Date: Wed, 23 Apr 2008 12:29:20 -0400 (EDT) From: "Steven M. Christey" <coley@...us.mitre.org> To: Jonathan Smith <smithj@...ethemallocs.com> cc: "Steven M. Christey" <coley@...us.mitre.org>, Florian Weimer <fw@...eb.enyo.de>, oss-security@...ts.openwall.com Subject: Re: CVE request:Perl bug #48156 removing vendor-sec just in case, since oss-security is archived. ====================================================== Name: CVE-2008-1927 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1927 Reference: MISC:http://rt.perl.org/rt3/Public/Bug/Display.html?id=48156 Reference: CONFIRM:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454792 Double free vulnerability in Perl 5.8.8 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a crafted regular expression containing UTF8 characters. NOTE: this issue might only be present on certain operating systems.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.