perl regex vulnerability - debian - pcre only?

Mike Astle astle at
Tue Nov 6 12:59:29 GMT 2007

That don't look so good:


"[...] discovered a flaw in Perl's regular
expression engine. Specially crafted input to a regular expression can
cause Perl to improperly allocate memory, resulting in the possible
execution of arbitrary code with the permissions of the user running



I only see new pcre3 packages for debian.  Is this a problem with just 
pcre or perl itself?


More information about the mailing list