Explore top 10 tips to secure your open-source projects now. Read More
×An update that solves four vulnerabilities and has one errata is now available. . SUSE Security Update: Security update for perl ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:2447-1 Rating: important References: #1068565 #1082216 #1082233 #1082234 #1096718 Cross-References: CVE-2018-12015 CVE-2018-6797 CVE-2018-6798 CVE-2018-6913 Affected Products: SUSE CaaS Platform 3.0 ______________________________________________________________________________ An update that solves four vulnerabilities and has one errata is now available. Description: This update for perl fixes the following issues: These security issue were fixed: - CVE-2018-6913: Fixed space calculation issues in pp_pack.c (bsc#1082216). - CVE-2018-6798: Fixed heap buffer overflow in regexec.c (bsc#1082233). - CVE-2018-6797: Fixed sharp-s regexp overflow (bsc#1082234). - CVE-2018-12015: The Archive::Tar module allowed remote attackers to bypass a directory-traversal protection mechanism and overwrite arbitrary files (bsc#1096718) This non-security issue was fixed: - fix debugger crash in tab completion with Term::ReadLine::Gnu [bsc#1068565] Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE CaaS Platform 3.0: To install this update, use the SUSE CaaS Platform Velum dashboard. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. Package List: - SUSE CaaS Platform 3.0 (x86_64): perl-5.18.2-12.17.1 perl-base-5.18.2-12.17.1 perl-base-debuginfo-5.18.2-12.17.1 perl-debuginfo-5.18.2-12.17.1 perl-debugsource-5.18.2-12.17.1 References: https://www.suse.com/security/cve/CVE-2018-12015.html https://www.suse.com/security/cve/CVE-2018-6797.html https://www.suse.com/security/cve/CVE-2018-6798.html https://www.suse.com/security/cve/CVE-2018-6913.html https://bugzilla.suse.com/1068565 https://bugzilla.suse.com/1082216 https://bugzilla.suse.com/1082233 https://bugzilla.suse.com/1082234 https://bugzilla.suse.com/1096718 . Urgent security patch released for SUSE's perl targeting various vulnerabilities with comprehensive setup guidance.. perl security fix, SUSE patch, software vulnerability, SUSE CaaS update. . LinuxSecurity.com Team
Get the latest Linux and open source security news straight to your inbox.