow in regular expression compiler leads to
DoS (CVE-2020-10543)

* perl: corruption of intermediate language state of compiled regular
expression due to integer overflow leads to DoS (CVE-2020-10878)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.4 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1807120 - perl-5.26.3-416.el8 FTBFS: ../cpan/Time-Local/t/Local.t test fails in year 2020
1837975 - CVE-2020-10543 perl: heap-based buffer overflow in regular expression compiler leads to DoS
1837988 - CVE-2020-10878 perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS
1903503 - perl-libs: Missing dependency on perl-Encode
1913693 - Not strict restrictive permissions in the doc folders: perl-devel

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

aarch64:
perl-5.26.3-419.el8.aarch64.rpm
perl-Devel-Peek-1.26-419.el8.aarch64.rpm
perl-Devel-Peek-debuginfo-1.26-419.el8.aarch64.rpm
perl-IO-debuginfo-1.38-419.el8.aarch64.rpm
perl-Time-Piece-1.31-419.el8.aarch64.rpm
perl-Time-Piece-debuginfo-1.31-419.el8.aarch64.rpm
perl-debuginfo-5.26.3-419.el8.aarch64.rpm
perl-debugsource-5.26.3-419.el8.aarch64.rpm
perl-devel-5.26.3-419.el8.aarch64.rpm
perl-interpreter-debuginfo-5.26.3-419.el8.aarch64.rpm
perl-libs-debuginfo-5.26.3-419.el8.aarch64.rpm
perl-tests-5.26.3-419.el8.aarch64.rpm

noarch:
perl-Attribute-Handlers-0.99-419.el8.noarch.rpm
perl-Devel-SelfStubber-1.06-419.el8.noarch.rpm
perl-ExtUtils-Embed-1.34-419.el8.noarch.rpm
perl-ExtUtils-Miniperl-1.06-419.el8.noarch.rpm
perl-Locale-Maketext-Simple-0.21-419.el8.noarch.rpm
perl-Memoize-1.03-419.el8.noarch.rpm
perl-Module-Loaded-0.08-419.el8.noarch.rpm
perl-Net-Ping-2.55-419.el8.noarch.rpm
perl-Pod-Html-1.22.02-419.el8.noarch.rpm
perl-SelfLoader-1.23-419.el8.noarch.rpm
perl-Test-1.30-419.el8.noarch.rpm
perl-libnetcfg-5.26.3-419.el8.noarch.rpm
perl-open-1.11-419.el8.noarch.rpm
perl-utils-5.26.3-419.el8.noarch.rpm

ppc64le:
perl-5.26.3-419.el8.ppc64le.rpm
perl-Devel-Peek-1.26-419.el8.ppc64le.rpm
perl-Devel-Peek-debuginfo-1.26-419.el8.ppc64le.rpm
perl-IO-debuginfo-1.38-419.el8.ppc64le.rpm
perl-Time-Piece-1.31-419.el8.ppc64le.rpm
perl-Time-Piece-debuginfo-1.31-419.el8.ppc64le.rpm
perl-debuginfo-5.26.3-419.el8.ppc64le.rpm
perl-debugsource-5.26.3-419.el8.ppc64le.rpm
perl-devel-5.26.3-419.el8.ppc64le.rpm
perl-interpreter-debuginfo-5.26.3-419.el8.ppc64le.rpm
perl-libs-debuginfo-5.26.3-419.el8.ppc64le.rpm
perl-tests-5.26.3-419.el8.ppc64le.rpm

s390x:
perl-5.26.3-419.el8.s390x.rpm
perl-Devel-Peek-1.26-419.el8.s390x.rpm
perl-Devel-Peek-debuginfo-1.26-419.el8.s390x.rpm
perl-IO-debuginfo-1.38-419.el8.s390x.rpm
perl-Time-Piece-1.31-419.el8.s390x.rpm
perl-Time-Piece-debuginfo-1.31-419.el8.s390x.rpm
perl-debuginfo-5.26.3-419.el8.s390x.rpm
perl-debugsource-5.26.3-419.el8.s390x.rpm
perl-devel-5.26.3-419.el8.s390x.rpm
perl-interpreter-debuginfo-5.26.3-419.el8.s390x.rpm
perl-libs-debuginfo-5.26.3-419.el8.s390x.rpm
perl-tests-5.26.3-419.el8.s390x.rpm

