Information on source package perl

Available versions

ReleaseVersion
wheezy5.14.2-21+deb7u3
wheezy (security)5.14.2-21+deb7u5
jessie5.20.2-3+deb8u8
jessie (security)5.20.2-3+deb8u9
stretch (security)5.24.1-3+deb9u2
buster5.26.1-2
sid5.26.1-2

Open issues

BugwheezyjessiestretchbustersidDescription
CVE-2015-8853vulnerable (no DSA)fixedfixedfixedfixedThe (1) S_reghop3, (2) S_reghop4, and (3) S_reghopmaybe3 functions in ...
CVE-2013-7422vulnerable (no DSA)fixedfixedfixedfixedInteger underflow in regcomp.c in Perl before 5.20, as used in Apple ...

Open unimportant issues

BugwheezyjessiestretchbustersidDescription
TEMP-0769606-4AA6CFvulnerablevulnerablefixedfixedfixeda2p: buffer overflow
CVE-2012-3878vulnerablevulnerablevulnerablevulnerablevulnerablePerl require Directive Path Subversion Arbitrary Module / File Loading Weakness
CVE-2011-4116vulnerablevulnerablevulnerablevulnerablevulnerableunsafe traversal of symlinks
CVE-2010-4777vulnerablefixedfixedfixedfixedThe Perl_reg_numbered_buff_fetch function in Perl 5.10.0, 5.12.0, ...

Resolved issues

BugDescription
CVE-2017-6512Race condition in the rmtree and remove_tree functions in the ...
CVE-2017-12883Buffer overflow in the S_grok_bslash_N function in regcomp.c in Perl 5 ...
CVE-2017-12837Heap-based buffer overflow in the S_regatom function in regcomp.c in ...
CVE-2017-12814Stack-based buffer overflow in the CPerlHost::Add method in ...
CVE-2016-6185The XSLoader::load method in XSLoader in Perl does not properly locate ...
CVE-2016-2381Perl might allow context-dependent attackers to bypass the taint ...
CVE-2016-1238(1) cpan/Archive-Tar/bin/ptar, (2) cpan/Archive-Tar/bin/ptardiff, (3) ...
CVE-2015-8608The VDir::MapPathA and VDir::MapPathW functions in Perl 5.22 allow ...
CVE-2015-8607The canonpath function in the File::Spec module in PathTools before ...
CVE-2014-4330The Dumper method in Data::Dumper before 2.154, as used in Perl 5.20.1 ...
CVE-2013-1667The rehash mechanism in Perl 5.8.2 through 5.16.x allows ...
CVE-2013-1437Code execution when gathering version metadata
CVE-2012-6329The _compile function in Maketext.pm in the Locale::Maketext ...
CVE-2012-5526CGI.pm module before 3.63 for Perl does not properly escape newlines ...
CVE-2012-5195Heap-based buffer overflow in the Perl_repeatcpy function in util.c in ...
CVE-2011-3597Eval injection vulnerability in the Digest module before 1.17 for Perl ...
CVE-2011-2939Off-by-one error in the decode_xs function in Unicode/Unicode.xs in ...
CVE-2011-2728The bsd_glob function in the File::Glob module for Perl before 5.14.2 ...
CVE-2011-1487The (1) lc, (2) lcfirst, (3) uc, and (4) ucfirst functions in Perl ...
CVE-2011-0761Perl 5.10.x allows context-dependent attackers to cause a denial of ...
CVE-2010-4411Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote ...
CVE-2010-4410CRLF injection vulnerability in the header function in (1) CGI.pm ...
CVE-2010-2761The multipart_init function in (1) CGI.pm before 3.50 and (2) ...
CVE-2010-1447The Safe (aka Safe.pm) module 2.26, and certain earlier versions, for ...
CVE-2010-1168The Safe (aka Safe.pm) module before 2.25 for Perl allows ...
CVE-2010-1158Integer overflow in the regular expression engine in Perl 5.8.x allows ...
CVE-2009-3626Perl 5.10.1 allows context-dependent attackers to cause a denial of ...
CVE-2009-1391Off-by-one error in the inflate function in Zlib.xs in ...
CVE-2008-5303Race condition in the rmtree function in File::Path 1.08 ...
CVE-2008-5302Race condition in the rmtree function in File::Path 1.08 and 2.07 ...
CVE-2008-2827The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly ...
CVE-2008-1927Double free vulnerability in Perl 5.8.8 allows context-dependent ...
CVE-2007-5116Buffer overflow in the polymorphic opcode support in the Regular ...
CVE-2007-4829Directory traversal vulnerability in the Archive::Tar Perl module 1.36 ...
CVE-2005-4278Untrusted search path vulnerability in Perl before 5.8.7-r1 on Gentoo ...
CVE-2005-4217Perl in Apple Mac OS X Server 10.3.9 does not properly drop privileges ...
CVE-2005-3962Integer overflow in the format string functionality (Perl_sv_vcatpvfn) ...
CVE-2005-0448Race condition in the rmtree function in File::Path.pm in Perl before ...
CVE-2005-0156Buffer overflow in the PerlIO implementation in Perl 5.8.0, when ...
CVE-2005-0155The PerlIO implementation in Perl 5.8.0, when installed with setuid ...
CVE-2004-0976Multiple scripts in the perl package in Trustix Secure Linux 1.5 ...
CVE-2004-0452Race condition in the rmtree function in the File::Path module in Perl ...
CVE-2004-0377Buffer overflow in the win32_stat function for (1) ActiveState's ...
CVE-2003-0900Perl 5.8.1 on Fedora Core does not properly initialize the random ...
CVE-2003-0618Multiple vulnerabilities in suidperl 5.6.1 and earlier allow a local ...
CVE-2003-0615Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm ...
CVE-2002-1323Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may ...
CVE-2002-0703An interaction between the Perl MD5 module (perl-Digest-MD5) and Perl ...

Security announcements

DSA / DLADescription
DSA-3982-1perl - security update
DSA-3982-1perl - security update
DSA-3873-1perl - security update
DLA-978-1perl - security update
DLA-565-1perl - security update
DSA-3628-1perl - security update
DSA-3501-1perl - security update
DSA-3501-1perl - security update
DSA-3441-1perl - security update
DSA-2641-1perl - rehashing flaw
DSA-2586-1perl - several
DSA-2267-1perl - restriction bypass
DSA-2267-1perl - restriction bypass
DSA-2265-1perl - missing taint check
DSA-2265-1perl - missing taint check
DSA-1678-1perl - privilege escalation
DSA-1556-2perl - denial of service
DSA-1400-1perl - arbitrary code execution
DSA-1400-1perl - arbitrary code execution
DSA-943-1perl - integer overflow
DSA-943-1perl - integer overflow
DSA-696-1perl - design flaw
DSA-620-1perl - insecure temporary files / directories
DSA-431perl - information leak
DSA-371perl - cross-site scripting
DSA-208perl - broken safe compartment

Search for package or bug name: Reporting problems