CVE-2013-1667

Published: 4 March 2013

The rehash mechanism in Perl 5.8.2 through 5.16.x allows context-dependent attackers to cause a denial of service (memory consumption and crash) via a crafted hash key.

Priority

Status

Package	Release	Status
perl Launchpad, Ubuntu, Debian	upstream	Released (5.14.2-19)
	hardy	Released (5.8.8-12ubuntu0.8)
	lucid	Released (5.10.1-8ubuntu2.3)
	oneiric	Released (5.12.4-4ubuntu0.2)
	precise	Released (5.14.2-6ubuntu2.3)
	quantal	Released (5.14.2-13ubuntu0.2)
	Patches: vendor: http://www.debian.org/security/2013/dsa-2641 upstream: http://perl5.git.perl.org/perl.git/commit/2674b61957c26a4924831d5110afa454ae7ae5a6 (5.8) upstream: http://perl5.git.perl.org/perl.git/commit/f14269908e5f8b4cab4b55643d7dd9de577e7918 (5.10) upstream: http://perl5.git.perl.org/perl.git/commit/9d83adcdf9ab3c1ac7d54d76f3944e57278f0e70 (5.12) upstream: http://perl5.git.perl.org/perl.git/commit/d59e31fc729d8a39a774f03bc6bc457029a7aef2 (5.14)

References

Bugs

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702296

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›