Date: Fri, 28 Apr 2017 23:12:43 +0000 From: bugzilla-noreply@freebsd.org To: perl@FreeBSD.org Subject: maintainer-feedback requested: [Bug 218946] lang/perl5.24 - remote DoS via CPU exhaustion by exercising glob expansion Message-ID: <bug-218946-14331-jDr3lpvkvC@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-218946-14331@https.bugs.freebsd.org/bugzilla/> References: <bug-218946-14331@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
Sevan Janiyan <sevan@freebsd.org> has reassigned Bugzilla Automation <bugzilla@FreeBSD.org>'s request for maintainer-feedback to perl@FreeBSD.or= g: Bug 218946: lang/perl5.24 - remote DoS via CPU exhaustion by exercising glob expansion https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D218946 --- Description --- A blog post by Russ Cox, titled "Glob Matching Can Be Simple And Fast Too" highlighted the issue. https://research.swtch.com/glob Patches landed in Perl repo to address the issue https://perl5.git.perl.org/perl.git/commit/33252c318625f3c6c89b816ee8848194= 0e3e 6f95 I don't believe a CVE has been assigned yet but the range of affected softw= are may be quite wide, not sure how that fits in with vuxml.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-218946-14331-jDr3lpvkvC>