FEDORA-2018-d1ba58394e created by ppisar 2 years ago for Fedora 28
stable

This release provides Perl 5.26.2 that fixes a heap buffer overflow in the pack() function and two overflows in regular expression engine.

How to install

sudo dnf upgrade --advisory=FEDORA-2018-d1ba58394e

This update has been submitted for testing by ppisar.

2 years ago

ppisar edited this update.

New build(s):

  • perl-5.26.2-410.fc28

Karma has been reset.

2 years ago

ppisar edited this update.

2 years ago

Interesting that this didn't make into testing yet, after 11 days...

This update has been pushed to testing.

2 years ago
User Icon besser82 commented & provided feedback 2 years ago
karma

Works great! LGTM! =)

User Icon cserpentis commented & provided feedback 2 years ago
karma

works for me

User Icon mhayden commented & provided feedback 2 years ago
karma

No issues found running some scripts.

User Icon bojan commented & provided feedback 2 years ago
karma

No regressions here.

User Icon filiperosset commented & provided feedback 2 years ago
karma

no regressions noted

User Icon hhlp commented & provided feedback 2 years ago
karma

lgtm

User Icon sassam commented & provided feedback 2 years ago
karma

Works for me.

User Icon robatino provided feedback 2 years ago

Could you please push it to Stable? This is a dependency of vim: FEDORA-2018-fc49e5d1dc in Stable and blocks it from installing.

User Icon lupinix commented & provided feedback 2 years ago
karma

Works fine! Please push this ASAP, too bad that Bodhi doesn't take into account the dependencies of updates, now we have vim in stable requiring this one here…

User Icon ankursinha commented & provided feedback 2 years ago
karma

WFM, fixes vim update

Unfortunately, this cannot be pushed, because of:

Cannot submit perl-Module-CoreList ('1', '5.20180414', '1.fc28') to stable since it is older than ('1', '5.20180420', '1.fc28')

besser82 edited this update.

Removed build(s):

  • perl-Module-CoreList-5.20180414-1.fc28

Karma has been reset.

2 years ago

This update has been submitted for testing by besser82.

2 years ago
User Icon besser82 commented & provided feedback 2 years ago
karma

I've edited the update and give an initial +1 to get that pushed ASAP…

besser82 edited this update.

2 years ago

besser82 edited this update.

2 years ago
User Icon lupinix provided feedback 2 years ago
karma

@everyone, who already gave karma to this update:

As I removed the problematic build, karma has been reset to 0. Please give karma again (using Bodhi's web interface) to get that shipped as fast as it can.

User Icon ankursinha provided feedback 2 years ago
karma
User Icon markec provided feedback 2 years ago
karma
karma
User Icon heidistein commented & provided feedback 2 years ago
karma

Karma:

User Icon jerboaa commented & provided feedback 2 years ago
karma

Is there still something blocking this update? It prevents vim-enhanced from installing which is in stable already: Last metadata expiration check: 0:50:24 ago on Wed 09 May 2018 09:14:16 AM CEST. Dependencies resolved.

Problem 1: cannot install the best update candidate for package vim-enhanced-2:8.0.1704-1.fc28.x86_64 - nothing provides perl(:MODULE_COMPAT_5.26.2) needed by vim-enhanced-2:8.0.1788-1.fc28.x86_64 Problem 2: problem with installed package vim-enhanced-2:8.0.1704-1.fc28.x86_64 - package vim-enhanced-2:8.0.1704-1.fc28.x86_64 requires vim-common = 2:8.0.1704-1.fc28, but none of the providers can be installed - cannot install both vim-common-2:8.0.1788-1.fc28.x86_64 and vim-common-2:8.0.1704-1.fc28.x86_64 - cannot install both vim-common-2:8.0.1704-1.fc28.x86_64 and vim-common-2:8.0.1788-1.fc28.x86_64 - cannot install the best update candidate for package vim-common-2:8.0.1704-1.fc28.x86_64 - nothing provides perl(:MODULE_COMPAT_5.26.2) needed by vim-enhanced-2:8.0.1788-1.fc28.x86_64 =================================================================================================================================================================================================================== Package Arch Version Repository Size =================================================================================================================================================================================================================== Skipping packages with conflicts: (add '--best --allowerasing' to command line to force their upgrade): vim-common x86_64 2:8.0.1788-1.fc28 updates 6.4 M Skipping packages with broken dependencies: vim-enhanced x86_64 2:8.0.1788-1.fc28 updates 1.3 M

This update has been submitted for stable by pwalter.

2 years ago
User Icon zdohnal commented & provided feedback 2 years ago
karma

Fixes vim installation.

hm, any reason this hasn't made it to stable repo?

@markec, read my comment from yesterday. I needed to remove a package from this update set, which prevented it to be pushed. After that, it needed some new karma to be pushed to stable, as it is now queued for.

Thanks, seen that. But still don't see it in stable - how often is push scheduled for?

The push is usually run once a day around the evening hours of UTC. By the time, I'm writing this, the push is already running and this update will be available on most Tier-1 and Tier-2 mirrors around the world within the next 12 hours or so.

Thanks for additional info!

This update has been pushed to stable.

2 years ago

Please login to add feedback.

Metadata
Type
security
Karma
8
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-5
Stable by Karma
1
Dates
submitted
2 years ago
in testing
2 years ago
in stable
2 years ago
modified
2 years ago
BZ#1547772 CVE-2018-6913 perl: heap buffer overflow in pp_pack.c
0
0
BZ#1547779 CVE-2018-6798 perl: heap read overflow in regexec.c
0
0
BZ#1547783 CVE-2018-6797 perl: heap write overflow in regcomp.c
0
0
BZ#1567776 CVE-2018-6913 perl: heap buffer overflow in pp_pack.c [fedora-all]
0
0
BZ#1567777 CVE-2018-6798 perl: heap read overflow in regexec.c [fedora-all]
0
0
BZ#1567778 CVE-2018-6797 perl: heap write overflow in regcomp.c [fedora-all]
0
0

Automated Test Results

Test Cases

0 0 Test Case Perl sanity