severity 454792 important tag 454792 - security thanks On Mon, Apr 07, 2008 at 09:46:26PM +0300, Niko Tyni wrote: > > On Fri, Dec 07, 2007 at 02:03:25PM -0800, Don Armstrong wrote: > > > Package: perl > > > Severity: serious > > > Version: 5.8.8-7etch1 > > > Tags: security > > > > > > A trivial program containing a regex with UTF8 characters causes a > > > double free error and segfault: > > > > > *** glibc detected *** debugperl: double free or corruption (!prev): > > > 0x081e20e0 ***
> > > I've set the severity to serious and tagged with security as there is > > > (apparently) a possibility that this could result in execution of > > > arbitrary code. [I don't have any proof of concept for this or a CVE > > > though, so feel free to detag and lower severity.] > > I'm unsure about the security implications. Will ask for opinions on p5p. > Cc'ing the security team to get them in the loop. No response from either in two weeks, so it seems that nobody is particularly concerned. Detagging and lowering the severity as suggested. If anybody disagrees, please speak up and undo the control part. Cheers, -- Niko Tyni [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
