Specifically, the REHASH attack is *proven*, (or there would be no one-line test for it)

Sorry n'all, but that is rubbish.

*All* your one liner demonstrates is: does this perl contain that change/patch? Nothing -- literally nothing -- more.

It in no way makes any attempt to demonstrate why the patch might be needed.

It simple demonstrates that something is different; without giving any indication of how -- or even whether -- the changed behaviour is an improvement in some way.

, requires no probing, and far from being "almost impossible" is actually trivial execute.

Again. A bland statement unsubstantiated by your post; your paper; the text of CVE-2013-1667; or anything else that you've have said publicly on the subject(*).

To attack various web platforms one would simply construct an URL containing the right keys as parameters to the request, and since the proof of concept attack requires only chars in "a-z" doing this is trivial.

Again. This is so trivialised a scenario as to be meaningless.

A whole bunch of reasoning deleted; let's cut to the chase ...

So, if I send you a url of a perl script running on my machine under an unpatched version of Perl; you'll make it crash in short order?

*that I've been able to find. After months of looking!

With the rise and rise of 'Social' network sites: 'Computers are making people easier to use everyday'
Examine what is said, not who speaks -- Silence betokens consent -- Love the truth but pardon error.
"Science is about questioning the status quo. Questioning authority".
In the absence of evidence, opinion is indistinguishable from prejudice.

In reply to Re^3: Patch an old Perl version by BrowserUk
in thread Patch an old Perl version by Discipulus

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.