perl-5.16.3-299.el7
エラータID: AXSA:2021-1425:04
リリース日:
2021/02/08 Monday - 11:03
題名:
perl-5.16.3-299.el7
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- Perlには、32ビットプラットフォームにおいてネストされた正規表現の量指定子が
整数オーバーフローを起こすため、ヒープベースのバッファオーバーフローを
起こす脆弱性があります。(CVE-2020-10543)
- Perlには、"PL_regkind[OP(n)] == NOTHING" を誤って処理することから
整数オーバーフローを起こすため、巧妙に細工された正規表現が、命令を挿入できる
悪意あるバイトコードを生成する脆弱性があります。(CVE-2020-10878)
- Perlには、再帰的に S_study_chunk を呼び出すため、巧妙に細工された正規表現を
通じて、バッファオーバーフローを起こす脆弱性があります。(CVE-2020-12723)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2020-10543
Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.
Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.
CVE-2020-10878
Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.
Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.
CVE-2020-12723
regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls.
regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls.
追加情報:
N/A
ダウンロード:
SRPMS
- perl-5.16.3-299.el7.src.rpm
MD5: bb9772db9d5d11e8afe26b7bb9660133
SHA-256: 0408d05e69ef0923cfea44e63412e7429e1c9a147cc93ba089e40e27e706b8e5
Size: 13.06 MB
Asianux Server 7 for x86_64
- perl-5.16.3-299.el7.x86_64.rpm
MD5: 0e0b5376eb7df1acd9cc9e97eae5c52b
SHA-256: 72a51aacb1cfcca8bb8960e0fd6b3163bca8bbf2926d14041ac389037c3385b4
Size: 7.97 MB - perl-core-5.16.3-299.el7.x86_64.rpm
MD5: 4a61ea72d61a6ec8f7d25b8396d21497
SHA-256: b94eb9cd19ba0b2dcf02ab5223e47a59264c8aa89b43b39862d746c8fdf49726
Size: 42.37 kB - perl-CPAN-1.9800-299.el7.noarch.rpm
MD5: 2b0136cc5f26c3324b1ff47e3e544bf6
SHA-256: b25928bc37082a42d817e5fc40fc1a7ddee7d70595e6f5421863f4b808fe77e9
Size: 292.57 kB - perl-devel-5.16.3-299.el7.x86_64.rpm
MD5: 7ecf188ca64433a7fc67705cf98000b5
SHA-256: 8b2843f3d6d66dea270a6fd5021f827fbfca74167061fad516c9175896cde690
Size: 453.03 kB - perl-ExtUtils-CBuilder-0.28.2.6-299.el7.noarch.rpm
MD5: 98c68e2cac083876e731449ab98ed5a2
SHA-256: 3ce0315979ca6b16ff62e6997d35349ef207e566a7aebd83343114fb6f4a36b9
Size: 67.39 kB - perl-ExtUtils-Embed-1.30-299.el7.noarch.rpm
MD5: bba2e5a8e186dba5f1ee45f0a18700d4
SHA-256: 0d8ed0b04f335131e02be36d5ae1b643ddba880027c6926a5809e879d925cd32
Size: 50.04 kB - perl-ExtUtils-Install-1.58-299.el7.noarch.rpm
MD5: 88d5312ad964207f54a345967ee4cead
SHA-256: 14c2c3d96ce044a9e2c311294f84458aa791d1c137924ce67168d31632557cd9
Size: 74.19 kB - perl-IO-Zlib-1.10-299.el7.noarch.rpm
MD5: 5ea456def5d55fded69549829ff201e8
SHA-256: 81311a4a5c9b0682b41e28b2396bc75e8876aa29adf506ebd2fc739e0bc8597d
Size: 51.27 kB - perl-libs-5.16.3-299.el7.x86_64.rpm
MD5: ba720dff733f3e63ae15ad6602fd25d2
SHA-256: 3bee646f2f94680244abbc238603957c38f13aaf85c555b7243ea3661f15ef52
Size: 688.68 kB - perl-Locale-Maketext-Simple-0.21-299.el7.noarch.rpm
MD5: ad608e59abf996d2e51c6d692fb67080
SHA-256: a71dfd38a7ca9d755fe43bb669a40f99f6a8133fd919b79763dbc2dbbd06c44b
Size: 49.72 kB - perl-macros-5.16.3-299.el7.x86_64.rpm
MD5: 54b8321290b79c45239a69295a700bab
SHA-256: 12346e00865e3de29771d2c28255e169b7ac473cbe64742a8e49877081c0abc0
Size: 43.35 kB - perl-Module-CoreList-2.76.02-299.el7.noarch.rpm
MD5: 3c22584064c419f819a366a3585c8aef
SHA-256: 66b6692e372634d3e499041261f44118dd896342829b323c1bf60398389762ae
Size: 85.29 kB - perl-Module-Loaded-0.08-299.el7.noarch.rpm
MD5: 6f4bd006f519e5606fec38af32a75ecc
SHA-256: 20c6feb3cbfcc0b3c62df5d4735017a55a411dd3c49e7926703852bde3c7bdb3
Size: 45.72 kB - perl-Object-Accessor-0.42-299.el7.noarch.rpm
MD5: a568c8bf1fe17a89f843bffc8fb3e787
SHA-256: 7922cca7b9d8bd288c3756f151fa1d0e279fd87efc11d67441685ad7b68e7ae3
Size: 55.34 kB - perl-Package-Constants-0.02-299.el7.noarch.rpm
MD5: f69fee4138708f444068c565ee3dbb49
SHA-256: b4fec424245661335280ee108bbb09557cbc9be69bac2209235bd537bb93bbbe
Size: 45.12 kB - perl-Pod-Escapes-1.04-299.el7.noarch.rpm
MD5: 026da44b7102f9a5adda8bf8d6dc6708
SHA-256: 5d7b915d0b600429e4fedf7d881497b9d08671688d674153aec6ed08faee98b5
Size: 50.86 kB - perl-Time-Piece-1.20.1-299.el7.x86_64.rpm
MD5: fa9c44af0da0a75ec4ed6bd40af6fad8
SHA-256: e037b9b5e0a7d79434f4a32f2da34942d4048e9e9b4cc9910a85cf89d0c4123b
Size: 69.02 kB - perl-devel-5.16.3-299.el7.i686.rpm
MD5: f343cc4491ad87f8eb9c58e70cf69234
SHA-256: ffa7282f8bb4f02f4166e33bb904dbae3293bed54d9a82298a8f1987e33458c7
Size: 452.96 kB - perl-libs-5.16.3-299.el7.i686.rpm
MD5: 5e2f36212eeae26ea7ca01338a8ae1ac
SHA-256: d69a99b61402a566068b07f70153913e8ee7e077de5b43b277039c5cd5f3d823
Size: 682.32 kB
English