Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 7 articles for you...
100
security advisorysecurity issueimportantSUSE: 2023:2400-3 Critical: Bci/Javascript-Engine Security Patch
The container bci/dotnet-sdk was updated. The following patches have been included in this update:. SUSE Container Update Advisory: bci/dotnet-sdk ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:2395-1 Container Tags : bci/dotnet-sdk:7.0 , bci/dotnet-sdk:7.0-11.12 , bci/dotnet-sdk:7.0.9 , bci/dotnet-sdk:7.0.9-11.12 , bci/dotnet-sdk:latest Container Release : 11.12 Severity : important Type : security References : 1208721 1209229 1210999 1211828 1213237 CVE-2023-31484 CVE-2023-32001 ----------------------------------------------------------------- The container bci/dotnet-sdk was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:2882-1 Released: Wed Jul 19 11:49:39 2023 Summary: Security update for perl Type: security Severity: important References: 1210999,CVE-2023-31484 This update for perl fixes the following issues: - CVE-2023-31484: Enable TLS cert verification in CPAN (bsc#1210999). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:2885-1 Released: Wed Jul 19 16:58:43 2023 Summary: Recommended update for glibc Type: recommended Severity: moderate References: 1208721,1209229,1211828 This update for glibc fixes the following issues: - getlogin_r: fix missing fallback if loginuid is unset (bsc#1209229, BZ #30235) - Exclude static archives from preparation for live patching (bsc#1208721) - resolv_conf: release lock on allocation failure (bsc#1211828, BZ #30527) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:2891-1 Released: Wed Jul 19 21:14:33 2023 Summary: Security update for curl Type: security Severity: moderate References: 1213237,CVE-2023-32001 This update for curl fixes the following issues: - CVE-2023-32001: Fixed TOCTOU race condition(bsc#1213237). The following package changes have been done: - glibc-2.31-150300.52.2 updated - perl-base-5.26.1-150300.17.14.1 updated - libcurl4-8.0.1-150400.5.26.1 updated - container:sles15-image-15.0.0-36.5.18 updated . SUSE Container Update Notice outlines significant enhancements for bci/dotnet-sdk, curl, and perl, focusing on security improvements.. SUSE Container Update,bci/dotnet-sdk security,security updates,package changes. . Severity: Important. LinuxSecurity.com Team
Jul 22, 2023
•Important
SuSE
197
security advisorydebiantzdataDebian 10 Buster DLA-3135-1: Libdatetime-Timezone-Perl Update
This update includes the changes in tzdata 2022d for the Perl bindings. For the list of changes, see DLA-3134-1. For Debian 10 buster, this problem has been fixed in version . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3135-1
Oct 03, 2022
•Important
Debian LTS
100
security advisorysecurity fixmoderate severitySUSE: 2022:2257-1 Moderate Perl Update for SUSE/SLE15 Security
