{"affected":[{"ecosystem_specific":{"binaries":[{"perl":"5.26.1-7.6.1","perl-base":"5.26.1-7.6.1","perl-base-32bit":"5.26.1-7.6.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Basesystem 15","name":"perl","purl":"pkg:rpm/suse/perl&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.26.1-7.6.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"perl-doc":"5.26.1-7.6.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Development Tools 15","name":"perl","purl":"pkg:rpm/suse/perl&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.26.1-7.6.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for perl fixes the following issues:\n\nSecuirty issues fixed:\n\n- CVE-2018-18311: Fixed integer overflow with oversize environment (bsc#1114674).\n- CVE-2018-18312: Fixed heap-buffer-overflow write / reg_node overrun (bsc#1114675).\n- CVE-2018-18313: Fixed heap-buffer-overflow read if regex contains \\0 chars (bsc#1114681).\n- CVE-2018-18314: Fixed heap-buffer-overflow in regex (bsc#1114686).\n","id":"SUSE-SU-2018:4187-1","modified":"2018-12-19T10:32:45Z","published":"2018-12-19T10:32:45Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2018/suse-su-20184187-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1114674"},{"type":"REPORT","url":"https://bugzilla.suse.com/1114675"},{"type":"REPORT","url":"https://bugzilla.suse.com/1114681"},{"type":"REPORT","url":"https://bugzilla.suse.com/1114686"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-18311"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-18312"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-18313"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-18314"}],"related":["CVE-2018-18311","CVE-2018-18312","CVE-2018-18313","CVE-2018-18314"],"summary":"Security update for perl","upstream":["CVE-2018-18311","CVE-2018-18312","CVE-2018-18313","CVE-2018-18314"]}