perldelta for heap buffer overrun fix

author: Dominic Hargreaves <dom@earth.li> 2012-10-10 17:19:18 +0100
committer: Dominic Hargreaves <dom@earth.li> 2012-10-10 17:19:18 +0100
commit: bb1ae21680de484afe11207a004caa1f352326dc (patch)
tree: ca539034d24dd5024149c7ec4173804569fa2baa
parent: b675304e3fdbcce3ef853b06b6ebe870d99faa7e (diff)
download: perl-bb1ae21680de484afe11207a004caa1f352326dc.tar.gz
1 files changed, 10 insertions, 0 deletions
diff --git a/pod/perldelta.pod b/pod/perldelta.pod
index 7e9b64627e..9338b946e0 100644
--- a/pod/perldelta.pod
+++ b/pod/perldelta.pod
@@ -30,6 +30,16 @@ the algorithm name used, or be able to execute arbitrary Perl code already.
 
 This problem has been fixed.
 
+=head2 Heap buffer overrun in 'x' string repeat operator (CVE-2012-5195)
+
+Poorly written perl code that allows an attacker to specify the count to
+perl's 'x' string repeat operator can already cause a memory exhaustion
+denial-of-service attack. A flaw in versions of perl before 5.15.5 can
+escalate that into a heap buffer overrun; coupled with versions of glibc
+before 2.16, it possibly allows the execution of arbitrary code.
+
+This problem has been fixed.
+
 =head1 Incompatible Changes
 
 There are no changes intentionally incompatible with 5.14.0. If any
author	Dominic Hargreaves <dom@earth.li>	2012-10-10 17:19:18 +0100
committer	Dominic Hargreaves <dom@earth.li>	2012-10-10 17:19:18 +0100
commit	bb1ae21680de484afe11207a004caa1f352326dc (patch)
tree	ca539034d24dd5024149c7ec4173804569fa2baa
parent	b675304e3fdbcce3ef853b06b6ebe870d99faa7e (diff)
download	perl-bb1ae21680de484afe11207a004caa1f352326dc.tar.gz