Beefy Boxes and Bandwidth Generously Provided by pair Networks
Come for the quick hacks, stay for the epiphanies.
 
PerlMonks  

Re^2: Possible security problem in CPAN modules / CVE-2018-25032

by JedClampett (Acolyte)
on Apr 06, 2022 at 16:05 UTC ( [id://11142738]=note: print w/replies, xml ) Need Help??


in reply to Re: Possible security problem in CPAN modules / CVE-2018-25032
in thread Possible security problem in CPAN modules / CVE-2018-25032

I believe this is all of them though maybe the string I looked for needs tweaking

https://grep.metacpan.org/search?q=exclude+worst+case+performance+for+pathological+files&qd=&qft=&qls=on

You can also look for the files if you checkout the repo grep.metacpan.org uses. At which point you get:

$>git ls-files |egrep '(in|de)flate\.c' A/Alien-FreeImage/src/Source/ZLib/deflate.c A/Alien-FreeImage/src/Source/ZLib/inflate.c A/Archive-Unzip-Burst/unzip-6.0/inflate.c B/BackupPC-XS/zlib/deflate.c B/BackupPC-XS/zlib/inflate.c B/Business-KontoCheck/zlib/deflate.c B/Business-KontoCheck/zlib/inflate.c C/Compress-Raw-Zlib/zlib-src/deflate.c C/Compress-Raw-Zlib/zlib-src/inflate.c C/Compress-Zopfli/zopflib/src/zopfli/deflate.c F/Filter-gunzip/devel/exe-zlib-inflate.c G/Git-Raw/deps/libgit2/deps/zlib/deflate.c G/Git-Raw/deps/libgit2/deps/zlib/inflate.c G/Git-XS/xs/libgit2/deps/zlib/deflate.c G/Git-XS/xs/libgit2/deps/zlib/inflate.c I/Image-PNG-Simple/zlib-1.2.8/deflate.c I/Image-PNG-Simple/zlib-1.2.8/inflate.c L/LibZip/myldr/zlib-src/deflate.c L/LibZip/myldr/zlib-src/inflate.c P/PDL-IO-Matlab/matio-1.5.0/src/inflate.c P/Protocol-WebSocket-Fast/clib/tests/deflate/deflate.cc T/Tk/PNG/zlib/deflate.c T/Tk/PNG/zlib/inflate.c W/Win32-File-Summary/deflate.c W/Win32-File-Summary/inflate.c c/cppAdaptive1/src/dlib/external/zlib/deflate.c c/cppAdaptive1/src/dlib/external/zlib/inflate.c c/cppAdaptive2/src/dlib/external/zlib/deflate.c c/cppAdaptive2/src/dlib/external/zlib/inflate.c p/perl/cpan/Compress-Raw-Zlib/zlib-src/deflate.c p/perl/cpan/Compress-Raw-Zlib/zlib-src/inflate.c

Replies are listed 'Best First'.
Re^3: Possible security problem in CPAN modules / CVE-2018-25032
by etj (Deacon) on Apr 17, 2022 at 19:29 UTC

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://11142738]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others chilling in the Monastery: (4)
As of 2024-03-29 05:15 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found