Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

Ubuntu 12.04 ESM, USN-4602-2 Moderate: Perl Denial Of Service

ubuntu
Calendar Grey October 27, 2020
Dist Ubuntu Esm H88
Security flaws in Perl patched in Ubuntu 12.04 and 14.04 ESM to prevent potential denial of service threats.
Several security issues were fixed in Perl.

Summary

Several security issues were fixed in Perl.

Software Description:

- perl: Practical Extraction and Report Language

Details:

USN-4602-1 fixed several vulnerabilities in Perl. This update provides

the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.

Original advisory details:

ManhND discovered that Perl incorrectly handled certain regular

expressions. In environments where untrusted regular expressions are

evaluated, a remote attacker could possibly use this issue to cause Perl to

crash, resulting in a denial of service, or possibly execute arbitrary

code. (CVE-2020-10543)

Hugo van der Sanden and Slaven Rezic discovered that Perl incorrectly

handled certain regular expressions. In environments where untrusted

regular expressions are evaluated, a remote attacker could possibly use

this issue to cause Perl to crash, resulting in a denial of service, or

possibly execute arbitrary code. (CVE-2020-10878)

Sergey Aleynikov discovered that Perl incorrectly h...

Read the Full Advisory

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 ESM:
  perl                            5.18.2-2ubuntu1.7+esm3

Ubuntu 12.04 ESM:
  perl                            5.14.2-6ubuntu2.11

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-4602-2

https://ubuntu.com/security/notices/USN-4602-1

CVE-2020-10543, CVE-2020-10878, CVE-2020-12723

October 27, 2020

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here