Synopsis:          Moderate: perl security update
Advisory ID:       SLSA-2021:0343-1
Issue Date:        2021-02-02
CVE Numbers:       CVE-2020-10543
                   CVE-2020-10878
                   CVE-2020-12723
--

Security Fix(es):

* perl: heap-based buffer overflow in regular expression compiler leads to
DoS (CVE-2020-10543)

* perl: corruption of intermediate language state of compiled regular
expression due to integer overflow leads to DoS (CVE-2020-10878)

* perl: corruption of intermediate language state of compiled regular
expression due to recursive S_study_chunk() calls leads to DoS
(CVE-2020-12723)
--

SL7
  x86_64
    perl-5.16.3-299.el7_9.x86_64.rpm
    perl-Time-Piece-1.20.1-299.el7_9.x86_64.rpm
    perl-core-5.16.3-299.el7_9.x86_64.rpm
    perl-debuginfo-5.16.3-299.el7_9.i686.rpm
    perl-debuginfo-5.16.3-299.el7_9.x86_64.rpm
    perl-devel-5.16.3-299.el7_9.i686.rpm
    perl-devel-5.16.3-299.el7_9.x86_64.rpm
    perl-libs-5.16.3-299.el7_9.i686.rpm
    perl-libs-5.16.3-299.el7_9.x86_64.rpm
    perl-macros-5.16.3-299.el7_9.x86_64.rpm
    perl-tests-5.16.3-299.el7_9.x86_64.rpm
  noarch
    perl-CPAN-1.9800-299.el7_9.noarch.rpm
    perl-ExtUtils-CBuilder-0.28.2.6-299.el7_9.noarch.rpm
    perl-ExtUtils-Embed-1.30-299.el7_9.noarch.rpm
    perl-ExtUtils-Install-1.58-299.el7_9.noarch.rpm
    perl-IO-Zlib-1.10-299.el7_9.noarch.rpm
    perl-Locale-Maketext-Simple-0.21-299.el7_9.noarch.rpm
    perl-Module-CoreList-2.76.02-299.el7_9.noarch.rpm
    perl-Module-Loaded-0.08-299.el7_9.noarch.rpm
    perl-Object-Accessor-0.42-299.el7_9.noarch.rpm
    perl-Package-Constants-0.02-299.el7_9.noarch.rpm
    perl-Pod-Escapes-1.04-299.el7_9.noarch.rpm

- Scientific Linux Development Team