[Bug 1139700] CVE-2014-4330 perl-Data-Dumper: deep recursion stack overflow

Wed Oct 15 20:11:33 UTC 2014

https://bugzilla.redhat.com/show_bug.cgi?id=1139700

Vincent Danen <vdanen at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Whiteboard|impact=low,public=20140918, |impact=low,public=20140918,
                   |reported=20140909,source=up |reported=20140909,source=up
                   |stream,cvss2=1.2/AV:L/AC:H/ |stream,cvss2=1.2/AV:L/AC:H/
                   |Au:N/C:N/I:N/A:P,rhel-4/per |Au:N/C:N/I:N/A:P,rhel-4/per
                   |l=new,rhel-5/perl=new,rhel- |l=wontfix,rhel-5/perl=wontf
                   |6/perl=new,rhel-7/perl=nota |ix,rhel-6/perl=new,rhel-7/p
                   |ffected,fedora-all/perl=not |erl=notaffected,fedora-all/
                   |affected,rhel-7/perl-Data-D |perl=notaffected,rhel-7/per
                   |umper=affected,rhscl-1/perl |l-Data-Dumper=affected,rhsc
                   |516-perl-Data-Dumper=affect |l-1/perl516-perl-Data-Dumpe
                   |ed,fedora-all/perl-Data-Dum |r=affected,fedora-all/perl-
                   |per=affected                |Data-Dumper=affected

--- Comment #15 from Vincent Danen <vdanen at redhat.com> ---
Statement:

This issue affects the versions of perl as shipped with Red Hat Enterprise
Linux 6 and 7. A future update may address this issue.

Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and
maintenance life cycle. This has been rated as having Low security impact and
is not currently planned to be addressed in future updates. For additional
information, refer to the Red Hat Enterprise Linux Life Cycle:
https://access.redhat.com/support/policy/updates/errata/.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=Bbs719pIlV&a=cc_unsubscribe