x86_64:
perl-5.26.3-419.el8.x86_64.rpm
perl-Devel-Peek-1.26-419.el8.x86_64.rpm
perl-Devel-Peek-debuginfo-1.26-419.el8.i686.rpm
perl-Devel-Peek-debuginfo-1.26-419.el8.x86_64.rpm
perl-IO-debuginfo-1.38-419.el8.i686.rpm
perl-IO-debuginfo-1.38-419.el8.x86_64.rpm
perl-Time-Piece-1.31-419.el8.x86_64.rpm
perl-Time-Piece-debuginfo-1.31-419.el8.i686.rpm
perl-Time-Piece-debuginfo-1.31-419.el8.x86_64.rpm
perl-debuginfo-5.26.3-419.el8.i686.rpm
perl-debuginfo-5.26.3-419.el8.x86_64.rpm
perl-debugsource-5.26.3-419.el8.i686.rpm
perl-debugsource-5.26.3-419.el8.x86_64.rpm
perl-devel-5.26.3-419.el8.i686.rpm
perl-devel-5.26.3-419.el8.x86_64.rpm
perl-interpreter-debuginfo-5.26.3-419.el8.i686.rpm
perl-interpreter-debuginfo-5.26.3-419.el8.x86_64.rpm
perl-libs-debuginfo-5.26.3-419.el8.i686.rpm
perl-libs-debuginfo-5.26.3-419.el8.x86_64.rpm
perl-tests-5.26.3-419.el8.x86_64.rpm

Red Hat Enterprise Linux BaseOS (v. 8):

Source:
perl-5.26.3-419.el8.src.rpm

aarch64:
perl-Devel-Peek-debuginfo-1.26-419.el8.aarch64.rpm
perl-Errno-1.28-419.el8.aarch64.rpm
perl-IO-1.38-419.el8.aarch64.rpm
perl-IO-debuginfo-1.38-419.el8.aarch64.rpm
perl-Time-Piece-debuginfo-1.31-419.el8.aarch64.rpm
perl-debuginfo-5.26.3-419.el8.aarch64.rpm
perl-debugsource-5.26.3-419.el8.aarch64.rpm
perl-interpreter-5.26.3-419.el8.aarch64.rpm
perl-interpreter-debuginfo-5.26.3-419.el8.aarch64.rpm
perl-libs-5.26.3-419.el8.aarch64.rpm
perl-libs-debuginfo-5.26.3-419.el8.aarch64.rpm
perl-macros-5.26.3-419.el8.aarch64.rpm

noarch:
perl-IO-Zlib-1.10-419.el8.noarch.rpm
perl-Math-Complex-1.59-419.el8.noarch.rpm

ppc64le:
perl-Devel-Peek-debuginfo-1.26-419.el8.ppc64le.rpm
perl-Errno-1.28-419.el8.ppc64le.rpm
perl-IO-1.38-419.el8.ppc64le.rpm
perl-IO-debuginfo-1.38-419.el8.ppc64le.rpm
perl-Time-Piece-debuginfo-1.31-419.el8.ppc64le.rpm
perl-debuginfo-5.26.3-419.el8.ppc64le.rpm
perl-debugsource-5.26.3-419.el8.ppc64le.rpm
perl-interpreter-5.26.3-419.el8.ppc64le.rpm
perl-interpreter-debuginfo-5.26.3-419.el8.ppc64le.rpm
perl-libs-5.26.3-419.el8.ppc64le.rpm
perl-libs-debuginfo-5.26.3-419.el8.ppc64le.rpm
perl-macros-5.26.3-419.el8.ppc64le.rpm

s390x:
perl-Devel-Peek-debuginfo-1.26-419.el8.s390x.rpm
perl-Errno-1.28-419.el8.s390x.rpm
perl-IO-1.38-419.el8.s390x.rpm
perl-IO-debuginfo-1.38-419.el8.s390x.rpm
perl-Time-Piece-debuginfo-1.31-419.el8.s390x.rpm
perl-debuginfo-5.26.3-419.el8.s390x.rpm
perl-debugsource-5.26.3-419.el8.s390x.rpm
perl-interpreter-5.26.3-419.el8.s390x.rpm
perl-interpreter-debuginfo-5.26.3-419.el8.s390x.rpm
perl-libs-5.26.3-419.el8.s390x.rpm
perl-libs-debuginfo-5.26.3-419.el8.s390x.rpm
perl-macros-5.26.3-419.el8.s390x.rpm

