Incoming details.
[CVE-2018-6797] heap-buffer-overflow (WRITE of size 1) in S_regatom (regcomp.c) [CVE-2018-6798] Heap-buffer-overflow in Perl__byte_dump_string (utf8.c) [CVE-2018-6913] heap-buffer-overflow in S_pack_rec
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=24ba795334144fc8887cc7d9e5b61e55725c93a4 commit 24ba795334144fc8887cc7d9e5b61e55725c93a4 Author: Kent Fredric <kentnl@gentoo.org> AuthorDate: 2018-04-17 05:03:07 +0000 Commit: Kent Fredric <kentnl@gentoo.org> CommitDate: 2018-04-23 18:27:25 +0000 dev-lang/perl: Bump to version 5.26.2 - Update to perlcross 1.1.9 - Fold no-nsl patches into tarball - Sync 5.26.9999 ebuild with non-maintainer commits Upstream: - Fix for [CVE-2018-6797] heap-buffer-overflow (WRITE of size 1) in S_regatom (regcomp.c) - Fix for [CVE-2018-6798] Heap-buffer-overflow in Perl__byte_dump_string (utf8.c) - Fix for [CVE-2018-6913] heap-buffer-overflow in S_pack_rec - Fix for Assertion failure in Perl__core_swash_init (utf8.c) - Updated Modules: * PerlIO::via -> 0.17 * Term::ReadLine -> 1.17 * Unicode::UCD -> 0.69 - Documentation fixes in perluniprops - Fix win32 VC++ compiler detection on non-english systems - Set correct $Config{libpth} w/ VC++ < 14.1 - Prevent readpipe() corrupting stack at runtime via scalar check at compile time - Fixed a use after free bug in pp_list - Fix a use-after-free w/ sub keyword followed by newlines and comments - Tokenizer correctly adjusts parse pointer when skipping whitespace in an identifier - Accesses to ${^LAST_FH} no longer asserts after IO ops on non-glob - Sort correctly reference counts aliased $a and $b - Certain convoluted regexps no longer cause arithmetic overflow when compiled - Fix duplicate symbol failure with -flto -mieee-fp - Fix null pointer deref in S_regmatch - Escallate compilation failures within string interpolation etc, to occur earlier as to not confuse the compiler and crash perl Bug: https://bugs.gentoo.org/653432 Package-Manager: Portage-2.3.24, Repoman-2.3.6 dev-lang/perl/Manifest | 3 +- dev-lang/perl/perl-5.26.2.ebuild | 637 ++++++++++++++++++++++++++++++++++++ dev-lang/perl/perl-5.26.9999.ebuild | 22 +- 3 files changed, 656 insertions(+), 6 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=14eb27172e9fc3a68a0df8b2c35ab4d03987e243 commit 14eb27172e9fc3a68a0df8b2c35ab4d03987e243 Author: Kent Fredric <kentnl@gentoo.org> AuthorDate: 2018-04-17 01:48:48 +0000 Commit: Kent Fredric <kentnl@gentoo.org> CommitDate: 2018-04-23 18:27:22 +0000 dev-lang/perl: Bump to version 5.24.4 - Switch to cross-perl 1.1.9 - Merge libnsl patch into patchball Upstream: - Fixes for [CVE-2018-6797] heap-buffer-overflow (WRITE of size 1) in S_regatom (regcomp.c) - Fixes for [CVE-2018-6798] Heap-buffer-overflow in Perl__byte_dump_string (utf8.c) - Fixes for [CVE-2018-6913] heap-buffer-overflow in S_pack_rec - Fixes for Assertion failure in Perl__core_swash_init (utf8.c) - Avoid corrupting the stack at runtime with readpipe() by checking parameters at compile-time Bug: https://bugs.gentoo.org/653432 Package-Manager: Portage-2.3.24, Repoman-2.3.6 dev-lang/perl/Manifest | 3 + dev-lang/perl/perl-5.24.4.ebuild | 570 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 573 insertions(+)}
@security: 5.26.2 is stable now Cleanup may still take some time (it's a lot of work because of the virtuals). So it's probably better if you proceed. Nothing to do for perl here anymore.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c066643dc05b77af353f73183efbce2dff66da04 commit c066643dc05b77af353f73183efbce2dff66da04 Author: Andreas K. Hüttel <dilfridge@gentoo.org> AuthorDate: 2019-05-11 16:17:48 +0000 Commit: Andreas K. Hüttel <dilfridge@gentoo.org> CommitDate: 2019-05-11 16:21:07 +0000 package.mask: Mask Perl 5.24 and friends for removal Bug: https://bugs.gentoo.org/653432 Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org> profiles/package.mask | 61 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 61 insertions(+)
@security please proceed
This issue was resolved and addressed in GLSA 201909-01 at https://security.gentoo.org/glsa/201909-01 by GLSA coordinator Thomas Deutschmann (whissi).
