==========================================================================
Ubuntu Security Notice USN-3684-1
June 13, 2018
perl vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 18.04 LTS
– Ubuntu 17.10
– Ubuntu 16.04 LTS
– Ubuntu 14.04 LTS
Summary:
Perl could be made to overwrite arbitrary files if it received
a specially crafted archive file.
Software Description:
– perl: Practical Extraction and Report Language
Details:
It was discovered that Perl incorrectly handled certain archive files.
An attacker could possibly use this to overwrite arbitrary files.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
perl 5.26.1-6ubuntu0.1
Ubuntu 17.10:
perl 5.26.0-8ubuntu1.2
Ubuntu 16.04 LTS:
perl 5.22.1-9ubuntu0.5
Ubuntu 14.04 LTS:
perl 5.18.2-2ubuntu1.6
In general, a standard system update will make all the necessary
changes.
References:
https://usn.ubuntu.com/usn/usn-3684-1
CVE-2018-12015
Package Information:
https://launchpad.net/ubuntu/+source/perl/5.26.1-6ubuntu0.1
https://launchpad.net/ubuntu/+source/perl/5.26.0-8ubuntu1.2
https://launchpad.net/ubuntu/+source/perl/5.22.1-9ubuntu0.5
https://launchpad.net/ubuntu/+source/perl/5.18.2-2ubuntu1.6—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2
iQIcBAABCAAGBQJbIVl+AAoJEEW851uECx9phKIP/iw6ZQ4DJU2z0F+XxUU08XPd
QOZQUzMyRpu6nMMr0hhcUuvUr82KDwMqws4DN04WvmHd8cZr1kOHCKIpUxRZha2+
o57SsqByjRNRLnhwbBAeMbRu+PZWasTT7JMeHQI35ErmTW41mOnIkUxzVNyLwlLv
Nig+vf4+2RxRQ6aisjDPBlqSWdJf3DsFy0DNI4fsSd+j9rgjU1Tj1a/0M/zmSqL+
sGNbPAoVvZdEN5NDFjCP8ec7E03gn0DjC+m1kripdUrpz5xsTqoE8q4wNKEV7v7A
rwHXd8JINM+LAR+JQqUmj/Sd/y8BL3gwbfj03a2y5zhg7t3x4NaXM/6tY0xBYWf7
aRF0DvGb+RRKRhOn/mKNbUKQBlq+4UsK8ilG5oLvyt2iRLFFRCi6lRbrz+PBnAm2
1DXU2BtB4MYc6XfwRF0glssoJmw139UbytG/ZeMPnEdCF3aPuOHeY4HkjiSyv13W
8NEZUVNH218bjGyDojTlJoE7dH6sLpWsTdUemXEEicjWZ6c9HBvVRfSTYXhKjnI4
gdFhNfmIt2GIcWFNyc5Zi77EXc5FJQG/0+u7TyLiVusDL9JY8r1Q5PYRPZuIQ+1V
URqG2/DkhyCqrT/5JFL8JKWp3lG6triabQGROvtkZjJ/Gy+7S4qfVZTtrTzajb3I
7XS6AIpDOZr8rSJt1dYO
=YVbt
—–END PGP SIGNATURE—–
—
==========================================================================
Ubuntu Security Notice USN-3684-2
June 13, 2018
perl vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 12.04 ESM
Summary:
Perl could be made to overwrite arbitrary files if it received
a specially crafted archive file.
Software Description:
– perl: Practical Extraction and Report Language
Details:
USN-3684-1 fixed a vulnerability in perl. This update provides
the corresponding update for Ubuntu 12.04 ESM.
Original advisory details:
It was discovered that Perl incorrectly handled certain archive files.
An attacker could possibly use this to overwrite arbitrary files.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.04 ESM:
perl 5.14.2-6ubuntu2.8
In general, a standard system update will make all the necessary
changes.
References:
https://usn.ubuntu.com/usn/usn-3684-2
https://usn.ubuntu.com/usn/usn-3684-1
CVE-2018-12015—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2
iQIcBAABCAAGBQJbIWZdAAoJEEW851uECx9pcv4P/3Z1mCN013WmLHJ7aH3ZGEvP
gluE+c9YoHxBhKtyD5DsRArN9kSEx9u8C2O+LO9GzV/PtQp0YUdoUVTYrNVluEMh
gu83JMvQDx4KbIWOICY1Fhz6/P+3bLbMOu2vH9K/HfkF/62KQvX4KW71qTwkPx34
ImjdBlJTVQ1ZdjpbFhammQ1jGL2ZMfpMPlHhpq78Dnq97qQIJZdnpxHVoqSy1KAm
IZGJaWFovUfMPz69nmX7LN8B9QFPDKa+HFlmqod8ubu1SK6a5MnWzjQ7yD3KYl1k
tyH7VX8VLK6VG9PEIGIRoGSPheMVMVM69scNiDQ+XiaPac0ql3/ozzPHi12CPkZz
iSTNiwuCGCZ1XfmJIulSZIi3MUzU9tWJB2iHHZmed1oDFLXTwhIr1dU4NsaB3CtG
8doRXSATbPmXfxnTRbKFGe3ShKKbARrzUR0q80sd7IqiVpo6tuDQZ4E53YO1dHfF
dI7vHsE9fFiLxBAXGvJNykshUeO3QSRiYe9HBpNkxmcbxSwrqGYIaXHeQrkbeZIQ
8hNkFUAS9Vg+Ub6y51HCo+Q8kKeS/7vHvHlwBDpb7T2OKxrTZWGzYlX7z5Mb84/+
LfaC74G8FRZ0ZAA9B0BThOknCtzCcOb/qE4udMu55tCz9ylsnQqGZuLqsejo8GDP
7lLoR6Dqaz72lgpAtfcr
=TAi6
—–END PGP SIGNATURE—–
—