Date: Fri, 28 Apr 2017 23:12:43 +0000 From: bugzilla-noreply@freebsd.org To: perl@FreeBSD.org Subject: maintainer-feedback requested: [Bug 218946] lang/perl5.24 - remote DoS via CPU exhaustion by exercising glob expansion Message-ID: <bug-218946-14331-jDr3lpvkvC@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-218946-14331@https.bugs.freebsd.org/bugzilla/> References: <bug-218946-14331@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
Sevan Janiyan <sevan@freebsd.org> has reassigned Bugzilla Automation <bugzilla@FreeBSD.org>'s request for maintainer-feedback to perl@FreeBSD.org: Bug 218946: lang/perl5.24 - remote DoS via CPU exhaustion by exercising glob expansion https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=218946 --- Description --- A blog post by Russ Cox, titled "Glob Matching Can Be Simple And Fast Too" highlighted the issue. https://research.swtch.com/glob Patches landed in Perl repo to address the issue https://perl5.git.perl.org/perl.git/commit/33252c318625f3c6c89b816ee88481940e3e 6f95 I don't believe a CVE has been assigned yet but the range of affected software may be quite wide, not sure how that fits in with vuxml.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-218946-14331-jDr3lpvkvC>