The container suse/sle15 was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/sle15 ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:2257-1 Container Tags : bci/bci-base:15.4 , bci/bci-base:15.4.27.11.23 , suse/sle15:15.4 , suse/sle15:15.4.27.11.23 Container Release : 27.11.23 Severity : moderate Type : security References : 1047178 CVE-2017-6512 ----------------------------------------------------------------- The container suse/sle15 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:3271-1 Released: Wed Sep 14 06:45:39 2022 Summary: Security update for perl Type: security Severity: moderate References: 1047178,CVE-2017-6512 This update for perl fixes the following issues: - CVE-2017-6512: Fixed File::Path rmtree/remove_tree race condition (bsc#1047178). The following package changes have been done: - perl-base-5.26.1-150300.17.11.1 updated . SUSE has released a Container Update Advisory for suse/sle15, fixing several moderate vulnerabilities in the Perl language essential for secure container apps. SUSE Container,SUSE Security Update,Perl Security Patch,SUSE Advisory. . LinuxSecurity.com Team
Sep 16, 2022
SuSE
100
security advisorymoderate severitysecurity patchSUSE: 2022:2243-1 Moderate: bci/dotnet-aspnet and Perl Security Fix
The container bci/dotnet-aspnet was updated. The following patches have been included in this update:. SUSE Container Update Advisory: bci/dotnet-aspnet ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:2243-1 Container Tags : bci/dotnet-aspnet:3.1 , bci/dotnet-aspnet:3.1-39.29 , bci/dotnet-aspnet:3.1.28 , bci/dotnet-aspnet:3.1.28-39.29 Container Release : 39.29 Severity : moderate Type : security References : 1047178 1199140 CVE-2017-6512 ----------------------------------------------------------------- The container bci/dotnet-aspnet was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:3262-1 Released: Tue Sep 13 15:34:29 2022 Summary: Recommended update for gcc11 Type: recommended Severity: moderate References: 1199140 This update for gcc11 ships some missing 32bit libraries for s390x. (bsc#1199140) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:3271-1 Released: Wed Sep 14 06:45:39 2022 Summary: Security update for perl Type: security Severity: moderate References: 1047178,CVE-2017-6512 This update for perl fixes the following issues: - CVE-2017-6512: Fixed File::Path rmtree/remove_tree race condition (bsc#1047178). The following package changes have been done: - perl-base-5.26.1-150300.17.11.1 updated - libgcc_s1-11.3.0+git1637-150000.1.11.2 updated - libstdc++6-11.3.0+git1637-150000.1.11.2 updated - container:sles15-image-15.0.0-27.11.23 updated . Stay informed with the latest BCI/DotNet-AspNet update report highlighting patched vulnerabilities, moderate updates, and GCC11 recommendations for optimal performance. SUSE Container Update, bci/dotnet-aspnet Update, Security Patches. . LinuxSecurity.com Team
Sep 15, 2022
SuSE
100
security advisorymoderate severityperl updateSUSE: 2022:819-1 Moderate: bci/openjdk Security Update Advisory
