[Secure-testing-team] Bug#762256: perl: CVE-2014-4330: stack exhaustion bug in Data::Dumper
Salvatore Bonaccorso
carnil at debian.org
Sat Sep 20 07:40:03 UTC 2014
Source: perl
Version: 5.14.2-21
Severity: important
Tags: security upstream patch fixed-upstream
Hi Niko and Dominic,
Know you are already aware of it, but creating a bug in BTS to have a
easier trackability fo the security-tracker (thanks also for already
requesting the upload trough wheezy-pu).
CVE-2014-4330[0]:
stack exhaustion in Data::Dumper
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2014-4330
[1] http://www.nntp.perl.org/group/perl.perl5.porters/2014/09/msg220118.html
[2] http://perl5.git.perl.org/perl.git/commitdiff/19be3be6968e2337bcdfe480693fff795ecd1304
Thanks for your work! Regards,
Salvatore
More information about the Secure-testing-team
mailing list