Date: Fri, 28 Apr 2017 23:12:43 +0000 From: bugzilla-noreply@freebsd.org To: perl@FreeBSD.org Subject: [Bug 218946] lang/perl5.24 - remote DoS via CPU exhaustion by exercising glob expansion Message-ID: <bug-218946-14331@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D218946 Bug ID: 218946 Summary: lang/perl5.24 - remote DoS via CPU exhaustion by exercising glob expansion Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: perl@FreeBSD.org Reporter: sevan@freebsd.org Flags: maintainer-feedback?(perl@FreeBSD.org) Assignee: perl@FreeBSD.org A blog post by Russ Cox, titled "Glob Matching Can Be Simple And Fast Too" highlighted the issue. https://research.swtch.com/glob Patches landed in Perl repo to address the issue https://perl5.git.perl.org/perl.git/commit/33252c318625f3c6c89b816ee8848194= 0e3e6f95 I don't believe a CVE has been assigned yet but the range of affected softw= are may be quite wide, not sure how that fits in with vuxml. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-218946-14331>