develooper Front page | perl.perl5.porters | Postings from April 2016

Re: [perl #123562] Regexp-matching "hangs" indefinitely on illegalinput using binmode :utf8 using 100%CPU

Thread Previous | Thread Next
From:
Karl Williamson
Date:
April 23, 2016 18:39
Subject:
Re: [perl #123562] Regexp-matching "hangs" indefinitely on illegalinput using binmode :utf8 using 100%CPU
Message ID:
571BC151.2070103@khwilliamson.com
On 04/23/2016 03:50 AM, Dominic Hargreaves wrote:
> On Fri, Apr 22, 2016 at 11:25:36PM -0700, yves orton via RT wrote:
>> On 22 April 2016 at 12:19, Dominic Hargreaves via RT
>> <perlbug-followup@perl.org> wrote:
>>> On Wed Apr 20 05:04:56 2016, dom wrote:
>>>> This issue is being treated as a security issue by Debian; see
>>>>
>>>> http://www.openwall.com/lists/oss-security/2016/04/20/5
>>>>
>>>> If p5p agrees that this is a correct assessment (it seems so to me)
>>>> then it should be queued for 5.20.4, I presume?
>>>>
>>>> The Debian bug reporter has rebased the patch for 5.20, but I haven't
>>>> reviewed that:
>>>>
>>>> https://bugs.debian.org/821848
>>>
>>> This issue has been assigned CVE-2015-8853.
>>
>> FYI: I pushed backport patches for Karls fix for 5.18.2 and 5.18.4
>>
>> I can do other backports if needed.
>
> Hi yves,
>
> Do you mean 5.20.x for one of these? I couldn't see any pushes to either
> maint-5.18 or maint-5.20, so wondering where these went.
>
> Thanks for your work!
>
> Dominic.
>


Dominic,

He prudently is smoking them first

http://perl5.git.perl.org/perl.git/shortlog/refs/heads/smoke-me/rt_123562_5184

http://perl5.git.perl.org/perl.git/shortlog/refs/heads/smoke-me/rt_123562_5182

Thread Previous | Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About