The container bci/openjdk was updated. The following patches have been included in this update:. SUSE Container Update Advisory: bci/openjdk ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:819-1 Container Tags : bci/openjdk:11 , bci/openjdk:11-16.5 , bci/openjdk:latest Container Release : 16.5 Severity : moderate Type : security References : 1183533 1193489 CVE-2021-28153 ----------------------------------------------------------------- The container bci/openjdk was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:1451-1 Released: Thu Apr 28 10:47:22 2022 Summary: Recommended update for perl Type: recommended Severity: moderate References: 1193489 This update for perl fixes the following issues: - Fix Socket::VERSION evaluation and stabilize Socket:VERSION comparisons (bsc#1193489) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:1455-1 Released: Thu Apr 28 11:31:51 2022 Summary: Security update for glib2 Type: security Severity: low References: 1183533,CVE-2021-28153 This update for glib2 fixes the following issues: - CVE-2021-28153: Fixed an issue where symlink targets would be incorrectly created as empty files (bsc#1183533). The following package changes have been done: - libglib-2_0-0-2.62.6-150200.3.9.1 updated - perl-base-5.26.1-150300.17.3.1 updated - container:sles15-image-15.0.0-17.14.6 updated . SUSE Container Refresh for bci/python incorporates fixes for significant security vulnerabilities alongside updates to glibc and ruby.. SUSE Container Update,bci/openjdk,security patch,perl update,glib2 fix. . LinuxSecurity.com Team
Apr 29, 2022
SuSE
100
security advisorysecurity issuemoderate severitySUSE: 2022:795-1 Moderate Security Update for suse/sle15 Released
The container suse/sle15 was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/sle15 ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:795-1 Container Tags : suse/sle15:15.2 , suse/sle15:15.2.9.5.129 Container Release : 9.5.129 Severity : moderate Type : security References : 1183533 1193489 CVE-2021-28153 ----------------------------------------------------------------- The container suse/sle15 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:1452-1 Released: Thu Apr 28 10:48:06 2022 Summary: Recommended update for perl Type: recommended Severity: moderate References: 1193489 This update for perl fixes the following issues: - Fix Socket::VERSION evaluation and stabilize Socket:VERSION comparisons (bsc#1193489) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:1455-1 Released: Thu Apr 28 11:31:51 2022 Summary: Security update for glib2 Type: security Severity: low References: 1183533,CVE-2021-28153 This update for glib2 fixes the following issues: - CVE-2021-28153: Fixed an issue where symlink targets would be incorrectly created as empty files (bsc#1183533). The following package changes have been done: - libglib-2_0-0-2.62.6-150200.3.9.1 updated - perl-base-5.26.1-150000.7.15.1 updated . Stay updated on critical patches and security vulnerabilities for SUSE/SLE15 containers; enhance system integrity and safeguard data effectively. SUSE Container, Security Advisory, glib2 Fixes, perl Update, Container Update. . LinuxSecurity.com Team
Apr 29, 2022
SuSE
98
security advisorymoderatesecurity issueRed Hat Enterprise Linux 8: RHSA-2021:0557-01 Moderate Perl DoS Fix