x86_64:
perl-Devel-Peek-debuginfo-1.26-419.el8.i686.rpm
perl-Devel-Peek-debuginfo-1.26-419.el8.x86_64.rpm
perl-Errno-1.28-419.el8.x86_64.rpm
perl-IO-1.38-419.el8.x86_64.rpm
perl-IO-debuginfo-1.38-419.el8.i686.rpm
perl-IO-debuginfo-1.38-419.el8.x86_64.rpm
perl-Time-Piece-debuginfo-1.31-419.el8.i686.rpm
perl-Time-Piece-debuginfo-1.31-419.el8.x86_64.rpm
perl-debuginfo-5.26.3-419.el8.i686.rpm
perl-debuginfo-5.26.3-419.el8.x86_64.rpm
perl-debugsource-5.26.3-419.el8.i686.rpm
perl-debugsource-5.26.3-419.el8.x86_64.rpm
perl-interpreter-5.26.3-419.el8.x86_64.rpm
perl-interpreter-debuginfo-5.26.3-419.el8.i686.rpm
perl-interpreter-debuginfo-5.26.3-419.el8.x86_64.rpm
perl-libs-5.26.3-419.el8.i686.rpm
perl-libs-5.26.3-419.el8.x86_64.rpm
perl-libs-debuginfo-5.26.3-419.el8.i686.rpm
perl-libs-debuginfo-5.26.3-419.el8.x86_64.rpm
perl-macros-5.26.3-419.el8.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-10543
https://access.redhat.com/security/cve/CVE-2020-10878
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.4_release_notes/

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2021 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBYKPwadzjgjWX9erEAQifRw//Rks+ynA275SEEFVbilctrs3xXV3eJ1IM
9eABy/XbleR5sAi/myiqzgutMacc/UmoLcFym5z0LXYX62vjx3ynLjENYw6jxQfk
jzU96o4TVyXCjQM3dhjbgIhfDMnMCWzwFz8un7HE03u9TUYg/uoK4MyNTaYoRwhe
kKLQZS01KuuGrHhfU92uayOfyNhcXJE4UB3tdBgYK+hsTx2c9rzOXlO8nrMfLPar
jyTqX9zM5z5/q2rzypSYYj1v9Otdlc3EHN6pJ0VQ9ljcryPzT3sby5uLMRLFM6XW
LDVOG6rQxXPiyaVVSuBSRQT1Ye41MlkMr8oc5TTlcqtDl/8/mLsXrFEKgvlEzePM
lTANneW5oXrXPJul89y+qro2cCbQDBPUiy0KbhsU4scwnRqo3Dr7ofJTjD1lNDlo
nl12bAUmIamzKH9BA5poCduvjt0yClsxv/meFCnO1eS5uF5c0YeI5zbQ3FOzBri0
Suj3RZg75Fop2MvJa5JaJNVTE3M2ZoiGgUStVJc8ErMymsS03xpVduRGcB0rz+g/
CGL7e4bMQOT/XEEN7V3yVCYubWuESxbBQw+FlT6Khk5FAqtnMMLrlZzU7HPSz+sz
IHycyyrP3Io9Eyk1O9a3LBVfMaBSWYUB9Ux73nac5MCK93vx9q1Un3xESf5sUJ3F
gxKSqsc6G0Q=
=4I2W
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
[email protected]
https://listman.redhat.com/mailman/listinfo/rhsa-announce

RedHat: RHSA-2021-1678:01 Moderate: perl security and bug fix update

An update for perl is now available for Red Hat Enterprise Linux 8

Summary

Perl is a high-level programming language that is commonly used for system administration utilities and web programming.
Security Fix(es):
* perl: heap-based buffer overflow in regular expression compiler leads to DoS (CVE-2020-10543)
* perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS (CVE-2020-10878)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes linked from the References section.

Solution

For details on how to apply this update, which includes the changesdescribed in this advisory, refer to:https://access.redhat.com/articles/11258

References

https://access.redhat.com/security/cve/CVE-2020-10543 https://access.redhat.com/security/cve/CVE-2020-10878 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.4_release_notes/

