Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 23 Apr 2008 12:29:20 -0400 (EDT)
From: "Steven M. Christey" <coley@...us.mitre.org>
To: Jonathan Smith <smithj@...ethemallocs.com>
cc: "Steven M. Christey" <coley@...us.mitre.org>,
        Florian Weimer <fw@...eb.enyo.de>, oss-security@...ts.openwall.com
Subject: Re: CVE request:Perl bug #48156


removing vendor-sec just in case, since oss-security is archived.

======================================================
Name: CVE-2008-1927
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1927
Reference: MISC:http://rt.perl.org/rt3/Public/Bug/Display.html?id=48156
Reference: CONFIRM:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454792

Double free vulnerability in Perl 5.8.8 allows context-dependent
attackers to cause a denial of service (memory corruption and crash)
via a crafted regular expression containing UTF8 characters.  NOTE:
this issue might only be present on certain operating systems.

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.