An update for perl is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: perl security update Advisory ID: RHSA-2021:0557-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:0557 Issue date: 2021-02-16 CVE Names: CVE-2020-12723 ==================================================================== 1. Summary: An update for perl is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fix(es): * perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS (CVE-2020-12723) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed(https://bugzilla.redhat.com/): 1838000 - CVE-2020-12723 perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS 6. Package List: Red Hat Enterprise Linux AppStream (v.8): aarch64: perl-5.26.3-417.el8_3.aarch64.rpm perl-Devel-Peek-1.26-417.el8_3.aarch64.rpm perl-Devel-Peek-debuginfo-1.26-417.el8_3.aarch64.rpm perl-IO-debuginfo-1.38-417.el8_3.aarch64.rpm perl-Time-Piece-1.31-417.el8_3.aarch64.rpm perl-Time-Piece-debuginfo-1.31-417.el8_3.aarch64.rpm perl-debuginfo-5.26.3-417.el8_3.aarch64.rpm perl-debugsource-5.26.3-417.el8_3.aarch64.rpm perl-devel-5.26.3-417.el8_3.aarch64.rpm perl-interpreter-debuginfo-5.26.3-417.el8_3.aarch64.rpm perl-libs-debuginfo-5.26.3-417.el8_3.aarch64.rpm perl-tests-5.26.3-417.el8_3.aarch64.rpm noarch: perl-Attribute-Handlers-0.99-417.el8_3.noarch.rpm perl-Devel-SelfStubber-1.06-417.el8_3.noarch.rpm perl-ExtUtils-Embed-1.34-417.el8_3.noarch.rpm perl-ExtUtils-Miniperl-1.06-417.el8_3.noarch.rpm perl-Locale-Maketext-Simple-0.21-417.el8_3.noarch.rpm perl-Memoize-1.03-417.el8_3.noarch.rpm perl-Module-Loaded-0.08-417.el8_3.noarch.rpm perl-Net-Ping-2.55-417.el8_3.noarch.rpm perl-Pod-Html-1.22.02-417.el8_3.noarch.rpm perl-SelfLoader-1.23-417.el8_3.noarch.rpm perl-Test-1.30-417.el8_3.noarch.rpm perl-libnetcfg-5.26.3-417.el8_3.noarch.rpm perl-open-1.11-417.el8_3.noarch.rpm perl-utils-5.26.3-417.el8_3.noarch.rpm ppc64le: perl-5.26.3-417.el8_3.ppc64le.rpm perl-Devel-Peek-1.26-417.el8_3.ppc64le.rpm perl-Devel-Peek-debuginfo-1.26-417.el8_3.ppc64le.rpm perl-IO-debuginfo-1.38-417.el8_3.ppc64le.rpm perl-Time-Piece-1.31-417.el8_3.ppc64le.rpm perl-Time-Piece-debuginfo-1.31-417.el8_3.ppc64le.rpm perl-debuginfo-5.26.3-417.el8_3.ppc64le.rpm perl-debugsource-5.26.3-417.el8_3.ppc64le.rpm perl-devel-5.26.3-417.el8_3.ppc64le.rpm perl-interpreter-debuginfo-5.26.3-417.el8_3.ppc64le.rpm perl-libs-debuginfo-5.26.3-417.el8_3.ppc64le.rpm perl-tests-5.26.3-417.el8_3.ppc64le.rpm s390x: perl-5.26.3-417.el8_3.s390x.rpm perl-Devel-Peek-1.26-417.el8_3.s390x.rpm perl-Devel-Peek-debuginfo-1.26-417.el8_3.s390x.rpm perl-IO-debuginfo-1.38-417.el8_3.s390x.rpm perl-Time-Piece-1.31-417.el8_3.s390x.rpm perl-Time-Piece-debuginfo-1.31-417.el8_3.s390x.rpm perl-debuginfo-5.26.3-417.el8_3.s390x.rpm perl-debugsource-5.26.3-417.el8_3.s390x.rpm perl-devel-5.26.3-417.el8_3.s390x.rpm perl-interpreter-debuginfo-5.26.3-417.el8_3.s390x.rpm perl-libs-debuginfo-5.26.3-417.el8_3.s390x.rpm perl-tests-5.26.3-417.el8_3.s390x.rpm x86_64: perl-5.26.3-417.el8_3.x86_64.rpm perl-Devel-Peek-1.26-417.el8_3.x86_64.rpm perl-Devel-Peek-debuginfo-1.26-417.el8_3.i686.rpm perl-Devel-Peek-debuginfo-1.26-417.el8_3.x86_64.rpm