| Package | perl |
|---|---|
| Version | 5.14.2-21+deb7u8 |
| Related CVEs | CVE-2018-18311 |
Jayakrishna Menon and Christophe Hauser discovered an integer overflow vulnerability in Perl_my_setenv leading to a heap-based buffer overflow with attacker-controlled input.
For Debian 7 Wheezy, these problems have been fixed in version 5.14.2-21+deb7u8.
We recommend that you upgrade your perl packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.