New Debian perl 5.36.0-7+deb12u2 fixes: This update addresses the following issue: * A heap buffer overflow vulnerability was discovered in Perl. Release branches 5.34, 5.36, 5.38 and 5.40 are affected, including development versions from 5.33.1 through 5.41.10. When there are non-ASCII bytes in the left-hand-side of the `tr` operator, `S_do_trans_invmap` can overflow the destination pointer `d`. $ perl -e '$_ = "\x{FF}" x 1000000; tr/\xFF/\x{100}/;' Segmentation fault (core dumped) It is believed that this vulnerability can enable Denial of Service and possibly Code Execution attacks on platforms that lack sufficient defenses. (CVE-2024-56406)
--- mirror/ftp/pool/main/p/perl/perl_5.36.0-7+deb12u1.dsc +++ apt/ucs_5.2-0-errata5.2-1/source/perl_5.36.0-7+deb12u2.dsc @@ -1,3 +1,7 @@ +5.36.0-7+deb12u2 [Sat, 12 Apr 2025 18:16:31 +0300] Niko Tyni <ntyni@debian.org>: + + * [SECURITY] CVE-2024-56406: Fix heap-buffer-overflow with tr// + 5.36.0-7+deb12u1 [Sat, 25 Nov 2023 22:59:54 +0200] Niko Tyni <ntyni@debian.org>: * [SECURITY] CVE-2023-47038: Write past buffer end via illegal <http://piuparts.knut.univention.de/5.2-1/#7409377860782369126>
OK: bug OK: yaml OK: announce_errata OK: patch OK: piuparts [5.2-1] 75433dbb672 fixup! Bug #58194: perl 5.36.0-7+deb12u2 doc/errata/staging/perl.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) [5.2-1] 24f75224dbb Bug #58194: perl 5.36.0-7+deb12u2 doc/errata/staging/perl.yaml | 12 ++++++++++++ 1 file changed, 12 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.2x70>