7519 moderate openSUSE Leap 42.3 Update ports This update for perl fixes the following issues: Security issues fixed: - CVE-2017-12837: Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service (out-of-bounds write) via a regular expression with a '\N{}' escape and the case-insensitive modifier. (bnc#1057724) - CVE-2017-12883: Buffer overflow in the S_grok_bslash_N function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to disclose sensitive information or cause a denial of service (application crash) via a crafted regular expression with an invalid '\N{U+...}' escape. (bnc#1057721) - CVE-2017-6512: Race condition in the rmtree and remove_tree functions in the File-Path module before 2.13 for Perl allows attackers to set the mode on arbitrary files via vectors involving directory-permission loosening logic. (bnc#1047178) Bug fixes: - backport set_capture_string changes from upstream (bsc#999735) - reformat baselibs.conf as source validator workaround This update was imported from the SUSE:SLE-12:Update update project. perl-5.18.2-9.1.ppc64le.rpm perl-5.18.2-9.1.src.rpm perl-base-5.18.2-9.1.ppc64le.rpm perl-base-debuginfo-5.18.2-9.1.ppc64le.rpm perl-debuginfo-5.18.2-9.1.ppc64le.rpm perl-debugsource-5.18.2-9.1.ppc64le.rpm perl-doc-5.18.2-9.1.noarch.rpm perl-5.18.2-9.1.aarch64.rpm perl-64bit-5.18.2-9.1.aarch64_ilp32.rpm perl-base-5.18.2-9.1.aarch64.rpm perl-base-64bit-5.18.2-9.1.aarch64_ilp32.rpm perl-base-debuginfo-5.18.2-9.1.aarch64.rpm perl-base-debuginfo-64bit-5.18.2-9.1.aarch64_ilp32.rpm perl-debuginfo-5.18.2-9.1.aarch64.rpm perl-debuginfo-64bit-5.18.2-9.1.aarch64_ilp32.rpm perl-debugsource-5.18.2-9.1.aarch64.rpm perl-5.18.2-9.1.armv7hl.rpm perl-base-5.18.2-9.1.armv7hl.rpm perl-base-debuginfo-5.18.2-9.1.armv7hl.rpm perl-debuginfo-5.18.2-9.1.armv7hl.rpm perl-debugsource-5.18.2-9.1.armv7hl.rpm