perl-IO-debuginfo-1.38-417.el8_3.i686.rpm perl-IO-debuginfo-1.38-417.el8_3.x86_64.rpm perl-Time-Piece-1.31-417.el8_3.x86_64.rpm perl-Time-Piece-debuginfo-1.31-417.el8_3.i686.rpm perl-Time-Piece-debuginfo-1.31-417.el8_3.x86_64.rpm perl-debuginfo-5.26.3-417.el8_3.i686.rpm perl-debuginfo-5.26.3-417.el8_3.x86_64.rpm perl-debugsource-5.26.3-417.el8_3.i686.rpm perl-debugsource-5.26.3-417.el8_3.x86_64.rpm perl-devel-5.26.3-417.el8_3.i686.rpm perl-devel-5.26.3-417.el8_3.x86_64.rpm perl-interpreter-debuginfo-5.26.3-417.el8_3.i686.rpm perl-interpreter-debuginfo-5.26.3-417.el8_3.x86_64.rpm perl-libs-debuginfo-5.26.3-417.el8_3.i686.rpm perl-libs-debuginfo-5.26.3-417.el8_3.x86_64.rpm perl-tests-5.26.3-417.el8_3.x86_64.rpm Red Hat Enterprise Linux BaseOS (v.8): Source: perl-5.26.3-417.el8_3.src.rpm aarch64: perl-Devel-Peek-debuginfo-1.26-417.el8_3.aarch64.rpm perl-Errno-1.28-417.el8_3.aarch64.rpm perl-IO-1.38-417.el8_3.aarch64.rpm perl-IO-debuginfo-1.38-417.el8_3.aarch64.rpm perl-Time-Piece-debuginfo-1.31-417.el8_3.aarch64.rpm perl-debuginfo-5.26.3-417.el8_3.aarch64.rpm perl-debugsource-5.26.3-417.el8_3.aarch64.rpm perl-interpreter-5.26.3-417.el8_3.aarch64.rpm perl-interpreter-debuginfo-5.26.3-417.el8_3.aarch64.rpm perl-libs-5.26.3-417.el8_3.aarch64.rpm perl-libs-debuginfo-5.26.3-417.el8_3.aarch64.rpm perl-macros-5.26.3-417.el8_3.aarch64.rpm noarch: perl-IO-Zlib-1.10-417.el8_3.noarch.rpm perl-Math-Complex-1.59-417.el8_3.noarch.rpm ppc64le: perl-Devel-Peek-debuginfo-1.26-417.el8_3.ppc64le.rpm perl-Errno-1.28-417.el8_3.ppc64le.rpm perl-IO-1.38-417.el8_3.ppc64le.rpm perl-IO-debuginfo-1.38-417.el8_3.ppc64le.rpm perl-Time-Piece-debuginfo-1.31-417.el8_3.ppc64le.rpm perl-debuginfo-5.26.3-417.el8_3.ppc64le.rpm perl-debugsource-5.26.3-417.el8_3.ppc64le.rpm perl-interpreter-5.26.3-417.el8_3.ppc64le.rpm perl-interpreter-debuginfo-5.26.3-417.el8_3.ppc64le.rpm perl-libs-5.26.3-417.el8_3.ppc64le.rpm perl-libs-debuginfo-5.26.3-417.el8_3.ppc64le.rpm perl-macros-5.26.3-417.el8_3.ppc64le.rpm s390x: perl-Devel-Peek-debuginfo-1.26-417.el8_3.s390x.rpm perl-Errno-1.28-417.el8_3.s390x.rpm perl-IO-1.38-417.el8_3.s390x.rpm perl-IO-debuginfo-1.38-417.el8_3.s390x.rpm perl-Time-Piece-debuginfo-1.31-417.el8_3.s390x.rpm perl-debuginfo-5.26.3-417.el8_3.s390x.rpm perl-debugsource-5.26.3-417.el8_3.s390x.rpm perl-interpreter-5.26.3-417.el8_3.s390x.rpm perl-interpreter-debuginfo-5.26.3-417.el8_3.s390x.rpm perl-libs-5.26.3-417.el8_3.s390x.rpm perl-libs-debuginfo-5.26.3-417.el8_3.s390x.rpm perl-macros-5.26.3-417.el8_3.s390x.rpm x86_64: perl-Devel-Peek-debuginfo-1.26-417.el8_3.i686.rpm perl-Devel-Peek-debuginfo-1.26-417.el8_3.x86_64.rpm perl-Errno-1.28-417.el8_3.x86_64.rpm perl-IO-1.38-417.el8_3.x86_64.rpm perl-IO-debuginfo-1.38-417.el8_3.i686.rpm perl-IO-debuginfo-1.38-417.el8_3.x86_64.rpm perl-Time-Piece-debuginfo-1.31-417.el8_3.i686.rpm perl-Time-Piece-debuginfo-1.31-417.el8_3.x86_64.rpm perl-debuginfo-5.26.3-417.el8_3.i686.rpm perl-debuginfo-5.26.3-417.el8_3.x86_64.rpm perl-debugsource-5.26.3-417.el8_3.i686.rpm perl-debugsource-5.26.3-417.el8_3.x86_64.rpm perl-interpreter-5.26.3-417.el8_3.x86_64.rpm