1
Candidate: CVE-2010-1158
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1158
5
http://perldoc.perl.org/perl5100delta.html
7
Integer overflow in the regular expression engine in Perl 5.8.x allows
8
context-dependent attackers to cause a denial of service (stack consumption
9
and application crash) by matching a crafted regular expression against a
13
mdeslaur> this is a denial of service issue that stems from the re engine
14
mdeslaur> being recursive. The engine was rewritten in 5.10, and the
15
mdeslaur> patch is intrusive so backporting it may be more trouble than
16
mdeslaur> it's worth. Marking as ignored for now since this is more a
17
mdeslaur> limitation in the engine design than a security issue.
19
https://bugzilla.redhat.com/show_bug.cgi?id=580605
20
http://bugs.gentoo.org/show_bug.cgi?id=313565
26
upstream: http://perl5.git.perl.org/perl.git/commitdiff/95b2444054
27
upstream_perl: released (5.10.0)
30
intrepid_perl: not-affected (5.10.0-11.1ubuntu2.3)
31
jaunty_perl: not-affected (5.10.0-19ubuntu1.1)
32
karmic_perl: not-affected (5.10.0-24ubuntu4)
33
lucid_perl: not-affected (5.10.1-8ubuntu2)
34
devel_perl: not-affected (5.10.1-8ubuntu2)