The following was fixed in Digest-SHA Perl module in Version 5.81:
5.81 Mon Jan 14 05:17:08 MST 2013
- corrected load subroutine (SHA.pm) to prevent double-free
-- Bug #82655: Security issue - segfault
-- thanks to Victor Efimov and Nicholas Clark
for technical expertise and suggestions
Upstream bugreport is: https://rt.cpan.org/Public/Bug/Display.html?id=82655
Diff: https://metacpan.org/diff/release/MSHELOR/Digest-SHA-5.80/MSHELOR/Digest-SHA-5.81
A reproducer is given in the upstream bug report.
Regards,
Salvatore
carnil@debian.org
//The information contained within this publication is
//supplied "as-is"with no warranties or guarantees of fitness
//of use or otherwise. Bot24, Inc nor Bradley Sean Susser accepts
//responsibility for any damage caused by the use or misuse of
//this information