perl-interpreter-debuginfo-5.26.3-417.el8_3.i686.rpm perl-interpreter-debuginfo-5.26.3-417.el8_3.x86_64.rpm perl-libs-5.26.3-417.el8_3.i686.rpm perl-libs-5.26.3-417.el8_3.x86_64.rpm perl-libs-debuginfo-5.26.3-417.el8_3.i686.rpm perl-libs-debuginfo-5.26.3-417.el8_3.x86_64.rpm perl-macros-5.26.3-417.el8_3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2020-12723 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYCva3tzjgjWX9erEAQjasQ/+Lv1KDakUJejxTg+5872XgyzXI4B1G6+C SDYN3jf+SOxZX9IItq81YI3mEEMjjJBAFYbCk14G4cAwfH00I9nRzwXmBV/Rv2v0 xEa3UH9U7U4babwpTnR/DKPI98MKkE++4ot2rFVKadvK3FJ3RluZLavsjv87VT8X TtABjdtWNfQD4tAevlJKBZPQ4Pc450mUN5+ypZr/sLTkJee5f9JIbMVeYh6c9Mrj y8vN+z42yRwI500ki0RsW1OSH9lsySzRnllwCWCTy2xq1HwbSBsKI4v2asscZoYy BKcWObdkGVLZNIyArW+l3ba5KUKgvDkObGLypZd8yL8/C2RzYZMfOrLT0YmwqbRN gE75HcuGiTD4bX6ByrCGkoId+14uU25A8vZO0vJfcBfnjxi4cGbzOiaf99NeqqVq 2TqgeCx+7xso9vxMl1AyRycUO/dt3Iwcg2uR7QPFbZv1NC+SYo1Y0/skZAY+xtg8 OzpON0aKb2Otnv2VdjNZBSj1vty8mDwlEaoxH2N3Fe0LdPuWkexbj18e8vXI/gYM 26BcwxD7Lb4PlUNGrz42mhb0icpROdpyK+sMGWQJh7riM9XSeSaiGZzX0kytYeyw R+SLBsNS9/yyfjPNj40QbK5A+wAqpHMhaJlRnJuGqiMjUV+pLwhMrHbWUYaPDUH7 /5KvT4YzOzY=Il9H -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Feb 16, 2021
Red Hat
98
security advisorymoderateupdateRed Hat RHEL 7 RHSA-2021:0343-01 Moderate: Perl DoS Threats
An update for perl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: perl security update Advisory ID: RHSA-2021:0343-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:0343 Issue date: 2021-02-02 CVE Names: CVE-2020-10543 CVE-2020-10878 CVE-2020-12723 ==================================================================== 1. Summary: An update for perl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fix(es): * perl: heap-based buffer overflow in regular expression compiler leads to DoS (CVE-2020-10543) * perl: corruption of intermediate language state of compiledregular expression due to integer overflow leads to DoS (CVE-2020-10878) * perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS (CVE-2020-12723) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1837975 - CVE-2020-10543 perl: heap-based buffer overflow in regular expression compiler leads to DoS 1837988 - CVE-2020-10878 perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS 1838000 - CVE-2020-12723 perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: perl-5.16.3-299.el7_9.src.rpm noarch: perl-CPAN-1.9800-299.el7_9.noarch.rpm perl-ExtUtils-CBuilder-0.28.2.6-299.el7_9.noarch.rpm perl-ExtUtils-Embed-1.30-299.el7_9.noarch.rpm perl-ExtUtils-Install-1.58-299.el7_9.noarch.rpm perl-IO-Zlib-1.10-299.el7_9.noarch.rpm perl-Locale-Maketext-Simple-0.21-299.el7_9.noarch.rpm perl-Module-CoreList-2.76.02-299.el7_9.noarch.rpm perl-Module-Loaded-0.08-299.el7_9.noarch.rpm perl-Object-Accessor-0.42-299.el7_9.noarch.rpm perl-Package-Constants-0.02-299.el7_9.noarch.rpm perl-Pod-Escapes-1.04-299.el7_9.noarch.rpm x86_64: perl-5.16.3-299.el7_9.x86_64.rpm perl-Time-Piece-1.20.1-299.el7_9.x86_64.rpm perl-core-5.16.3-299.el7_9.x86_64.rpm perl-debuginfo-5.16.3-299.el7_9.i686.rpm perl-debuginfo-5.16.3-299.el7_9.x86_64.rpm perl-devel-5.16.3-299.el7_9.i686.rpm perl-devel-5.16.3-299.el7_9.x86_64.rpm perl-libs-5.16.3-299.el7_9.i686.rpm perl-libs-5.16.3-299.el7_9.x86_64.rpm perl-macros-5.16.3-299.el7_9.x86_64.rpm RedHat Enterprise Linux Client Optional (v. 7): x86_64: perl-debuginfo-5.16.3-299.el7_9.x86_64.rpm perl-tests-5.16.3-299.el7_9.