{"id":"MGASA-2018-0241","summary":"Updated perl packages fix security vulnerabilities","details":"Brian Carpenter reported that a crafted regular expression could cause\na heap buffer write overflow, with control over the bytes written\n(CVE-2018-6797).\n\nNguyen Duc Manh reported that matching a crafted locale dependent\nregular expression can cause a heap-based buffer over-read and\npotentially information disclosure (CVE-2018-6798).\n\nGwanYeong Kim reported that 'pack()' could cause a heap buffer write\noverflow with a large item count (CVE-2018-6913).\n","modified":"2026-04-16T01:48:39.632747329Z","published":"2018-05-16T08:24:56Z","upstream":["CVE-2018-6797","CVE-2018-6798","CVE-2018-6913"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2018-0241.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=22913"},{"type":"WEB","url":"https://www.debian.org/security/2018/dsa-4172"}],"affected":[{"package":{"name":"perl","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/perl?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.22.3-3.2.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2018-0241.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}