This update for perl fixes the following issues: Secuirty issues fixed: - CVE-2018-18311: Fixed integer overflow with oversize environment (bsc#1114674). - CVE-2018-18312: Fixed heap-buffer-overflow write / reg_node overrun (bsc#1114675). - CVE-2018-18313: Fixed heap-buffer-overflow read if regex contains \0 chars (bsc#1114681). - CVE-2018-18314: Fixed heap-buffer-overflow in regex (bsc#1114686). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Development Tools 15: zypper in -t patch SUSE-SLE-Module-Development-Tools-15-2018-2984=1 - SUSE Linux Enterprise Module for Basesystem 15:
#1114674 #1114675 #1114681 #1114686
Cross- CVE-2018-18311 CVE-2018-18312 CVE-2018-18313
CVE-2018-18314
Affected Products:
SUSE Linux Enterprise Module for Development Tools 15
SUSE Linux Enterprise Module for Basesystem 15
https://www.suse.com/security/cve/CVE-2018-18311.html
https://www.suse.com/security/cve/CVE-2018-18312.html
https://www.suse.com/security/cve/CVE-2018-18313.html
https://www.suse.com/security/cve/CVE-2018-18314.html
https://bugzilla.suse.com/1114674
https://bugzilla.suse.com/1114675
https://bugzilla.suse.com/1114681
https://bugzilla.suse.com/1114686
Get the latest Linux and open source security news straight to your inbox.