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: perl-5.16.3-299.el7_9.src.rpm noarch: perl-CPAN-1.9800-299.el7_9.noarch.rpm perl-ExtUtils-CBuilder-0.28.2.6-299.el7_9.noarch.rpm perl-ExtUtils-Embed-1.30-299.el7_9.noarch.rpm perl-ExtUtils-Install-1.58-299.el7_9.noarch.rpm perl-IO-Zlib-1.10-299.el7_9.noarch.rpm perl-Locale-Maketext-Simple-0.21-299.el7_9.noarch.rpm perl-Module-CoreList-2.76.02-299.el7_9.noarch.rpm perl-Module-Loaded-0.08-299.el7_9.noarch.rpm perl-Object-Accessor-0.42-299.el7_9.noarch.rpm perl-Package-Constants-0.02-299.el7_9.noarch.rpm perl-Pod-Escapes-1.04-299.el7_9.noarch.rpm x86_64: perl-5.16.3-299.el7_9.x86_64.rpm perl-Time-Piece-1.20.1-299.el7_9.x86_64.rpm perl-core-5.16.3-299.el7_9.x86_64.rpm perl-debuginfo-5.16.3-299.el7_9.i686.rpm perl-debuginfo-5.16.3-299.el7_9.x86_64.rpm perl-devel-5.16.3-299.el7_9.i686.rpm perl-devel-5.16.3-299.el7_9.x86_64.rpm perl-libs-5.16.3-299.el7_9.i686.rpm perl-libs-5.16.3-299.el7_9.x86_64.rpm perl-macros-5.16.3-299.el7_9.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: perl-debuginfo-5.16.3-299.el7_9.x86_64.rpm perl-tests-5.16.3-299.el7_9.x86_64.rpm Red Hat Enterprise Linux Server (v.7): Source: perl-5.16.3-299.el7_9.src.rpm noarch: perl-CPAN-1.9800-299.el7_9.noarch.rpm perl-ExtUtils-CBuilder-0.28.2.6-299.el7_9.noarch.rpm perl-ExtUtils-Embed-1.30-299.el7_9.noarch.rpm perl-ExtUtils-Install-1.58-299.el7_9.noarch.rpm perl-IO-Zlib-1.10-299.el7_9.noarch.rpm perl-Locale-Maketext-Simple-0.21-299.el7_9.noarch.rpm perl-Module-CoreList-2.76.02-299.el7_9.noarch.rpm perl-Module-Loaded-0.08-299.el7_9.noarch.rpm perl-Object-Accessor-0.42-299.el7_9.noarch.rpm perl-Package-Constants-0.02-299.el7_9.noarch.rpm perl-Pod-Escapes-1.04-299.el7_9.noarch.rpm ppc64: perl-5.16.3-299.el7_9.ppc64.rpm perl-Time-Piece-1.20.1-299.el7_9.ppc64.rpm perl-core-5.16.3-299.el7_9.ppc64.rpm perl-debuginfo-5.16.3-299.el7_9.ppc.rpm perl-debuginfo-5.16.3-299.el7_9.ppc64.rpm perl-devel-5.16.3-299.el7_9.ppc.rpm perl-devel-5.16.3-299.el7_9.ppc64.rpm perl-libs-5.16.3-299.el7_9.ppc.rpm perl-libs-5.16.3-299.el7_9.ppc64.rpm perl-macros-5.16.3-299.el7_9.ppc64.rpm ppc64le: perl-5.16.3-299.el7_9.ppc64le.rpm perl-Time-Piece-1.20.1-299.el7_9.ppc64le.rpm perl-core-5.16.3-299.el7_9.ppc64le.rpm perl-debuginfo-5.16.3-299.el7_9.ppc64le.rpm perl-devel-5.16.3-299.el7_9.ppc64le.rpm perl-libs-5.16.3-299.el7_9.ppc64le.rpm perl-macros-5.16.3-299.el7_9.ppc64le.rpm s390x: perl-5.16.3-299.el7_9.s390x.rpm perl-Time-Piece-1.20.1-299.el7_9.s390x.rpm perl-core-5.16.3-299.el7_9.s390x.rpm perl-debuginfo-5.16.3-299.el7_9.s390.rpm perl-debuginfo-5.16.3-299.el7_9.s390x.rpm perl-devel-5.16.3-299.el7_9.s390.rpm perl-devel-5.16.3-299.el7_9.s390x.rpm perl-libs-5.16.3-299.el7_9.s390.rpm perl-libs-5.16.3-299.el7_9.s390x.rpm