diff options
| -rw-r--r-- | pod/perldelta.pod | 19 |
1 files changed, 15 insertions, 4 deletions
diff --git a/pod/perldelta.pod b/pod/perldelta.pod index 3749969a3a..33e7c39f5f 100644 --- a/pod/perldelta.pod +++ b/pod/perldelta.pod @@ -14,11 +14,22 @@ L<perl5243delta>, which describes differences between 5.24.2 and 5.24.3. =head1 Security -XXX Any security-related notices go here. In particular, any security -vulnerabilities closed should be noted here rather than in the -L</Selected Bug Fixes> section. +=head2 [CVE-2018-6797] heap-buffer-overflow (WRITE of size 1) in S_regatom (regcomp.c) -[ List each security issue as a =head2 entry ] +A crafted regular expression could cause a heap buffer write overflow, with +control over the bytes written. +L<[perl #132227]|https://rt.perl.org/Public/Bug/Display.html?id=132227> + +=head2 [CVE-2018-6798] Heap-buffer-overflow in Perl__byte_dump_string (utf8.c) + +Matching a crafted locale dependent regular expression could cause a heap +buffer read overflow and potentially information disclosure. +L<[perl #132063]|https://rt.perl.org/Public/Bug/Display.html?id=132063> + +=head2 [CVE-2018-6913] heap-buffer-overflow in S_pack_rec + +C<pack()> could cause a heap buffer write overflow with a large item count. +L<[perl #131844]|https://rt.perl.org/Public/Bug/Display.html?id=131844> =head1 Incompatible Changes |