On 2025-04-13 16:47, Solar Designer wrote:
[..]
> As it was mentioned in the advance notification to distros, the issue
> was introduced in:
>
> https://github.com/Perl/perl5/commit/a311ee08b6781f83a7785f578a26bbc21a7ae457
>
> which is part of tags v5.33.1 to v5.41.10, so I guess those versions are
> also affected. The fix commit is effectively a revert of the bug commit.
Hi Alexander,
Thank you for the feedback. We only considered release branches for the
affected versions.
To fix this, the CVE record has been updated to take into account
development versions and release candidates:
Versions: from 5.41.0 through 5.41.10
from 5.39.0 before 5.40.2-RC1
from 5.33.1 before 5.38.4-RC1
Best,
--
Stig Palmquist
