* Build-depend on libc6-dev (>= 2.26).
* Restore the SIGUNUSED signal. LP: #1717367.
* Changes can be dropped with the next perl ABI bump, or with a perl
upstream fix to restore ABI compatibility with glibc-2.26.
perl (5.26.0-8) unstable; urgency=high
* [SECURITY] CVE-2017-12837: Fix a heap buffer overflow in regular
expression compiler. (Closes: #875596)
* [SECURITY] CVE-2017-12883: Fix a buffer over-read in regular
expression parser. (Closes: #875597)
This bug was fixed in the package perl - 5.26.0-8ubuntu1
---------------
perl (5.26.0-8ubuntu1) artful; urgency=medium
* Build-depend on libc6-dev (>= 2.26).
* Restore the SIGUNUSED signal. LP: #1717367.
* Changes can be dropped with the next perl ABI bump, or with a perl
upstream fix to restore ABI compatibility with glibc-2.26.
perl (5.26.0-8) unstable; urgency=high
* [SECURITY] CVE-2017-12837: Fix a heap buffer overflow in regular
expression compiler. (Closes: #875596)
* [SECURITY] CVE-2017-12883: Fix a buffer over-read in regular
expression parser. (Closes: #875597)
-- Matthias Klose <email address hidden> Fri, 15 Sep 2017 18:13:42 +0200