perl-macros-5.16.3-299.el7_9.s390x.rpm x86_64: perl-5.16.3-299.el7_9.x86_64.rpm perl-Time-Piece-1.20.1-299.el7_9.x86_64.rpm perl-core-5.16.3-299.el7_9.x86_64.rpm perl-debuginfo-5.16.3-299.el7_9.i686.rpm perl-debuginfo-5.16.3-299.el7_9.x86_64.rpm perl-devel-5.16.3-299.el7_9.i686.rpm perl-devel-5.16.3-299.el7_9.x86_64.rpm perl-libs-5.16.3-299.el7_9.i686.rpm perl-libs-5.16.3-299.el7_9.x86_64.rpm perl-macros-5.16.3-299.el7_9.x86_64.rpm Red HatEnterprise Linux Server Optional (v. 7): ppc64: perl-debuginfo-5.16.3-299.el7_9.ppc64.rpm perl-tests-5.16.3-299.el7_9.ppc64.rpm ppc64le: perl-debuginfo-5.16.3-299.el7_9.ppc64le.rpm perl-tests-5.16.3-299.el7_9.ppc64le.rpm s390x: perl-debuginfo-5.16.3-299.el7_9.s390x.rpm perl-tests-5.16.3-299.el7_9.s390x.rpm x86_64: perl-debuginfo-5.16.3-299.el7_9.x86_64.rpm perl-tests-5.16.3-299.el7_9.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: perl-5.16.3-299.el7_9.src.rpm noarch: perl-CPAN-1.9800-299.el7_9.noarch.rpm perl-ExtUtils-CBuilder-0.28.2.6-299.el7_9.noarch.rpm perl-ExtUtils-Embed-1.30-299.el7_9.noarch.rpm perl-ExtUtils-Install-1.58-299.el7_9.noarch.rpm perl-IO-Zlib-1.10-299.el7_9.noarch.rpm perl-Locale-Maketext-Simple-0.21-299.el7_9.noarch.rpm perl-Module-CoreList-2.76.02-299.el7_9.noarch.rpm perl-Module-Loaded-0.08-299.el7_9.noarch.rpm perl-Object-Accessor-0.42-299.el7_9.noarch.rpm perl-Package-Constants-0.02-299.el7_9.noarch.rpm perl-Pod-Escapes-1.04-299.el7_9.noarch.rpm x86_64: perl-5.16.3-299.el7_9.x86_64.rpm perl-Time-Piece-1.20.1-299.el7_9.x86_64.rpm perl-core-5.16.3-299.el7_9.x86_64.rpm perl-debuginfo-5.16.3-299.el7_9.i686.rpm perl-debuginfo-5.16.3-299.el7_9.x86_64.rpm perl-devel-5.16.3-299.el7_9.i686.rpm perl-devel-5.16.3-299.el7_9.x86_64.rpm perl-libs-5.16.3-299.el7_9.i686.rpm perl-libs-5.16.3-299.el7_9.x86_64.rpm perl-macros-5.16.3-299.el7_9.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: perl-debuginfo-5.16.3-299.el7_9.x86_64.rpm perl-tests-5.16.3-299.el7_9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-10543 https://access.redhat.com/security/cve/CVE-2020-10878 https://access.redhat.com/security/cve/CVE-2020-12723 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details athttps://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYBlBRdzjgjWX9erEAQgfWQ/+Pzq//upZZVPBq5+myRLRJCef7277Y+9k 54oh8wOTwtwEMs9ye5Y1FDmAxVd4fWX3JgAss1KE86Hhm5OoCX/FJ0/RGguMR1l2 qwmWtfGuZjrn1SmjdHlf8B/bC0f20IadUUbY/8clpFiMxe5V1g8s9ZgbHv/MBWnm Awac/6LPc7Eb24OnIuTKLYEcQRxuBG1KdikM1NN1uJU5WHkbhZfKWFMnjKihsPGp 42vnomd0P7RdXNc4FbuNlkm2iw04woJyz1AYPdScswWJqawQSbre6+3wpnHlWs4K RerhKZiJLJsC0XmSpma62I4kYbVlniYPcbrF4Zfo1j1vIIvjmOL26B/3JsUVtwfm AKVuAu8DbNIkdSo2CS2gauLWsykukprPx16X8n8Xlb9Kr9iL/r2/sI/jUGce+50S aoe2Hb40VIX6sHPLiEmWP0ufuoDxJZ2mY9mhqAMGt/xCPrZ/Pst0y4hewJVo2AIf /LG758/KJWYBx2ILfBwA07O829irVDnbw5blT47fS3qiqAzXRTp56xkCCnLQ0BGQ Ip3DFIwNVxznKYOgubXJBGl3xYHI+P/bu8tcCAYMaN4hAHdFrqJbPMNLLGf37L73 N83csDc07k/WsKua5atl3suUuYRWxSq6CnV9KNU4aUaKEmu+de+D2k34vn2+le0S HB63T1smQXA=Oj1P -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Feb 02, 2021
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!