maintainer-feedback requested: [Bug 218946] lang/perl5.24 - remote DoS via CPU exhaustion by exercising glob expansion
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Fri Apr 28 23:12:44 UTC 2017
Sevan Janiyan <sevan at freebsd.org> has reassigned Bugzilla Automation
<bugzilla at FreeBSD.org>'s request for maintainer-feedback to perl at FreeBSD.org:
Bug 218946: lang/perl5.24 - remote DoS via CPU exhaustion by exercising glob
expansion
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=218946
--- Description ---
A blog post by Russ Cox, titled "Glob Matching Can Be Simple And Fast Too"
highlighted the issue.
https://research.swtch.com/glob
Patches landed in Perl repo to address the issue
https://perl5.git.perl.org/perl.git/commit/33252c318625f3c6c89b816ee88481940e3e
6f95
I don't believe a CVE has been assigned yet but the range of affected software
may be quite wide, not sure how that fits in with vuxml.
More information about the freebsd-perl
mailing list