develooper Front page | perl.perl5.porters | Postings from April 2016

Re: [perl #123562] Regexp-matching "hangs" indefinitely on illegalinput using binmode :utf8 using 100%CPU

Thread Previous | Thread Next
From:
Dominic Hargreaves
Date:
April 23, 2016 09:50
Subject:
Re: [perl #123562] Regexp-matching "hangs" indefinitely on illegalinput using binmode :utf8 using 100%CPU
Message ID:
20160423095028.GN6520@urchin.earth.li
On Fri, Apr 22, 2016 at 11:25:36PM -0700, yves orton via RT wrote:
> On 22 April 2016 at 12:19, Dominic Hargreaves via RT
> <perlbug-followup@perl.org> wrote:
> > On Wed Apr 20 05:04:56 2016, dom wrote:
> >> This issue is being treated as a security issue by Debian; see
> >>
> >> http://www.openwall.com/lists/oss-security/2016/04/20/5
> >>
> >> If p5p agrees that this is a correct assessment (it seems so to me)
> >> then it should be queued for 5.20.4, I presume?
> >>
> >> The Debian bug reporter has rebased the patch for 5.20, but I haven't
> >> reviewed that:
> >>
> >> https://bugs.debian.org/821848
> >
> > This issue has been assigned CVE-2015-8853.
> 
> FYI: I pushed backport patches for Karls fix for 5.18.2 and 5.18.4
> 
> I can do other backports if needed.

Hi yves,

Do you mean 5.20.x for one of these? I couldn't see any pushes to either
maint-5.18 or maint-5.20, so wondering where these went.

Thanks for your work!

Dominic.

Thread Previous | Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About