Wednesday, April 23, 2025

[USN-7434-2] Perl vulnerability

-----BEGIN PGP SIGNATURE-----

wsF5BAABCAAjFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAmgI+6kFAwAAAAAACgkQZWnYVadEvpOh
lBAAqFionTJo7QxtdCRaa9Sl8LqqcFz8AsmjiMnvrAOmU//IeIJXXxEDnXilmlUSes3a1DDEizB8
XMi63IylhUXI6tthFvVXNwJaqhlvaVEGGEUifMFHwuEilJpIH8jcywbjUPkqok87jKGtoC5BlyYL
h7XDA1KUykwCgMm6vvmuE07cq/+uYnS4nnTbvFwb/R9qYz8Ci1yiz5AeG6/W1J/wDlWbems0ZN9u
7DZ/JGp9hTIe9qEmTWHPUzTBr1uCR8oVLOSksJLyS+HBeKkSMfobERbzoo/naRZT1dB1fyBBP+5u
OZoq8GkdrOVTZWQTVdoZCmF5sywPzElQ/IaxXbVkRvnGrGFkQ67bVK3efLja1y8BFUsMCJXt7S4d
VgHDernU1LE4Dq3w6gBv3ql8xjP6/tOeAmxBf0m23ZGdAK2kf2vTBw8oAikbwsYvcv39RNxoIBuP
1T8Yr0JyRFCWr/TWs7jWWC5YqwI60S6CVLFZAFkZFgAFtr9RZMOYGr3RXpua8z6Wi2YYnW4zaA+u
31tPDpYd6HmipJtDgP8v6MSkM8uOjWWN6HYaV5uzGwCvSOTP8dKZ7OwwUdbd4l1FQXQ3vsXhBkeU
tMzVWk2wsosxvZaJ1nb1gaV9/8VNsnVAMmAeHVX6JMupKOdaN5BaYXbfLMzhtWv5hEy79M2vr2CG
g2I=
=V5Ui
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7434-2
April 23, 2025

perl vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 25.04

Summary:

Perl could be made to crash or run programs if it processed specially
crafted data.

Software Description:
- perl: Practical Extraction and Report Language

Details:

USN-7434-1 fixed a vulnerability in Perl. This update provides the
corresponding update for Ubuntu 25.04.

Original advisory details:

It was discovered that Perl incorrectly handled transliterating non-ASCII
bytes. A remote attacker could use this issue to cause Perl to crash,
resulting in a denial of service, or possibly execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.04
perl 5.40.1-2ubuntu0.1

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-7434-2
https://ubuntu.com/security/notices/USN-7434-1
CVE-2024-56406

Package Information:
https://launchpad.net/ubuntu/+source/perl/5.40.1-2ubuntu0.1

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)