Package List

Red Hat Enterprise Linux AppStream (v. 8):
aarch64: perl-5.26.3-419.el8.aarch64.rpm perl-Devel-Peek-1.26-419.el8.aarch64.rpm perl-Devel-Peek-debuginfo-1.26-419.el8.aarch64.rpm perl-IO-debuginfo-1.38-419.el8.aarch64.rpm perl-Time-Piece-1.31-419.el8.aarch64.rpm perl-Time-Piece-debuginfo-1.31-419.el8.aarch64.rpm perl-debuginfo-5.26.3-419.el8.aarch64.rpm perl-debugsource-5.26.3-419.el8.aarch64.rpm perl-devel-5.26.3-419.el8.aarch64.rpm perl-interpreter-debuginfo-5.26.3-419.el8.aarch64.rpm perl-libs-debuginfo-5.26.3-419.el8.aarch64.rpm perl-tests-5.26.3-419.el8.aarch64.rpm
noarch: perl-Attribute-Handlers-0.99-419.el8.noarch.rpm perl-Devel-SelfStubber-1.06-419.el8.noarch.rpm perl-ExtUtils-Embed-1.34-419.el8.noarch.rpm perl-ExtUtils-Miniperl-1.06-419.el8.noarch.rpm perl-Locale-Maketext-Simple-0.21-419.el8.noarch.rpm perl-Memoize-1.03-419.el8.noarch.rpm perl-Module-Loaded-0.08-419.el8.noarch.rpm perl-Net-Ping-2.55-419.el8.noarch.rpm perl-Pod-Html-1.22.02-419.el8.noarch.rpm perl-SelfLoader-1.23-419.el8.noarch.rpm perl-Test-1.30-419.el8.noarch.rpm perl-libnetcfg-5.26.3-419.el8.noarch.rpm perl-open-1.11-419.el8.noarch.rpm perl-utils-5.26.3-419.el8.noarch.rpm
ppc64le: perl-5.26.3-419.el8.ppc64le.rpm perl-Devel-Peek-1.26-419.el8.ppc64le.rpm perl-Devel-Peek-debuginfo-1.26-419.el8.ppc64le.rpm perl-IO-debuginfo-1.38-419.el8.ppc64le.rpm perl-Time-Piece-1.31-419.el8.ppc64le.rpm perl-Time-Piece-debuginfo-1.31-419.el8.ppc64le.rpm perl-debuginfo-5.26.3-419.el8.ppc64le.rpm perl-debugsource-5.26.3-419.el8.ppc64le.rpm perl-devel-5.26.3-419.el8.ppc64le.rpm perl-interpreter-debuginfo-5.26.3-419.el8.ppc64le.rpm perl-libs-debuginfo-5.26.3-419.el8.ppc64le.rpm perl-tests-5.26.3-419.el8.ppc64le.rpm
s390x: perl-5.26.3-419.el8.s390x.rpm perl-Devel-Peek-1.26-419.el8.s390x.rpm perl-Devel-Peek-debuginfo-1.26-419.el8.s390x.rpm perl-IO-debuginfo-1.38-419.el8.s390x.rpm perl-Time-Piece-1.31-419.el8.s390x.rpm perl-Time-Piece-debuginfo-1.31-419.el8.s390x.rpm perl-debuginfo-5.26.3-419.el8.s390x.rpm perl-debugsource-5.26.3-419.el8.s390x.rpm perl-devel-5.26.3-419.el8.s390x.rpm perl-interpreter-debuginfo-5.26.3-419.el8.s390x.rpm perl-libs-debuginfo-5.26.3-419.el8.s390x.rpm perl-tests-5.26.3-419.el8.s390x.rpm
x86_64: perl-5.26.3-419.el8.x86_64.rpm perl-Devel-Peek-1.26-419.el8.x86_64.rpm perl-Devel-Peek-debuginfo-1.26-419.el8.i686.rpm perl-Devel-Peek-debuginfo-1.26-419.el8.x86_64.rpm perl-IO-debuginfo-1.38-419.el8.i686.rpm perl-IO-debuginfo-1.38-419.el8.x86_64.rpm perl-Time-Piece-1.31-419.el8.x86_64.rpm perl-Time-Piece-debuginfo-1.31-419.el8.i686.rpm perl-Time-Piece-debuginfo-1.31-419.el8.x86_64.rpm perl-debuginfo-5.26.3-419.el8.i686.rpm perl-debuginfo-5.26.3-419.el8.x86_64.rpm perl-debugsource-5.26.3-419.el8.i686.rpm perl-debugsource-5.26.3-419.el8.x86_64.rpm perl-devel-5.26.3-419.el8.i686.rpm perl-devel-5.26.3-419.el8.x86_64.rpm perl-interpreter-debuginfo-5.26.3-419.el8.i686.rpm perl-interpreter-debuginfo-5.26.3-419.el8.x86_64.rpm perl-libs-debuginfo-5.26.3-419.el8.i686.rpm perl-libs-debuginfo-5.26.3-419.el8.x86_64.rpm perl-tests-5.26.3-419.el8.x86_64.rpm
Red Hat Enterprise Linux BaseOS (v. 8):
Source: perl-5.26.3-419.el8.src.rpm
