in reply to Re: Possible security problem in CPAN modules / CVE-2018-25032
in thread Possible security problem in CPAN modules / CVE-2018-25032

I believe this is all of them though maybe the string I looked for needs tweaking

https://grep.metacpan.org/search?q=exclude+worst+case+performance+for+pathological+files&qd=&qft=&qls=on

You can also look for the files if you checkout the repo grep.metacpan.org uses. At which point you get:

$>git ls-files |egrep '(in|de)flate\.c' 
A/Alien-FreeImage/src/Source/ZLib/deflate.c
A/Alien-FreeImage/src/Source/ZLib/inflate.c
A/Archive-Unzip-Burst/unzip-6.0/inflate.c
B/BackupPC-XS/zlib/deflate.c
B/BackupPC-XS/zlib/inflate.c
B/Business-KontoCheck/zlib/deflate.c
B/Business-KontoCheck/zlib/inflate.c
C/Compress-Raw-Zlib/zlib-src/deflate.c
C/Compress-Raw-Zlib/zlib-src/inflate.c
C/Compress-Zopfli/zopflib/src/zopfli/deflate.c
F/Filter-gunzip/devel/exe-zlib-inflate.c
G/Git-Raw/deps/libgit2/deps/zlib/deflate.c
G/Git-Raw/deps/libgit2/deps/zlib/inflate.c
G/Git-XS/xs/libgit2/deps/zlib/deflate.c
G/Git-XS/xs/libgit2/deps/zlib/inflate.c
I/Image-PNG-Simple/zlib-1.2.8/deflate.c
I/Image-PNG-Simple/zlib-1.2.8/inflate.c
L/LibZip/myldr/zlib-src/deflate.c
L/LibZip/myldr/zlib-src/inflate.c
P/PDL-IO-Matlab/matio-1.5.0/src/inflate.c
P/Protocol-WebSocket-Fast/clib/tests/deflate/deflate.cc
T/Tk/PNG/zlib/deflate.c
T/Tk/PNG/zlib/inflate.c
W/Win32-File-Summary/deflate.c
W/Win32-File-Summary/inflate.c
c/cppAdaptive1/src/dlib/external/zlib/deflate.c
c/cppAdaptive1/src/dlib/external/zlib/inflate.c
c/cppAdaptive2/src/dlib/external/zlib/deflate.c
c/cppAdaptive2/src/dlib/external/zlib/inflate.c
p/perl/cpan/Compress-Raw-Zlib/zlib-src/deflate.c
p/perl/cpan/Compress-Raw-Zlib/zlib-src/inflate.c

[download]

Replies are listed 'Best First'.
Re^3: Possible security problem in CPAN modules / CVE-2018-25032
by etj (Priest) on Apr 17, 2022 at 19:29 UTC
[reply]

In Section Perl News