develooper Front page | perl.perl5.porters | Postings from April 2016

[perl #123562] Regexp-matching "hangs" indefinitely on illegal inputusing binmode :utf8 using 100%CPU

Thread Next
From:
Dominic Hargreaves via RT
Date:
April 22, 2016 10:20
Subject:
[perl #123562] Regexp-matching "hangs" indefinitely on illegal inputusing binmode :utf8 using 100%CPU
Message ID:
rt-4.0.18-7495-1461320391-34.123562-15-0@perl.org
On Wed Apr 20 05:04:56 2016, dom wrote:
> This issue is being treated as a security issue by Debian; see
> 
> http://www.openwall.com/lists/oss-security/2016/04/20/5
> 
> If p5p agrees that this is a correct assessment (it seems so to me)
> then it should be queued for 5.20.4, I presume?
> 
> The Debian bug reporter has rebased the patch for 5.20, but I haven't
> reviewed that:
> 
> https://bugs.debian.org/821848

This issue has been assigned CVE-2015-8853.


---
via perlbug:  queue: perl5 status: pending release
https://rt.perl.org/Ticket/Display.html?id=123562

Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About