aarch64: perl-Devel-Peek-debuginfo-1.26-419.el8.aarch64.rpm perl-Errno-1.28-419.el8.aarch64.rpm perl-IO-1.38-419.el8.aarch64.rpm perl-IO-debuginfo-1.38-419.el8.aarch64.rpm perl-Time-Piece-debuginfo-1.31-419.el8.aarch64.rpm perl-debuginfo-5.26.3-419.el8.aarch64.rpm perl-debugsource-5.26.3-419.el8.aarch64.rpm perl-interpreter-5.26.3-419.el8.aarch64.rpm perl-interpreter-debuginfo-5.26.3-419.el8.aarch64.rpm perl-libs-5.26.3-419.el8.aarch64.rpm perl-libs-debuginfo-5.26.3-419.el8.aarch64.rpm perl-macros-5.26.3-419.el8.aarch64.rpm
noarch: perl-IO-Zlib-1.10-419.el8.noarch.rpm perl-Math-Complex-1.59-419.el8.noarch.rpm
ppc64le: perl-Devel-Peek-debuginfo-1.26-419.el8.ppc64le.rpm perl-Errno-1.28-419.el8.ppc64le.rpm perl-IO-1.38-419.el8.ppc64le.rpm perl-IO-debuginfo-1.38-419.el8.ppc64le.rpm perl-Time-Piece-debuginfo-1.31-419.el8.ppc64le.rpm perl-debuginfo-5.26.3-419.el8.ppc64le.rpm perl-debugsource-5.26.3-419.el8.ppc64le.rpm perl-interpreter-5.26.3-419.el8.ppc64le.rpm perl-interpreter-debuginfo-5.26.3-419.el8.ppc64le.rpm perl-libs-5.26.3-419.el8.ppc64le.rpm perl-libs-debuginfo-5.26.3-419.el8.ppc64le.rpm perl-macros-5.26.3-419.el8.ppc64le.rpm
s390x: perl-Devel-Peek-debuginfo-1.26-419.el8.s390x.rpm perl-Errno-1.28-419.el8.s390x.rpm perl-IO-1.38-419.el8.s390x.rpm perl-IO-debuginfo-1.38-419.el8.s390x.rpm perl-Time-Piece-debuginfo-1.31-419.el8.s390x.rpm perl-debuginfo-5.26.3-419.el8.s390x.rpm perl-debugsource-5.26.3-419.el8.s390x.rpm perl-interpreter-5.26.3-419.el8.s390x.rpm perl-interpreter-debuginfo-5.26.3-419.el8.s390x.rpm perl-libs-5.26.3-419.el8.s390x.rpm perl-libs-debuginfo-5.26.3-419.el8.s390x.rpm perl-macros-5.26.3-419.el8.s390x.rpm
x86_64: perl-Devel-Peek-debuginfo-1.26-419.el8.i686.rpm perl-Devel-Peek-debuginfo-1.26-419.el8.x86_64.rpm perl-Errno-1.28-419.el8.x86_64.rpm perl-IO-1.38-419.el8.x86_64.rpm perl-IO-debuginfo-1.38-419.el8.i686.rpm perl-IO-debuginfo-1.38-419.el8.x86_64.rpm perl-Time-Piece-debuginfo-1.31-419.el8.i686.rpm perl-Time-Piece-debuginfo-1.31-419.el8.x86_64.rpm perl-debuginfo-5.26.3-419.el8.i686.rpm perl-debuginfo-5.26.3-419.el8.x86_64.rpm perl-debugsource-5.26.3-419.el8.i686.rpm perl-debugsource-5.26.3-419.el8.x86_64.rpm perl-interpreter-5.26.3-419.el8.x86_64.rpm perl-interpreter-debuginfo-5.26.3-419.el8.i686.rpm perl-interpreter-debuginfo-5.26.3-419.el8.x86_64.rpm perl-libs-5.26.3-419.el8.i686.rpm perl-libs-5.26.3-419.el8.x86_64.rpm perl-libs-debuginfo-5.26.3-419.el8.i686.rpm perl-libs-debuginfo-5.26.3-419.el8.x86_64.rpm perl-macros-5.26.3-419.el8.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

Severity
Advisory ID: RHSA-2021:1678-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:1678
Issued Date: : 2021-05-18
CVE Names: CVE-2020-10543 CVE-2020-10878

Topic

An update for perl is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impactof Moderate. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.

Relevant Releases Architectures

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

Bugs Fixed

1807120 - perl-5.26.3-416.el8 FTBFS: ../cpan/Time-Local/t/Local.t test fails in year 2020

1837975 - CVE-2020-10543 perl: heap-based buffer overflow in regular expression compiler leads to DoS

1837988 - CVE-2020-10878 perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS

1903503 - perl-libs: Missing dependency on perl-Encode

1913693 - Not strict restrictive permissions in the doc folders: perl-devel

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.