Bug#1138905: perl: overflow fixes for pack()
Niko Tyni
ntyni at debian.org
Fri Jun 5 17:57:51 BST 2026
Package: perl
Version: 5.40.1-6
Severity: normal
Tags: upstream fixed-upstream security
Forwarded: https://github.com/Perl/perl5/pull/24414
X-Debbugs-Cc: carnil at debian.org
Perl 5.44 will include a few overflow fixes for pack() that are also
going to be backported for point releases of 5.42, 5.40, and 5.38.
See https://github.com/Perl/perl5/issues/24445
Leon Timmermans recommended that we include them too. I'll push them to
the 5.40 sid+forky and 5.42 experimental packages at least. Not sure
yet if we want them in stable (5.40) or oldstable (5.36) as well.
AIUI the security impact is moderate or low and they are only problems for
badly written XS code. Copying Salvatore anyway just in case.
--
Niko Tyni ntyni at debian.org
More information about the Perl-maintainers
mailing list