========================================================================= Ubuntu Security Notice USN-4602-2 October 27, 2020 perl vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 ESM - Ubuntu 12.04 ESM Summary: Several security issues were fixed in Perl. Software Description: - perl: Practical Extraction and Report Language Details: USN-4602-1 fixed several vulnerabilities in Perl. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: ManhND discovered that Perl incorrectly handled certain regular expressions. In environments where untrusted regular expressions are evaluated, a remote attacker could possibly use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-10543) Hugo van der Sanden and Slaven Rezic discovered that Perl incorrectly handled certain regular expressions. In environments where untrusted regular expressions are evaluated, a remote attacker could possibly use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-10878) Sergey Aleynikov discovered that Perl incorrectly handled certain regular expressions. In environments where untrusted regular expressions are evaluated, a remote attacker could possibly use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-12723) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 ESM: perl 5.18.2-2ubuntu1.7+esm3 Ubuntu 12.04 ESM: perl 5.14.2-6ubuntu2.11 In general, a standard system update will make all the necessary changes. References: https://usn.ubuntu.com/4602-2 https://usn.ubuntu.com/4602-1 CVE-2020-10543, CVE-2020-10878, CVE-2020-12723