ELA-63-1 perl security update

integer overflow

2018-12-03
Packageperl
Version5.14.2-21+deb7u8
Related CVEs CVE-2018-18311

Jayakrishna Menon and Christophe Hauser discovered an integer overflow vulnerability in Perl_my_setenv leading to a heap-based buffer overflow with attacker-controlled input.

For Debian 7 Wheezy, these problems have been fixed in version 5.14.2-21+deb7u8.

We recommend that you upgrade your perl packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/